Date: Fri, 17 Dec 2010 11:11:17 -0500 From: Mike Tancsa <mike@sentex.net> To: jackoroses@gmail.com Cc: security-officer@freebsd.org, FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: FreeBSD IPSec stack contains backdoors? Message-ID: <4D0B8BA5.5070900@sentex.net> In-Reply-To: <AANLkTi=aGJR7x=eCE8vmk9T4ZwJ1i0UOdcj1o53e5jBF@mail.gmail.com> References: <AANLkTimQAZ5J5CB4ub7RAQZw93cKD6UxBaYa%2BU6M597Q@mail.gmail.com> <AANLkTikP-sF8RftgWE0JVbd2%2Bw3QH2yiHZ1gQvgfCDBH@mail.gmail.com> <xeiaei9gsq35.fsf@kobe.laptop> <AANLkTi=aGJR7x=eCE8vmk9T4ZwJ1i0UOdcj1o53e5jBF@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Strange, reads like a totally reasoned response to me to an issue that is somewhere between a practical joke and something critical. I will go with the SECTeam's assessment. They have a proven track record for assessing and dealing with security issues. ---Mike On 12/17/2010 10:36 AM, Mike L wrote: > Reads like an unacceptable response to an issue that seems quite critical. > > > On Fri, Dec 17, 2010 at 4:31 AM, Giorgos Keramidas <keramida@freebsd.org>wrote: > >> The FreeBSD security officer team has already written an official >> response about this. Please have a look at: >> >> >> http://lists.freebsd.org/pipermail/freebsd-security/2010-December/005746.html >> >> Regards, >> Giorgos >> >> On Fri, 17 Dec 2010 14:28:37 +0600, Victor Lyapunov < >> fullblaststorm@gmail.com> wrote: >>> ---------- Forwarded message ---------- >>> From: Victor Lyapunov <fullblaststorm@gmail.com> >>> Date: 2010/12/15 >>> Subject: FreeBSD IPSec stack contains backdoors? >>> To: FreeBSD Mailing List <freebsd-questions@freebsd.org> >>> >>> Hi folks, >>> Recently OpenBSD developer Gregory Perry disclosed information about >>> possible backdoors in OpenBSD IPSec stack (see >>> http://permalink.gmane.org/gmane.os.openbsd.tech/22557) In particular, >>> Gregory Perry, who has been working on a OpenBSD -ish implementation >>> of IPSec says a number of backdoors have been introduced into the >>> code. >>> >>> As far as I am aware, FreeBSD contains considerable amount of code >>> ported from OpenBSD. The question is: was the FreeBSD's ipsec code >>> ported from OpenBSD's implementation? If so, what might be the impact >>> of this? >>> >>> Thanks, >>> Victor Lyapunov. >> > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D0B8BA5.5070900>