"I think you can guarantee that there will be a 'Back Orifice for Dummies' book" -- That's what Cult of the Dead Cow (CDC) member Tweety Fish hoped would be one outcome of Saturday's blockbuster debut of the new, open-source version of Back Orifice at the DEF CON hacking conference over the weekend.
Taken another way, CDC, an elite hacker group, seems to have decided to try and beat Microsoft by going legit with its controversial hacking tool.
The new version of the tool, Back Orifice 2000 (BO2K), will be posted on CDC's BO2K Web site for free download in the next two days.
Like its predecessor, Back Orifice (BO), BO2K -- which is billed as a "remote administrator tool" -- lets its user hijack a victim's Windows-based PC and do anything from copying and deleting files to running programs. Besides such tweaks as a smaller footprint, stronger encryption, open plug-in architecture, and Windows NT and Windows 2000 compatibility, the big news about BO2K is that it will be available as open source code under GNU Public License.
That open source move has the potential to make BO2K the Linux of hacking tools -- freely available for programmers to refine and mutate at will -- and a much more slippery program for anti-virus and intruder-detection firms to counter, as its electronic signature can be altered in the source code. "People can modify it [the source code] and do what ever they want with it," said Tweety Fish, CDC members are only identified by their handles. Added CDC's Deth Vegetable: "But you must release the source code."
Last year, CDC said it released BO to force Microsoft, which has a virtual monopoly on the operating system market, to improve Window's network security. At Alexis Park Resort Hotel, the venue for this year's DEF CON, CDC members maintained that line -- but were playing down its potential as a hacking tool.
Instead, the hacker group is pitching BO2K as a system administrator's best friend -- a professional, open-source application that's free -- that will "move briskly into the Microsoft networking environment." In a CDC statement, Mike Bloom, Chief Technical Officer for Gomi Media, in Toronto, said BO2K "sews together Microsoft networks in ways that were never possible before. BO2K is a control freak's dream and the strong crypto feature gives the legitimate administrator a level of confidence that just didn't exist before.
In conjunction Symantec ZDNet UK is offering information and downloads for detecting and removing Back Orifice 2000 from you systems.