Hacker News new | ask | show | jobs
by l0new0lf-G 1007 days ago
It doesn't matter what fancy word we are using -what matters is that our systems are compromised by an agency that can just steal our data without us even knowing.

Why should we even care about the academic definition of a backdoor? Is it less of a privacy problem if it is a "malware"?
6 comments
tmpX7dMeXU 1007 days ago
Words mean things. The term backdoor has specific connotations and GP is right to call the title out as misleading. Your reaction, to immediately accuse them of being a lawyer for the NSA, is absurd, entirely emotionally driven, and makes me question what you think a lawyer working at the NSA would actually do.
link
mr_mitm 1007 days ago
> It doesn't matter what fancy word we are using

No, words have meaning and we should be using the correct terminology. A backdoor usually means that the product is delivered straight from the manufacturer with a way to bypass the authentication set up by the user. By rootkit we typically mean a program that is installed after the product has been deployed and then gives the possibility to bypass authentication.

Both are bad, but one is arguably worse than the other, because one sets every user at risk, the other is much more targeted.

> what matters is that our systems are compromised by an agency

Chinese systems were compromised by an American agency. That's pretty much their job description and business as usual for a spy agency in any country. You can be outraged at that, but if the NSA were putting backdoors in the Linux kernel, then they'd put the whole world including their own citizens at risk, which is arguably even worse.

link
upofadown 1007 days ago
A backdoor and a rootkit are fundamentally different things with different implications. Any OS can have rootkits written for it. Not all OSes have vulnerabilities that might allow the installation of those rootkits.
link
mrob 1007 days ago
It's far less of a problem if it's malware, because malware has to be installed. If it's a real backdoor it's already present on every Linux machine.
link
olddustytrail 1007 days ago
We care for the same reason we care about someone calling their monitor "the CPU". If you don't know basic terminology you're probably clueless.
link
Dylan16807 1007 days ago
Because anyone that downloads Linux is fine. Someone has to take your computer and install this software into it before you become vulnerable.

99.999% of our systems are not compromised.

So yes they do cyber attacks but the scope and method is so very different between those two categories.

link