Re: Allegations regarding OpenBSD IPSEC

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Kurt Knochner

Subject: Re: Allegations regarding OpenBSD IPSEC

Date: Tuesday, December 21, 2010 - 11:57 am

2010/12/21 Theo de Raadt <deraadt@cvs.openbsd.org>
quoted text>
> > regarding the allegations about a backdoor beeing planted into OpenBSD, I
> > did a code review myself [...]
>
> By the way...
>
> It is unfortunate that it required an allegation of this sort for
> people to get to the point where they stop blindly trusting and
> instead go audit the code....

without a 'hint' (true or fake), where would you start auditing the
code? It's just too much.

Now, as I have started with it, I will continue to do so, at least
with the crypto code and PRNG code. However, don't get me wrong. I'm
neither a cryptographer nor have I ever touched the openbsd code
before. I did some patching for BSDI BSD/OS (ages ago), but that's it
with my *bsd code contact.

quoted text> But looked at from the half-glass-full side, it is refreshing to see
> people trying!

:-)

BTW: iTWire mentions, that two bugs have been found in the crypto
code. Where can I find details on those bugs?

http://www.itwire.com/opinion-and-analysis/open-sauce/43995-openbsd-backdoor-claims-co...

Regards
Kurt Knochner

http://knochner.com/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Allegations regarding OpenBSD IPSEC, Theo de Raadt, (Tue Dec 21, 11:29 am)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 11:57 am)

Re: Allegations regarding OpenBSD IPSEC, martin tarb, (Fri Dec 24, 12:27 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Fri Dec 24, 12:38 pm)

Re: Allegations regarding OpenBSD IPSEC, martin tarb, (Fri Dec 24, 12:53 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Fri Dec 24, 1:09 pm)

Re: Allegations regarding OpenBSD IPSEC, martin tarb, (Fri Dec 24, 1:56 pm)

Re: Allegations regarding OpenBSD IPSEC, Janne Johansson, (Thu Dec 30, 1:38 am)

Re: Allegations regarding OpenBSD IPSEC, Ryan McBride, (Thu Dec 30, 1:56 am)

Re: Allegations regarding OpenBSD IPSEC, Kjell Wooding, (Thu Dec 30, 8:41 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Thu Dec 30, 11:57 pm)

Re: Allegations regarding OpenBSD IPSEC, Ray Percival, (Fri Dec 31, 10:16 am)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Chuck Ebbert	Re: PCI: Unable to reserve mem region problem
Linus Torvalds	Linux 2.6.34-rc4
Mingming Cao	Re: [RFC 1/4] Large Blocksize support for Ext2/3/4
git:
Ralf Wildenhues	[PATCH] Fix typos in the documentation
Len Brown	Re: fatal: unable to create '.git/index': File exists
Adeodato	Bazaar's patience diff as GIT_EXTERNAL_DIFF
Denis Bueno	Git clone error
Johannes Schindelin	Re: [PATCH 2/4] Add functions get_relative_cwd() and is_inside_dir()
git-commits-head:
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	nfsd41: sanity check client drc maxreqs
Linux Kernel Mailing List	bnx2x: Moving includes
Linux Kernel Mailing List	V4L/DVB: gspca - sonixj: Adjust minor values of sensor ov7630. - set the color ga...
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Netmaffia.hu	Tini Lányok AKCIÓBAN OTTHON
Sam Fourman Jr.	Re: Help with Altell PC6700
Siju George	This is what Linus Torvalds calls openBSD crowd
Darrin Chandler	Re: OT: Python (was Re: vi in /bin)
linux-netdev:
Kurt Van Dijck	Re: [PATCH net-next-2.6 1/2] can: add driver for Softing card
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Jarek Poplawski	Re: socket api problem: can't bind an ipv6 socket to ::ffff:0.0.0.0
David Miller	Re: [PATCH v2] net: typos in comments in include/linux/igmp.h