Re: FBI accused of planting backdoor in OpenBSD IPSEC stack

[Mike Patterson <mike () snowcrash ca>]

On 10-12-22 4:04 PM, Daniel Holiday wrote:
> Here is an update to the story:
>
> http://www.linuxjournal.com/content/allegations-openbsd-backdoors-may-be-true
>
> It still sounds really, really strange to me.

"Some bugs were found, so maybe the allegations were true."

I still call bullshit.  The original allegation was pretty specific:
these developers put backdoor code in at the behest of the FBI.

Show the backdoor.  Period, full frigging stop.  If that backdoor is not
there, then the allegations were false (and probably malicious in nature).

If I was the FBI, and I paid Person X to put in a backdoor, I would want
to know when, where, how.  If the person making those allegations had an
NDA, and now was not covered by this so it's cool to talk about it, they
should be able to demonstrate when, where, how.

Otherwise, they're talking out of their ass.  Period, full frigging
stop.  This isn't brain surgery, there's no need to make a "well, the
Zapruder tape shows" kind of bullshit conspiracy theory out of it.  We
like to call ourselves engineers and architects, so show the engineering
flaw, or shut. up.

Yes, there's some bugs in OpenBSD's ipsec implementation.  Tell me about
five hundred lines of code that are completely bug-free, and I'll call
you a liar, to your face.  There's a bug in there, and somebody will
find it if they're sufficiently motivated to do so.
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com