Summary: LeftHand has a back door and it's a gold mine to HP collaborators (perhaps NSA agents) who want full access to massive storage servers all around the world

A BRITISH branch of the German publisher Heise recently wrote about HP back doors, showing that they exist not only in Microsoft Windows. There is a "New backdoor in HP server products," says this new headline and here are the details:

Computer manufacturer HP has admitted that its StoreVirtual servers also contain an undocumented backdoor. The security vulnerability risks allowing attackers to gain unauthorised access to the storage systems. The backdoor provides users with direct access to the holy of holies, "LeftHand" (the operating system for the StoreVirtual server). HP has previously marketed its StoreVirtual systems as LeftHand Storage and P4000 SAN. LeftHand OS was originally called SAN/iQ.

Since we know that the NSA was cracking routers in China in order to eavesdrop or take control of network backbones (since 2009), this is noteworthy. The US has recently been paranoid about buying Chinese hardware (or hardware manufactured in China), based on NDAA clauses. In reality, it's the US perhaps that should be feared (biggest spy bar none, just like its military).

I have worked with LeftHand devices before (it's a fairly recent HP acquisition, costing $360 million in cash) and they're like the backbone of storage in many enterprises and probably governments, too. It's like a master key to many hard drives. If you control both network and storage backbones, you're the jack of all trades and the master of the world.

There is also a back door "in US emergency alert systems," according to another report from The H:

Backdoor in US emergency alert systems

The US-CERT, which is part of the US Department of Homeland Security, warns that security-critical vulnerabilities in US emergency alert systems potentially allow attackers to switch off the systems or misuse them to broadcast arbitrary emergency alerts. The Linux systems are used at TV and radio stations in the US and enable the US government to interrupt ongoing broadcasts when there is an emergency. This is designed to allow the US president to address the nation within ten minutes.

The latter is unlikely to be a back door by design. The ramifications, however, are noteworthy. These systems are proprietary. ⬆