Here I am on an airplane returning to San Francisco from Las Vegas. Of course it is about 18 hours after I planned on leaving. After two broken aircraft and another night sleeping in Vegas I am finally on my way home. Why was I in Vegas you ask? Was I gambling? Well, no, I only spent a total of $2 on gambling and about 15 minutes total. I did win 73 dollars though. No, what I was really in Las Vegas for was Def Con 7, the annual convention for hackers and computer security folks and anyone who likes to live on the dangerous side of the net.
The highlight of this year's show was the introduction of BO2K, otherwise known as Back Orifice 2000 ( a lovely play on Microsoft's name Back Office). BO was released by the Cult of the Dead Cow, an elite group of hackers who delight in showing up Microsoft. They are one of the oldest hacker groups in existence, the only major one with a female member, and their shirts are far cooler than those of the Legion of Doom. When it comes to "elite" hackers it doesn't get any more elite than the cDc.
For those of you who don't know, the original Back Orifice was an application that ran as an invisible background process and was used to remotely control Windows machines. Because of it's stealth capabilities, BO quickly became a common Trojan horse used by hackers to "own" other people's Windows systems. You could even control a Windows box from a Mac (but not vice versa).
The current Back Orifice release is an impressive feat of engineering. It is quite small only about 136 Kb in size but it packs an impressive array of features. BO2K author, Dildog, spent quite a bit of time going over the features of his product, and the ways in which he accomplished some of the technical feats. Actually, BO2K does look enticing as a remote administration utility for the Windows platform (yes, there should be a Mac client soon, the code is open source and Mac folks already are working on the job). What makes BO2K so controversial are the ways in which the application can hide itself from the person whose machine it is on. cDc members are quick to point out that they are only using functionality that was built into Windows on purpose by Microsoft. These features are used by other Windows administration utilities such as SMS from Microsoft and NetFinity from IBM. The fact of the matter is that the cDc release of BO2K is actually quite detectable if you know what to look for. However, the cDc version is not the only version their shall be.
The cDc has released BO2K as Open source using the Gnu Public license. That means basically anyone who wants to take the code and alter it to their own liking may do so. In fact, Dildog during his presentation mentioned how it would be possible to make the application even more hidden than it currently is.
How do us Mac folks fit into this whole scheme? Well, the control application portion of the utility should be showing up on Mac ftp, Hotline, and Carracho sites within about a week or so. A copy of the BO2K source code was passed about at the Mac Security presentation at Def Con. Also, the cDc's future intent is to take BO2K to other platforms, to MacOS, Linux, BSD, etc.
As I just mentioned there was a presentation on Mac Security. Freaky of Freak's Macintosh Archives was the presenter. He was a bit out of sorts, as his Mac and presentation materials didn't arrive. So, he borrowed a G3 Series laptop (I had to show him where the power button was), and moved along the best he could. Space Rogue, of the Wacked Mac Archives, did a symbolic passing of the torch naming Freak's Macintosh Archive the heir apparent for the purpose of collecting Macintosh hacking and cracking tools. In actuality the non-official torch went from Wacked Mac to Weasel's to Freaky's. In fact, Freaky at one point had made a deal to take over the Weasel name, but it fell through. So, what is new out there? Well, there is an AppleScript that decodes Mac encrypted passwords; Seek and Destroy, a full featured war dialer; nO Guard, a utility that cracks On Guard security protection and much more.
The main point Freaky had to make, and it is an important one, is that the Mac is in no way immune from the security problems that other platform's deal with. There are plenty of ways to exploit a Mac and we must be vigilant if we are to defend against them. If we are complacent, we may pay the price for that complacency. One of the reasons we haven't had as many problems as the Windows folks is that there aren't as many people bothering to break into Macs. So, in a way, folks like Weedo are doing us a favor by exploring the MacOS and probing it for weakness.
In the end, it is this that Def Con and the folks participating in it contribute to the world of computing. As Nietzsche tells us, what doesn't kill us makes us stronger. The advantage that the Open Source world has over Apple and Microsoft, is that there are a lot more people looking at the bugs and the holes. What Apple has in way of advantage are the number of people looking at things like usability. Now we, nor Apple, can afford to forget about security.
Which brings me back to groups like the cDc. Folks like Dildog and Mudge are great programmers who push the technological envelope. They poke and prod at the existing systems and find all the holes, and sloppy code that the big companies leave behind. And, if in the short term they do harm by arming the Script Kiddies with tools to cause havoc, in the long run they help by keeping the corporations honest. And, I might add, they throw a good party, thanks for the hospitality guys.