[cryptography] Fwd: [gsc] Fwd: OpenBSD IPSEC backdoor(s)

Kevin W. Wall kevin.w.wall at gmail.com
Fri Dec 17 19:25:10 EST 2010

On 12/17/2010 12:34 PM, Jon Callas wrote:
> <...snip...>
> Searching the history for stupid-ass bugs is carrying their paranoid
> water. *Finding* a bug is not only carrying their water, but accusing
> someone of being underhanded. The difference between a stupid bug and
> a back door is intent. By calling a bug a back door, or considering
> it, we're also accusing that coder of being underhanded. You're doing
> precisely what the person throwing the paranoia wants. You're sowing
> fear and paranoia.
> Of course there are stupid bugs in the IPsec code. There's stupid bugs
> in every large system. It is difficult to assign intent to bugs, though,
> as that ends up being a discussion of the person.

Oh put another way, when it comes to maliciousness versus human stupidity,
I'll pick human stupidity almost every time.

Kevin W. Wall
"The most likely way for the world to be destroyed, most experts agree,
is by accident. That's where we come in; we're computer professionals.
We cause accidents."        -- Nathaniel Borenstein, co-creator of MIME

More information about the cryptography mailing list