[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed Dec 15 02:38:35 EST 2010


Marsh Ray <marsh at extendedsubset.com> writes:

>Something about this doesn't add up and I don't think we're seeing the real
>story emerge yet. The USG seems to be completely off its rocker right now
>reacting to Wikileaks and I wonder if that has something to do with the
>timing of this.

This is one of those things where those who know the truth won't be able to
talk about it, and those who can openly talk about it don't know the truth.
Having pointed out that distinction, I'll now talk about it :-).  It violates
the principle of least surprise, why on earth would the FBI show their hand in
violating the integrity of an OSS product, especially something of such
relatively low value when, even in 2000/2001, the real crypto action was in
OpenSSH?  My guess is that this arose from one of two things:

1. Someone seriously got their wires crossed (knotted, more like it).

2. Someone has it in for OpenBSD (or Theo), and a spooky backdoor conspiracy
would be an ideal vehicle for it.

I'm going for (1).

Peter.



More information about the cryptography mailing list