Coming Soon: Back Orifice 2000 ---------------------------------------------------------------------- Niall McKay An underground computer security group is poised to release a new version of a notorious software program that could allow crackers to watch and listen in on Windows-based PC users. The Cult of the Dead Cow said it will release Back Orifice 2000 on 9 July - at the annual Def Con convention in Las Vegas. "This will demonstrate that Microsoft's operating systems are completely insecure and a bad choice for consumers and businesses who demand privacy," said Oxblood Ruffian, a former United Nations consultant and current Cult of the Dead Cow spokesman. Def Con is perhaps the most unusual gathering in the computer security field. Hackers, crackers, and self-proclaimed security experts will mingle with media, security professionals, federal law enforcement officers, and "script kiddies" who deface Web pages with prefab cracking code. Security groups of all stripes use the occasion to release software and show off gadgets. But Back Orifice 2000 is perhaps the most anticipated item. Unlike previous versions of the software, Back Orifice 2000 will run on Windows NT and feature strong encryption and a modular architecture that the group said will allow hackers and other security groups to write plug-ins. The program will be released as open source to encourage further development by the security community. Back Orifice, released at last year's Def Con, may allow malicious users to monitor and tamper with computers without the permission or knowledge of their owners. The program is classified as a Trojan Horse because crackers need to dupe the user into installing an application on their hard disk. Despite this, Oxblood Ruffian said that the program is currently installed on up to a half-million PCs worldwide. Though that number could not be independently verified, an Australian computer security group last November said that 1,400 Australian Internet accounts have been compromised by Back Orifice. Back Orifice 2000 also promises to be a great deal more difficult to detect than its predecessor because it enables users to configure its port setting. Previously, intrusion detection and antivirus programs could detect Back Orifice because it used a default port setting of 3113. A Microsoft Windows NT Server security manager said the company is closely monitoring Back Orifice development and is working with antivirus and intrusion detection software vendors to provide customers with utilities to combat the software. "Trojan Horses are not technological issues but a social engineering problem because they rely on the ability of the cracker to trick the user into running an application," said Scott Culp. "It's just a fact of computer science that if you run a piece of code on your machine you run the risk making your system vulnerable." The solution, according to Culp, is to ensure that users do not install any software from untrusted sources and regularly update antivirus and intrusion detection programs. ____________ In self-defense, all Microsoft Office attachments are refused! Please don't send them! -- To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e Check out the SuSE-FAQ at <A HREF="http://www.suse.com/Support/Doku/FAQ/"><A HREF="http://www.suse.com/Support/Doku/FAQ/</A">http://www.suse.com/Support/Doku/FAQ/</A</A>> and the archive at <A HREF="http://www.suse.com/Mailinglists/suse-linux-e/index.html"><A HREF="http://www.suse.com/Mailinglists/suse-linux-e/index.html</A">http://www.suse.com/Mailinglists/suse-linux-e/index.html</A</A>>