Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!cbnewse!cbnewsd!cbfsb!cbnewsc!cbnews!cbnews!military
From: smb@ulysses.att.com (Steven Bellovin)
Newsgroups: sci.military
Subject: Re: Excerpts from bit.listserv.virus-l
Message-ID: <1991Jan25.030519.8984@cbnews.att.com>
Date: 25 Jan 91 03:05:19 GMT
References: <1991Jan22.022646.22830@cbnews.att.com> <1991Jan23.035257.3832@cbnews.att.com>
Sender: military@cbnews.att.com (William B. Thacker)
Organization: AT&T Bell Laboratories
Lines: 20
Approved: military@att.att.com



From: smb@ulysses.att.com (Steven Bellovin)

In article <1991Jan23.035257.3832@cbnews.att.com>, broehl@watserv1.waterloo.edu (Bernie Roehl) writes:
> 
> This is something I was wondering about a few weeks back.  If I were selling
> weapons to a country that might turn around and use them against me, I'd
> program in an override.  I wouldn't let it be generally known, of course.
> Probably a hook somewhere in the ROM that lets you remotely program it, to
> maintain generality.

I tend not to believe in such things, at least as a matter of policy.
You can't assume perfect security on the development project, and that's
the sort of thing you *can't* let leak -- after all, if you're selling
weapons to a country, it's generally because they may be fighting someone
else you like even less.

On the other hand, the British reportedly sold lots of war-surplus Enigmas
to their former colonies, to secure their diplomatic correspondence...