[cryptography] OpenBSD

Marsh Ray marsh at extendedsubset.com
Thu Dec 23 01:05:12 EST 2010


On 12/22/2010 10:53 PM, David-Sarah Hopwood wrote:
> On 2010-12-22 18:39, Randall Webmail wrote:
>> OpenBSD Founder Believes FBI Built IPsec Backdoor
>>
>> But Theo de Raadt said it is unlikely that the Federal Bureau of
>> Investigation's Internet protocol security code made it into the
>> final operating system.
>>
>> By Mathew J. Schwartz ,  InformationWeek
>
> Ugh, this is a confused article. It's not until the penultimate
> paragraph, that you get any indication that the bugs referred to the
> rest of the article are not believed by de Raadt to be related to any
> backdoor that the FBI may have built. That is, the title is
> misleading in a way that could easily have been avoided, and very
> much looks as though it was intentional on the part of the reporter.

So what are you implying there DS?

Are you suggesting this is misdirection being planted by
InformationWeek, who are in on the plot?

:-)

The whole thing is confused. No two people seem to believe the same thing.

Then there was that retired FBI guy who came out with this series of tweets:

> @ioerror you really think the FBI brass even knows what IPSec stack
> back doors would look like much less fund it?

> not read yet but I'm betting its false. FBI brass would never approve

> I can say all of govt has researched such things but open platform=all
> could see and use. Few in FBI would know how or what it is

> no but I do know how the system works and the lack of tech knowledge.
> If you said NSA or CIA or Airforce w/ openBsd BD then....

> I was one of the few FBI cyber agents when the coding supposedly
> happened. Experiment yes. Success No.

Next day 7:10 AM his time, 10:10 ET:

> For the record. FBI never bd openBSD. FBI tests software for such
> things before use but does not build or deploy.

This sounds to me a bit like a person getting his story straight.

I mean, how do you fail at adding a back door if you can change the 
source code, other than get caught?

- Marsh



More information about the cryptography mailing list