Language Selection

English French German Italian Portuguese Spanish

Allegations of OpenBSD Backdoors May be True, Updated

Filed under
Security
BSD

It was just last week that Theo de Raadt, OpenBSD founder and developer, posted an email that claimed the Federal Bureau of Investigations paid OpenBSD developers to leave backdoors in its IPSEC network security stack. Since then early audits have found some questionable code, contributors denied any wrongdoing, and the original source reaffirmed his allegations.

It'll take time to go through all the code but de Raadt said "two bugs in our cryptographic code" have already been found. "We are assessing the impact. We are also assessing the 'archeological' aspects of this," he added.

In further developments, de Raadt said yesterday that Angelos had worked on the cypto stack in question for four years when accepting a contract at NETSEC. Angelos "wrote the crypto layer that permits our ipsec stack to hand-off requests to the drivers that Jason worked on. That crypto layer ontained the half-assed insecure idea of half-IV that the US govt was pushing at that time. Soon after his contract was over this was ripped out."

full story




Yes, no or who cares?

Very interesting how this is getting played out in the public arena.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Latest Ubuntu Touch SDK Updates Focus on Convergence Features for OTA-6

On the last day of July 2015, Canonical's Zoltán Balogh posted an important email on the Ubuntu Touch mailing list, informing us all about the work done lately on the Ubuntu SDK (Software Development Kit) software. Read more

Wifislax 4.11.1 Linux Distro Arrives with Linux Kernel 4.1.3 LTS, Xfce 4.12.3

The developers of the popular Wifislax Linux distribution based on the well-known Slackware operating system and built around the KDE and Xfce desktop environments announced the release of Wifislax 4.11.1. Read more

5 Best Linux Desktop Environments With Pros & Cons


Picture

If you are new to Linux then I'm sure you are giving up lots of time choosing Desktop Environment of your Linux Distribution. You are probably thinking to give a try to each one of them but that's very time consuming. Edit - There are other good DEs also That's why I'm reviewing the 5 Best Linux Desktop Environments with the pros & cons. The article gives you what you should know for choosing a DE. So let's get started!

Redis open source DBMS overview

Redis runs on Linux. Although the Redis project doesn't directly support Windows, Microsoft Open Technologies develops and maintains a Windows port targeting Win64. The Redis open source DBMS is available as a BSD license. The Redis community offers support through the official mailing list as well as #redis on Freenode. Commercial support is available through Pivotal, the official sponsor of Redis. Pivotal offers two levels of professional support. Read more