Full Disclosure mailing list archives
Re: Allegations regarding OpenBSD IPSEC
From: Charlie Derr <cderr () simons-rock edu>
Date: Fri, 17 Dec 2010 13:29:44 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/17/2010 12:52 PM, Paul Schmehl wrote:
--On December 17, 2010 12:31:37 PM -0500 Larry Seltzer <larry () larryseltzer com> wrote:The one thing Mr. Perry has not done, and which, if his claims have any merit at all, he could easily do, since he claims he's no longer underNDA,is post the code that proves that there is a backdoor. After all, he supposedly wrote it, along with others.Actually, he did not say that he wrote code. He said that "Jason Wright and several other developers were responsible for those backdoors"I quote Mr. Perry: "I left NETSEC in 2000 to start another venture, I had some fairly significant concerns with many aspects of these projects, and I was the lead architect for the site-to-site VPN project ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ developed for Executive Office for United States Attorneys, which was a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad." Still think he never wrote any and had no knowledge of the code? What does "lead architect" mean?
I actually thought about this as possibly providing more motivation for Mr. Perry to whine about the FBI being responsible for subverting a project that he was in charge of. While the previous motivations that you guessed at all seem plausible, this one jumped out at me. Being able to pin his failure to secure the VPN for US Attorneys on the FBI (and at least partially steer attention away from his own culpability) seems like potentially a very good reason for him to have made these allegations in the first place. But of course I have no evidence and am just guessing. best, ~c -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJNC6wXAAoJELuLPXMxqTZ/9CYQAMfDyu3ObqzrC0yK1pZxlim8 OTbbYXME5afuTpSONb/JDbBnJcRW024oXykU59KNJ8y8DTE+IgvnoihKaA8s143G bkbA3zT60NFkUR+vQMgSVRDff2RNyGRBNSImEaWQP0kLva/ouaDsbyNqLFKhqaVB b6+T600Gfb65gOSX3IbbIzJ64r7CinJvxY5aIYxCk4fHfTcy28+YxAtfFz2F3BLL xwYHEcYZnHqnCFV1xpKLraAixeovqslCQG8HpM76KtZrTWoJ2Nc3ki5E4D/BOoZH pTi8GcDZRrgesZQYmbeMGirJLSMD1LTZ6szg0Ul/z4HCOlcCWPC/Z30iAT+JcjqP 5FGh74n/PPirMBMzfb78Qd33j1AEyw0bZ5QEpLJG5rQjfDTZHJ7BHNJdvfie418N /pyheNAdk3MFdgAt5fCUiWcMsQIixsqjn3hqaTolgxA34VCmhlaQyMrfEg/gPRbp lFQJNNTOyWX3IWPIOhGRJNSc7XfrE6LIddcspDkYXOQt0jICpNdoHeDDCZddcVkR hkGbQOS4kcVWPZ0lUjIlmXzLRtgnhnFI3t3VZpGqGOF5T5gi8Ax25lrdc6BT4XRd TTVuBwylvtxYUUaI/nje1NFWgrXJikOJ+N1KLPBrT+w6IYfRchOOGNslsSCROduM qedxwhjr9doLfkjmhaM2 =lUG1 -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Allegations regarding OpenBSD IPSEC, (continued)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC J. Oquendo (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Larry Seltzer (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Gary Baribault (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC news (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Valdis . Kletnieks (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Григорий Братислава (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Григорий Братислава (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Charlie Derr (Dec 18)
- Re: Allegations regarding OpenBSD IPSEC Григорий Братислава (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Paul Schmehl (Dec 17)
- Re: Allegations regarding OpenBSD IPSEC Dave Nett (Dec 16)
- Re: Allegations regarding OpenBSD IPSEC mark seiden (Dec 18)
- Re: Allegations regarding OpenBSD IPSEC Jeffrey Walton (Dec 16)