Date: Fri, 17 Dec 2010 19:07:31 +0100 From: "Julian H. Stacey" <jhs@berklix.com> To: jackoroses@gmail.com Cc: security-officer@freebsd.org, FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: FreeBSD IPSec stack contains backdoors? Message-ID: <201012171807.oBHI7VCO010182@fire.js.berklix.net> In-Reply-To: Your message "Fri, 17 Dec 2010 10:36:39 EST." <AANLkTi=aGJR7x=eCE8vmk9T4ZwJ1i0UOdcj1o53e5jBF@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Mike L,
> Reads like an unacceptable response to an issue that seems quite critical.
1st.: Top posting on BSD lists is deprecated.
2nd: Serious security issues are best dealt with on security@
questions@ list was originally created for eg install
program to point beginners at.
3rd.: OpenBSD & FreeBSD etc are volunteer projects,
Best be grateful when volunteers dedicate leisure time free
of charge, to look at problems or allegations of problems.
4th _IF_ this is really "quite critical" to you, Yo can throw time or
money at the problem to find a solution: Either:
- Your leisure time to read parts of sources & report back
to security team, who I guess would be glad to co-ordinate
if enough people volunteer to do a code read through.
- Your employed time if your employer thinks its important.
- Your money or your employers' if you have dependent customers
There's various BSD consultants lists,
eg I maintain a global geographic indexed list of consultants:
http://www.berklix.com//consultants/
( which also points to freebsd.org alphabetic consultants list )
( No I'm not looking for work, busy elsewhere )
There's also various BSD etc foundations if you want to donate
money indirect to pay toward a code review.
> On Fri, Dec 17, 2010 at 4:31 AM, Giorgos Keramidas <keramida@freebsd.org>wrote:
>
> > The FreeBSD security officer team has already written an official
> > response about this. Please have a look at:
> >
> >
> > http://lists.freebsd.org/pipermail/freebsd-security/2010-December/005746.html
> >
> > Regards,
> > Giorgos
> >
> > On Fri, 17 Dec 2010 14:28:37 +0600, Victor Lyapunov <
> > fullblaststorm@gmail.com> wrote:
> > > ---------- Forwarded message ----------
> > > From: Victor Lyapunov <fullblaststorm@gmail.com>
> > > Date: 2010/12/15
> > > Subject: FreeBSD IPSec stack contains backdoors?
> > > To: FreeBSD Mailing List <freebsd-questions@freebsd.org>
> > >
> > > Hi folks,
> > > Recently OpenBSD developer Gregory Perry disclosed information about
> > > possible backdoors in OpenBSD IPSec stack (see
> > > http://permalink.gmane.org/gmane.os.openbsd.tech/22557) In particular,
> > > Gregory Perry, who has been working on a OpenBSD -ish implementation
> > > of IPSec says a number of backdoors have been introduced into the
> > > code.
> > >
> > > As far as I am aware, FreeBSD contains considerable amount of code
> > > ported from OpenBSD. The question is: was the FreeBSD's ipsec code
> > > ported from OpenBSD's implementation? If so, what might be the impact
> > > of this?
> > >
> > > Thanks,
> > > Victor Lyapunov.
> >
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
>
Cheers,
Julian
--
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Mail plain text; Not quoted-printable, or HTML or base 64.
Avoid top posting, it cripples itemised cumulative responses.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201012171807.oBHI7VCO010182>