Security real talk time: So what exactly do we mean by 'backdoor'?

Bods work on semantics-defying definition

Analysis If there's one thing we've learned from the Snowden revelations it's that when you're dealing with law enforcement and national security, words matter.

Section 215 of the US Patriot Act, for example, noted that the NSA was allowed to seize any "tangible thing" that is "relevant" to an investigation. It decided that definition allowed it to record the details of every phone call made in the United States and put them in a huge database.

Then there is the interesting definition of the word "collect". To most people it means "bring or gather together". To the NSA however, the huge amount of data that it compiled and ran search queries on had only been "collected" when it was "processed into intelligible form" i.e. manually analyzed.

There are numerous other examples. "Content" for example is defined to exclude metadata i.e. the time, date and telephone number you called. And the word "conversation" or "communication" is used depending on which definition is most useful at the time.

In short, words and definitions matter.

Which is why a group of security experts have got together in an effort to define the word of the moment: backdoor.

The importance of making sure everyone is talking about the same thing has come to a head with the FBI-Apple spat, where Apple says a court order to create a version of iOS to bypass an iPhone 5C's security is a backdoor and the FBI denies that it is.

At a Congressional hearing on Tuesday, FBI director James Comey specifically questioned use of the word "backdoor" by the House Judicial Committee chair Bob Goodlatte. "I don't see that this way," Comey told the hearing.

And so computer forensic specialist Jonathan Zdziarski along with "some well respected peers in the community" has tried to ensure we're all talking about the same thing. This is the definition of "backdoor" as it currently stands:

A backdoor is a component of a security system, in which the component is active on a computer system without consent of the computer's owner, performs functions that subvert purposes disclosed to the computer's owner, and is under the control of an undisclosed actor.

Zdziarski posted the definition on Twitter and has already got some feedback. One notes for example that the FBI would not be an "undisclosed actor" – it would likely be upfront about its ability to break into software. Another suggestion was that the definition note that the backdoor exists on purpose.

Plus of course the definition itself is a little clunky due to its repeated phrases and structures. But it's a start and one that is likely to be increasingly important as discussion heats up about law enforcement access to people's phones. ®

Sponsored: Becoming a Pragmatic Security Leader




Biting the hand that feeds IT © 1998–2019