Full Disclosure mailing list archives
Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo
From: Graham Gower <graham.gower () gmail com>
Date: Thu, 23 Dec 2010 16:23:01 +1030
On 23 December 2010 13:54, The Sp3ctacle <sp3ctacle () gmail com> wrote:
It shouldn't be that hard to bindiff the code compiled with with the shipped compiler with the code from a compiler that predates the latest backdoor shenanigans. You could decompile the binary code and then ask a cryptographer to audit.
Even getting the code to build with a 10+ year old gcc would be a massive undertaking. And if you did that, I daresay the bindiff would be meaningless - 10 years of code generation improvements, not to mention OpenBSD moved from a.out to elf somewhere in there. -Graham _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- OpenBSD has Open Backdoored Software Distribution - admitted by Theo Dave Nett (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo Dan Kaminsky (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo mrx (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo Valdis . Kletnieks (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo Paul Schmehl (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo The Sp3ctacle (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo Graham Gower (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo mrx (Dec 22)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo Carlos Alberto Lopez Perez (Dec 23)
- Re: OpenBSD has Open Backdoored Software Distribution - admitted by Theo Dan Kaminsky (Dec 22)