References
- Seth RosenBlatt, "Lenovo's Superfish screwup highlights biggest problem in software", CNet, Feburary 27, 2015, http://www.cnet.com/news/ lenovos-superfish-screwup-highlights-biggest-pro blem-in-software/
- United States Computer Emergency Readiness Team, "Alert: Lenovo "Superfish" Adware Vulnerable to HTTPS Spoofing", February 20, 2015. Retrieved February 20, 2015.
- Filippo Valsorda, "KOMODIA/SUPERFISH SSL VALIDATION IS BROKEN", Feb 20, 2015, https://blog.filippo.io/komodia-superfish-ssl- vali dation-is-broken/
- Robert Graham, "Extracting the Superfish certificate", Erata Security, http://blog.erratase c.com/2015/02/extracting-superfish-certificate.ht ml#.Vax-BRvtlBc,
- Jeremy Hsu, "U.S. Suspicions of China's Huawei Based Partly on NSA's Own Spy Tricks", IEEE Spectrum, May 25, 2014, http://spectrum.ieee.org/tech-talk/computing/hard ware/us-suspicions-of-chinas-huawei-based-partl y-on-nsas-own-spy-tricks
- Elinor Mills, "Expert: Huawei routers are riddled with vulnerabilities", Cnet, July 30, 2012, http://www.cnet.com/news/expert-huaweirouters- are-riddled-with-vulnerabilities/
- Jeremy Hsu, "U.S. Suspicions of China's Huawei Based Partly on NSA's Own Spy Tricks", IEEE Spectrum. Mar 26, 2014
- "Exclusive: Secret contract tied NSA and security industry pioneer", Reuters, Dec 20, 2013, http://www.reuters.com/article/2013/12/2 0/us-usa-security-rsa-idUSBRE9BJ1C220131220
- "Security firm RSA took millions from NSA: report", CNet, Dec 20, 2013, http://www.cnet.co m/news/security-firm-rsa-took-millions-from-nsareport/
- Vulnerability Note VU#247371, Vunerablility Note Database, "Borland/Inprise Interbase SQL databa se server contains backdoor superuser account with known password", CERT, https://www.kb.cert.org/vuls/id/247371
- Stephen Shankland, "Borland InterBase backdoor detected", January 12, 2001
- ZDNet, http://www.zdnet.com/article/borland-int erbase-backdoor- detected/
- JC, JC CREW, "RuggedCom -Backdoor Accounts in my SCADA network? You don't say...",Seclists.org, April 23, 2012, http://seclists.org/fulldisclosure/2012/Apr/277
- Backdoor (computing), Wikipedia, https://en.wik ipedia.org/wiki/Backdoor_(computing)
- Yaniv Simsolo, "The OWASP Top Ten Backdoors", Application Security Consultant, Comsec Consulting, 1st OWASP IL mini conference, Herzliya, May 21th 2007
- Chris Wysopal, Chris Eng, "Static Detection of Application Backdoors", Veracode. Black Hat, 2007
- Thompson, Ken, "Reflections on Trusting Trust", Communication of the ACM Vol. 27, No. 8, http://www.acm.org/classics/sep95/, Sep,1995.
- A. Young, M. Yung, "The Dark Side of Black-Box Cryptography, or: Should we trust Capstone?" In Proceedings of Crypto '96, Neal Koblitz (Ed.), Springer
- C Wysopal, C Eng, T Shields, "Static detection of application backdoors", Datenschutz und Datensicherheit - DuD, March 2010, Volume 34, Issue 3, pp 149-155 https://doi.org/10.1007/s11623-010-0024-4
- David Dede, "WordPress plugins hacked-Und erstanding the backdoor", June 22, 2011, https://blog.sucuri.net/2011/06/ wordpress-plugins-hack ed-understanding-the-backdoor.html
- The Rise of Malicious Mobile Applications, http://www.veracode.com/products/mobile-application-security/rise-malicious-mobile-applications
- Current Android Malware, http://forensics.spreitzenbarth.de/android-malware/
- OWASP Mobile Security Project - Top Ten Mobile Risks, https://www.owasp.org/index.php/Projects/OWASP_Mobile_Security_Project_-_To p_Ten_Mobile_Risks
- Mobile App Top 10 List, http://www.veracode.com/blog/2010/12/mobile-app-top-l0-list/
- Android.Ackposts-Symantec, http://www.symant ec.com/security_response/writeup.jsp?docid=201 2-072302-3943-99
- Secret SMS Replicator, http://www.complex.com /pop-culture/2013/01/10-controversial-apps-remo ved-from-google-play/secret-sms-replicator
- Symbian signing is no protection from spyware, http://www.theregister.co.uk/2007/05/23/symbian _signed_spyware/
- Detailed Analysis of Android.FakeRegSMS.B, http://forensics.spreitzenbarth.de/2012/02/03/deta iled-analysis-of-android-fakeregsms-b/
- Detailed Analysis of Android.Arspam, http://fore nsics.spreitzenbarth.de/2011/12/22/detailed-analy sis-of-android-arspam/
- The most sophisticated Android Trojan, https://securelist.com/blog/research/35929/the-most-sophisticated-android-trojan/
- Detailed Analysis of Android.Bmaster, http://forensics.spreitzenbarth.de/2012/02/12/detailed-anal ysis-of-android-bmaster/
- Fraud hits the Android apps market, http://www.theinquirer.net/inquirer/news/1585716/fraud-hitsandroid- apps-market