[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Steven Bellovin smb at cs.columbia.edu
Fri Dec 17 14:53:10 EST 2010

On Dec 17, 2010, at 12:34 39PM, Jon Callas wrote:

> Let's get back to the matter at hand.
> I believe that there's another principle, which is that he who proposes, disposes. I'll repeat -- it's up to the person who says there was/is a back door to find it.
> Searching the history for stupid-ass bugs is carrying their paranoid water. *Finding* a bug is not only carrying their water, but accusing someone of being underhanded. The difference between a stupid bug and a back door is intent. By calling a bug a back door, or considering it, we're also accusing that coder of being underhanded. You're doing precisely what the person throwing the paranoia wants. You're sowing fear and paranoia. 
> Of course there are stupid bugs in the IPsec code. There's stupid bugs in every large system. It is difficult to assign intent to bugs, though, as that ends up being a discussion of the person.

Yes -- see http://en.wikipedia.org/wiki/James_Jesus_Angleton#The_Molehunt for where that sort of thing can lead.

Many years ago, I learned that someone working on a major project had just been arrested for hacking.  Did he leave any surprised behind in our code?  I put together a team to do an audit.  We found one clear security hole -- but the commit logs showed who was responsible, and a conversation with her showed that it was an innocent mistake (and not something our suspect had socially-engineered into the code base).  Then I found something much more ambiguous -- two separate bugs, which -- when combined with a common but non-standard configuration -- added up to a security hole.  In one of the bugs, the code didn't agree with the comments, but there was a very plausible innocent explanation.  And yes, the suspect was responsible for that section of the code.  Deliberate?  Accidental?  To this day, I don't know; all I know for sure is that we found and closed two security holes, one very subtle.  Today is Dec 17, an odd-numbered day, so I think it was an ordinary bug.  Tomorrow, I may feel differently.

		--Steve Bellovin, http://www.cs.columbia.edu/~smb

More information about the cryptography mailing list