Date: Wed, 15 May 2002 21:57:03 -0700 From: Terry Lambert <tlambert2@mindspring.com> To: Matthew Emmerton <matt@gsicomp.on.ca> Cc: freebsd-hackers@freebsd.org Subject: Re: national security backdoor in FreeBSD. Message-ID: <3CE33C1F.A547AE4D@mindspring.com> References: <3CE295EC.6030603@cogeco.ca> <009c01c1fc95$74fd0470$1200a8c0@gsicomp.on.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Matthew Emmerton wrote: > > There is a backdoor in all versions of FreeBSD that are not compiled > > from source code within portmapper and telnetd. > > Hmm. Let's check out this logic. The binaries that ship on the FreeBSD > distros are compiled from source. When I upgrade my system, I compile from > source. And the backdoor only exists in binaries that are not compiled from > source. So where do these binaries-with-no-source come from? Oh, I know! > Carnivore detects FreeBSD ISO downloads, and tells the Magic Lantern > software on my ISP's servers to change the binaries inside the ISO images > that I FTP. Makes perfect sense! Bell Systems Technical Journal, July-August 1978, "On the Security of UNIX.", D. M. Ritchie. They hacked the compiler to hack the passwd program when it was being compiled, and also to hack the compiler to include hacks to the compiler and the passwd program when the compiler itself was being compiled. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CE33C1F.A547AE4D>