Full Disclosure mailing list archives
Re: Allegations regarding OpenBSD IPSEC
From: phil () jabea net
Date: Wed, 15 Dec 2010 14:59:41 -0500
In my own opinion, when the code hit the stable release, I doubt that after the code is audited at 100% unless someone add a new feature to that part or a bug is found in that code part. All that due to the complexity to understand the code, all that energy is better invested to make new features and to remove existing bug. Thats why IMO for that disclosure. (to put the focust on that code part) -phil
--On December 14, 2010 8:40:14 PM -0500 bugs () fbi dhs org wrote:Hi, Has anyone read this yet? http://www.downspout.org/?q=node/3 Seems IPSEC might have a back door written into it by the FBI?So for 10 years IPSEC has had a backdoor in it and not one person examining the code has noticed it? Or even questioned it? That's a bit hard to believe. It's along the same lines as the stories that Microsoft captures all your packets and harvests your personal information. Read The Cathedral and The Bazaar. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson "There are some ideas so wrong that only a very intelligent person could believe in them." George Orwell _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Allegations regarding OpenBSD IPSEC bugs (Dec 14)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC musnt live (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC bk (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC J. Oquendo (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Aldis Berjoza (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Steve Pinkham (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Michal Zalewski (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Valdis . Kletnieks (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC phil (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC clément Game (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC BMF (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Graham Gower (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC mark seiden (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Abuse007 (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Valdis . Kletnieks (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC malfy (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 15)