← Back to context

Comment by DaSHacka

5 hours ago

Whatever these happen it's 50/50 either an internal debugging feature used when designing the device or intended as a way for customer support to more easily help people.

I remember when a backdoor was discovered in the most popular brand of keylogging devices[0], likely added there in case someone forgot their password and reached out to support.

[0] https://old.reddit.com/r/cybersecurity/comments/jw6k5v/backd...

> Whatever these happen it's 50/50 either an internal debugging feature used when designing the device or intended as a way for customer support to more easily help people.

The problem with this is, everyone who builds an intentional backdoor will also claim that it's this.

Sufficiently advanced ignorance is indistinguishable from malice, and sometimes needs to be treated as if it were malice.

> a way for customer support to more easily help people

This is my guess. People don't like it when a device they have turns into a brick of e-waste because they can't remember their password. So most consumer devices have either a "reset to defaults" feature or a hidden support password. Even enterprise routers and switches often have this.

  • > So most consumer devices have either a "reset to defaults" feature or a hidden support password.

    One of those is sensible, and one is not. Put a recessed "hold to reset" button on the device, problem solved, no backdoor required or desired.