From owner-freebsd-security@FreeBSD.ORG Wed Dec 15 22:09:52 2010 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 50AA6106564A for ; Wed, 15 Dec 2010 22:09:52 +0000 (UTC) (envelope-from andy.kosela@gmail.com) Received: from mail-bw0-f49.google.com (mail-bw0-f49.google.com [209.85.214.49]) by mx1.freebsd.org (Postfix) with ESMTP id CD6E58FC12 for ; Wed, 15 Dec 2010 22:09:51 +0000 (UTC) Received: by bwz5 with SMTP id 5so2920723bwz.8 for ; Wed, 15 Dec 2010 14:09:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:sender:received :in-reply-to:references:date:x-google-sender-auth:message-id:subject :from:to:cc:content-type:content-transfer-encoding; bh=B3y85nTnuEkXlDrXrFp2n7UgKiSITydJ8yecRn05bCM=; b=BuH8JueqjvUz65nljJ1iDMo2FxaqXCMqj12fUIG8uFvjqrCGb31H4m4dv8CfZL/2W2 w5D5UHjUdK6XVr9cN9PleQ8WuqClcP42Hj6DZ49ORDw4XrxnnjF2bh6zPK0XrDJH+Z8x NeL2EuCBgKkVJzxYMEGWNoZrM5+JBK76ovV6g= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=N5KuflPoi5OA5gnR5c/n80MlYcU15sDluPYms93p8OJhM4Xlovzr5Gf+TG19t4OF4T DvznKSSUyYeU1oO4+cDrVIOkH8xo/lo927Hv6X547wvxUOs7f4KKAy9Yim7RCZr2GyOg oeF8c8C+/qk8y2/LYMol8a0PpbX9AGoArCWhg= MIME-Version: 1.0 Received: by 10.204.67.5 with SMTP id p5mr7754626bki.59.1292450988733; Wed, 15 Dec 2010 14:09:48 -0800 (PST) Sender: andy.kosela@gmail.com Received: by 10.204.121.147 with HTTP; Wed, 15 Dec 2010 14:09:48 -0800 (PST) In-Reply-To: <20101215193315.GA41513@mud.stack.nl> References: <4d08a854.w8rPywliRhHs/MXH%akosela@andykosela.com> <20101215193315.GA41513@mud.stack.nl> Date: Wed, 15 Dec 2010 23:09:48 +0100 X-Google-Sender-Auth: -kbiM7gPTsDhJgZKNQBuPrWUzvI Message-ID: From: Andy Kosela To: Johan van Selst Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: freebsd-security@freebsd.org Subject: Re: Allegations regarding OpenBSD IPSEC X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Dec 2010 22:09:52 -0000 On Wed, Dec 15, 2010 at 8:33 PM, Johan van Selst wrote: > Andy Kosela wrote: >> Some of you probably already read this: >> =A0http://marc.info/?l=3Dopenbsd-tech&m=3D129236621626462&w=3D2 > > Then also read Jason Wright's response and clear denial: > http://marc.info/?l=3Dopenbsd-tech&m=3D129244045916861&w=3D2 Would you publically say: "yes, I was on the FBI payroll and planted those backdoors". Let's be honest here. We need to witness what Greg Perry has more to say about this. If he claims this is true I guess he still got the code for that -- let him publish it or at least point us in the right direction in the OpenBSD source code. Even if this is all false, hypothetically it is not that hard to plant such a backdoor in the Open Source project, not to say that it would be even easier to do that in closed source project. http://judiciary.senate.gov/pdf/11-17-09%20Schaeffer%20Testimony.pdf Some of the similar cases are actually somewhat documented -- this is from the same period (around '99) and concerns NSA and M$: http://cypherspace.org/adam/hacks/ms-nsa-key.html