Does the reason for the backdoor really have to be to allow malicious remote access (hence requiring a replacement backdoor)?
I highly doubt, considering the obvious nature and simplicity of the binary, that clandestine remote access (i.e. by the Chinese government or other such tinfoil hat theories) was the idea.
Especially given the name of the binary, I suspect some ZTE engineer was tasked with writing a desktop or mobile sync application that they decided needed root access for some reason. Said engineer then made a major mistake and decided a non-unique plaintext secret stored in the binary was adequate security. This happens all the time - see the recent RuggedCom "backdoor" fiasco [0]. It's happened at places I've worked, too, and it's not exactly new in the industry as a whole.
An engineer was uninformed or ignored security best practices and wrote code with a vulnerability. The vulnerability will be patched out. It's a big deal and it sucks (why were all setuid binaries not audited, at least to the level that basic oversights like this one would be noticed?), but at least in my mind it's not some kind of secret government control backdoor conspiracy - it's just a horrible bug.
I highly doubt, considering the obvious nature and simplicity of the binary, that clandestine remote access (i.e. by the Chinese government or other such tinfoil hat theories) was the idea.
Especially given the name of the binary, I suspect some ZTE engineer was tasked with writing a desktop or mobile sync application that they decided needed root access for some reason. Said engineer then made a major mistake and decided a non-unique plaintext secret stored in the binary was adequate security. This happens all the time - see the recent RuggedCom "backdoor" fiasco [0]. It's happened at places I've worked, too, and it's not exactly new in the industry as a whole.
An engineer was uninformed or ignored security best practices and wrote code with a vulnerability. The vulnerability will be patched out. It's a big deal and it sucks (why were all setuid binaries not audited, at least to the level that basic oversights like this one would be noticed?), but at least in my mind it's not some kind of secret government control backdoor conspiracy - it's just a horrible bug.
[0]: http://www.nerc.com/fileUploads/File/Events%20Analysis/A-201...