Like I said in he piece, this is fishy for one big reason: the login and password for the back-door account were dropped into the code as plaintext strings. A simple ASCII dump of the InterBase executable binary would have revealed the prize -- assuming someone was motivated enough to sift through a really big pile of dirt in search of that priceless nugget.
By the mid-1990s, I don't think there was any shortage of people willing to party down on a couple hundred enterprise DB servers with wide-open, undetectable back doors. In fact, that seems like a no-brainer. So the whole game comes down to a couple of questions:
- How likely a target was InterBase for cold-calling intruders williing to probe the software purely on spec ?
- Assuming InterBase ever received this type of attention, how likely is it that an attacker would have tried a plain ol' ASCII dump, presumably with an eye out for anything resembling a login or password text string.?
Got a clue about this sort of thing? Let me know about it, please.