I found this article posted on ZDNet.com today discussing a backdoor vulnerability in Energizer’s DUO USB battery charger.

This is a battery charger that you can plug into your computer (or laptop etc.) to charge AA batteries while on the go. It comes with software you can install on your Microsoft Windows computer to presumably monitor the battery charge or control the charger. Unfortunately the software does something else too – it allows a remote user to connect to your computer on port tcp/7777 and effectively take control of it. (The original CERT vulnerability report can be found here.) This type of vulnerability is considered a trojan horse or backdoor, and is very dangerous. If you purchased this product and installed the software, you should uninstall it right away. I’m sure this was not done maliciously, but rather was a mistake or oversight on the part of the developers who created the software.

This is a great example of why Open Source software is so important – when programs like this are developed and released through the open source community, their source code is examined by other developers and security specialists. Mistakes like this rarely makes it into the wild; and when they do they are almost always discovered by the community (not hackers) and rectified quickly. No software is bug free – but when software is developed by a large and collaborative community the result is almost certain to be higher quality and more  importantly, safer for your computer.