Subject | Retraction |
---|---|
Author | Jim Starkey |
Post date | 2001-01-13T18:24:39Z |
My statement that current members of Borland technical staff
were aware of the back door when it was implemented was based
on a conversation with an engineer employed by Borland at that
time. He has since clarified that his comments were based on
how he thought decision was reached and not how the decision
was actually reached. Furthermore, Charlie Caro is correct that
the sweep thread, which exploits the back door, is a separate
mechanism from the V6 garbage collect thread, which does not.
There is no reason that I am aware of to believe that any of the
present members of the Interbase development team had any involvement
or knowledge of the back door mechanism.
I would like to appologize formally to Charlie Caro for a
misunderstanding that I mistakingly propogated. I tend to
think of Charlie as the person entrusted with the care and
feeding of my baby; it is unfortunate that Borland has
not delegated that responsibility and authority to Charlie
or to any other individual.
The security back door was implemented long ago in a different
era. Other than serving as an historical example of the dangers
of security by obscurity, nothing useful can come from further
investigation of who did what when. It happened, it came to
light, and with coordination by CERT, both IBPhoenix and Borland
have been able to offer fixes to the Interbase community.
Jim Starkey
were aware of the back door when it was implemented was based
on a conversation with an engineer employed by Borland at that
time. He has since clarified that his comments were based on
how he thought decision was reached and not how the decision
was actually reached. Furthermore, Charlie Caro is correct that
the sweep thread, which exploits the back door, is a separate
mechanism from the V6 garbage collect thread, which does not.
There is no reason that I am aware of to believe that any of the
present members of the Interbase development team had any involvement
or knowledge of the back door mechanism.
I would like to appologize formally to Charlie Caro for a
misunderstanding that I mistakingly propogated. I tend to
think of Charlie as the person entrusted with the care and
feeding of my baby; it is unfortunate that Borland has
not delegated that responsibility and authority to Charlie
or to any other individual.
The security back door was implemented long ago in a different
era. Other than serving as an historical example of the dangers
of security by obscurity, nothing useful can come from further
investigation of who did what when. It happened, it came to
light, and with coordination by CERT, both IBPhoenix and Borland
have been able to offer fixes to the Interbase community.
Jim Starkey