From...

July 7, 1999
Web posted at: 10:36 a.m. EDT (1436 GMT)

by Tom Spring

INTERACTIVE Will 'Back Orifice 2000' help raise security concerns or just create more hacking problems? Raise security concerns Create more problems Both View Results

(IDG) -- In the consumer world, folks like Ralph Nader fight for consumer rights by helping pass tough consumer protection laws. Then there's the PC world.

For us, there's a self-proclaimed equivalent: Groups of (mostly teenaged) hackers basking in the glow of computer monitors, who release nasty computer bugs under the guise of strong-arming software makers to get tough on privacy and security.

"We want to raise awareness to the vulnerabilities that exist within the Windows operating system. We believe the best way to do this is by pointing out its weaknesses," says a member of the hacker group the Cult of the Dead Cow who goes by the pseudonym Sir Dystic.

The Cult of the Dead Cow created and released the program Back Orifice last year to the general public at the Las Vegas hacker and security conference DEF CON. The program allows its users to remotely control victims' desktops, potentially undetected.

At this year's conference, on July 9, Sir Dystic says the cult will outdo itself and release Back Orifice 2000. The program, he says, is smaller, nimbler, and twice as nefarious.

MORE COMPUTING INTELLIGENCE
	IDG.net home page
PC World home page
FileWorld find free software fast
Make your PC work harder with these tips
Reviews & in-depth info at IDG.net
		IDG.net's desktop PC page
		IDG.net's portable PC page
IDG.net's Windows software page
IDG.net's personal news page
Year 2000 World
Questions about computers? Let IDG.net's editors help you
Subscribe to IDG.net's free daily newsletter for computer geniuses (& newbies)
Search IDG.net in 12 languages
News Radio
	Fusion audio primers
	Computerworld Minute

Computer security experts question the Cult of the Dead Cow's intent. Releasing a hacking tool like Back Orifice 2000 in the name of safeguarding computer privacy is a bit like the American Medical Association infecting cattle with the deadly e. coli bacteria to inspire food companies to sell healthier meats.

New and Improved

Unlike earlier versions that affected consumers and small businesses, Back Orifice 2000 hits large organizations because it runs on Windows NT systems, which are more used by businesses. Also, the updated program is modular, so users can add additional functions. For example, they could hide files or activate a computer's microphone for real-time audio monitoring, according to Cult of the Dead Cow.

Back Orifice 2000 will also be more difficult to detect via network monitoring programs, according to Sir Dystic. This is because the program can communicate back to the sender by using a variety of different protocols, making it hard to identify. The group also says it will make the source code available for Back Orifice 2000, which will likely spawn multiple strains of the program in the hacker community, experts say.

Another purported function is real-time keystroke-logging, which can record and transmit a record of every keystroke of an infected computer. Also, the recipient can view the desktop of a targeted computer in real time.

It should be noted that PC World Online has no independent confirmation that new Back Orifice 2000 program actually lives up to the claims of Cult of the Dead Cow.