Full Disclosure mailing list archives
Re: Allegations regarding OpenBSD IPSEC
From: BMF <badmotherfsckr () gmail com>
Date: Wed, 15 Dec 2010 16:05:52 -0800
On Wed, Dec 15, 2010 at 3:46 PM, clément Game <clement () digi-nation com> wrote:
i second that...yet we obviously need to figure out better ways to audit the code...maybe some kind of security-oriented unit-test framework ? ( dont'know if it exists already, and if it does, maybe that it's already employed for the OpenBSD project...dunno )
We're likely talking potential side-channel key leakage here...that sort of thing will be very hard to find. Unit-testing is not applicable. The worst thing about this sort of allegation is that it is impossible to prove that it isn't true. All we will ever be able to say is "We haven't found it yet." BMF _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Allegations regarding OpenBSD IPSEC, (continued)
- Re: Allegations regarding OpenBSD IPSEC musnt live (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC bk (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC J. Oquendo (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Aldis Berjoza (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Steve Pinkham (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Michal Zalewski (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Valdis . Kletnieks (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC phil (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC clément Game (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC BMF (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Graham Gower (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC mark seiden (Dec 15)
- Re: Allegations regarding OpenBSD IPSEC Abuse007 (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Valdis . Kletnieks (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC malfy (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC John Horn (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 16)