informa
/
Commentary

InterBase: What Was The Chance...

My last column raised as many new questions as I had when I researched it. This one concerns the back-door login that had been compiled into Borland's InterBase code. If anyone knows the answer, or knows someone who might, give me a shout.
My last column raised as many new questions as I had when I researched it. This one concerns the back-door login that had been compiled into Borland's InterBase code. If anyone knows the answer, or knows someone who might, give me a shout.So here's the deal: Borland licensed a whole bunch of InterBase servers between 1994 and 2000, and every last one of them contained that hard-coded back-door account. Yet neither Borland nor any of its customers, to my knowledge, have ever admitted a case of unauthorized access, much less a case of lost or stolen data.

Like I said in he piece, this is fishy for one big reason: the login and password for the back-door account were dropped into the code as plaintext strings. A simple ASCII dump of the InterBase executable binary would have revealed the prize -- assuming someone was motivated enough to sift through a really big pile of dirt in search of that priceless nugget.

By the mid-1990s, I don't think there was any shortage of people willing to party down on a couple hundred enterprise DB servers with wide-open, undetectable back doors. In fact, that seems like a no-brainer. So the whole game comes down to a couple of questions:

- How likely a target was InterBase for cold-calling intruders williing to probe the software purely on spec ?

- Assuming InterBase ever received this type of attention, how likely is it that an attacker would have tried a plain ol' ASCII dump, presumably with an eye out for anything resembling a login or password text string.?

Got a clue about this sort of thing? Let me know about it, please.