Date: Thu, 16 Dec 2010 17:41:35 +0100 From: Andy Kosela <akosela@andykosela.com> To: Christian Weisgerber <naddy@mips.inka.de> Cc: freebsd-security@freebsd.org Subject: Re: Allegations regarding OpenBSD IPSEC Message-ID: <AANLkTi=4kmDkfq1caZevmXbsyyGEWDAB%2BjGwF-buCX=X@mail.gmail.com> In-Reply-To: <ied8pc$lj8$1@lorvorc.mips.inka.de> References: <4d08a854.w8rPywliRhHs/MXH%akosela@andykosela.com> <AANLkTind3UU%2BNbJeF6-nKrcZgUV6aEY93cwtWuO1yVFV@mail.gmail.com> <AANLkTi=J%2Bw1ev6=x3eUP8nQy6fVWw_cyf=nP=zD8TnOd@mail.gmail.com> <AANLkTiky7GAJba_T4Ry3T%2BURi-O4uynstjw4TtU04kOx@mail.gmail.com> <ied8pc$lj8$1@lorvorc.mips.inka.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Dec 16, 2010 at 3:47 PM, Christian Weisgerber <naddy@mips.inka.de> wrote: > Rob Farmer <rfarmer@predatorlabs.net> wrote: > >> They won't be secondary if someone does find a minor bug in the >> network stack (regardless who introduced it or if it is even related), >> which will probably happen given the attention this will invariably >> receive. > > Here's the first one: > http://marc.info/?l=openbsd-cvs&m=129245633605693&w=2 Like des@ written in the other post even if the backdoor is still present in the OpenBSD code, IMHO it is very probable that FreeBSD is unaffected as the FreeBSD OCF implementation has been substantially modified. http://www.usenix.org/publications/library/proceedings/bsdcon03/tech/leffler_crypto/leffler_crypto.pdf Either way we will all know for sure in the not distant future... --Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?AANLkTi=4kmDkfq1caZevmXbsyyGEWDAB%2BjGwF-buCX=X>