From owner-freebsd-questions@FreeBSD.ORG Fri Dec 17 18:05:48 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B1575106566B; Fri, 17 Dec 2010 18:05:48 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from tower.berklix.org (tower.berklix.org [83.236.223.114]) by mx1.freebsd.org (Postfix) with ESMTP id 522568FC08; Fri, 17 Dec 2010 18:05:47 +0000 (UTC) Received: from park.js.berklix.net (p5B22D826.dip.t-dialin.net [91.34.216.38]) (authenticated bits=0) by tower.berklix.org (8.14.2/8.14.2) with ESMTP id oBHI5jSZ040447; Fri, 17 Dec 2010 18:05:46 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by park.js.berklix.net (8.13.8/8.13.8) with ESMTP id oBHI7gDP039805; Fri, 17 Dec 2010 19:07:42 +0100 (CET) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.3/8.14.3) with ESMTP id oBHI7VCO010182; Fri, 17 Dec 2010 19:07:37 +0100 (CET) (envelope-from jhs@fire.js.berklix.net) Message-Id: <201012171807.oBHI7VCO010182@fire.js.berklix.net> To: jackoroses@gmail.com From: "Julian H. Stacey" Organization: http://www.berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Fri, 17 Dec 2010 10:36:39 EST." Date: Fri, 17 Dec 2010 19:07:31 +0100 Sender: jhs@berklix.com Cc: security-officer@freebsd.org, FreeBSD Mailing List Subject: Re: FreeBSD IPSec stack contains backdoors? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 17 Dec 2010 18:05:48 -0000 Hi Mike L, > Reads like an unacceptable response to an issue that seems quite critical. 1st.: Top posting on BSD lists is deprecated. 2nd: Serious security issues are best dealt with on security@ questions@ list was originally created for eg install program to point beginners at. 3rd.: OpenBSD & FreeBSD etc are volunteer projects, Best be grateful when volunteers dedicate leisure time free of charge, to look at problems or allegations of problems. 4th _IF_ this is really "quite critical" to you, Yo can throw time or money at the problem to find a solution: Either: - Your leisure time to read parts of sources & report back to security team, who I guess would be glad to co-ordinate if enough people volunteer to do a code read through. - Your employed time if your employer thinks its important. - Your money or your employers' if you have dependent customers There's various BSD consultants lists, eg I maintain a global geographic indexed list of consultants: http://www.berklix.com//consultants/ ( which also points to freebsd.org alphabetic consultants list ) ( No I'm not looking for work, busy elsewhere ) There's also various BSD etc foundations if you want to donate money indirect to pay toward a code review. > On Fri, Dec 17, 2010 at 4:31 AM, Giorgos Keramidas wrote: > > > The FreeBSD security officer team has already written an official > > response about this. Please have a look at: > > > > > > http://lists.freebsd.org/pipermail/freebsd-security/2010-December/005746.html > > > > Regards, > > Giorgos > > > > On Fri, 17 Dec 2010 14:28:37 +0600, Victor Lyapunov < > > fullblaststorm@gmail.com> wrote: > > > ---------- Forwarded message ---------- > > > From: Victor Lyapunov > > > Date: 2010/12/15 > > > Subject: FreeBSD IPSec stack contains backdoors? > > > To: FreeBSD Mailing List > > > > > > Hi folks, > > > Recently OpenBSD developer Gregory Perry disclosed information about > > > possible backdoors in OpenBSD IPSec stack (see > > > http://permalink.gmane.org/gmane.os.openbsd.tech/22557) In particular, > > > Gregory Perry, who has been working on a OpenBSD -ish implementation > > > of IPSec says a number of backdoors have been introduced into the > > > code. > > > > > > As far as I am aware, FreeBSD contains considerable amount of code > > > ported from OpenBSD. The question is: was the FreeBSD's ipsec code > > > ported from OpenBSD's implementation? If so, what might be the impact > > > of this? > > > > > > Thanks, > > > Victor Lyapunov. > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Mail plain text; Not quoted-printable, or HTML or base 64. Avoid top posting, it cripples itemised cumulative responses.