Sir Dystic's claims rubbished

A program that "can take over another user's Windows 98 or 95 machine" is being played down by Microsoft which says the program isn't the threat its creator would like it to be.

Revelling in the infamy he created for himself at this week's DEFCON in Las Vegas, computer hacker Sir Dystic, of the hacker clan ‘Cult of the Dead Cow', reckons the program - Back Orifice - can be sent to a victim without being noticed, a technique used in some viruses known as a Trojan Horse. He also claims the program can be spread via the Web.

Microsoft product Manager for NT Server David Bridger says Sir Dystic is confused on at least two points. "For a start," says Bridger, "this program cannot install itself without the user knowing. Our test labs have looked into it and confirmed that a user must deliberately install it, or at least be tricked into installing it." Countering Sir Dystic's boasts that the program can take over a machine from a remote location, Bridger says "this only works over a corporate network". To control a machine over the Internet says Bridger, the hacker would have to know the other user's IP address. However, it is not fully understood whether Back Orifice is able to send IP data to the hacker automatically.

As Sir Dystic's claims collapse around his contrived infamy, Symantec technical director Kevin Street threw another blow: "Tomorrow we will be posting a fix to Back Orifice, which by the way is not a virus, it's a Trojan Horse." Street explained the nature of the Trojan Horse which is, sometimes, difficult to deal with. "They can be difficult to spot but as this is a program and not a self replicating virus, it's not likely to spread."

Of Sir Dystic, Street posed the question: "Why do these people write these programs? It has to be an ego thing. They write something for recognition a bit like a graffiti artist defacing a wall."