Re: Allegations regarding OpenBSD IPSEC

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Ryan McBride

Subject: Re: Allegations regarding OpenBSD IPSEC

Date: Thursday, December 30, 2010 - 1:56 am

On Thu, Dec 30, 2010 at 09:38:41AM +0100, Janne Johansson wrote:
quoted text> > without a 'hint' (true or fake), where would you start auditing the
> > code? It's just too much.
> 
> Ted Unangst already solved that for all the potential lookers:
> 
> Quote from http://marc.info/?l=openbsd-misc&m=124413533913404&w=2
> ---------------------------------
> It's not about where you start. It's about starting anywhere. Here, watch,
> it's this easy:
> find /usr/src -name "*.c" | random 10000
> ---------------------------------

Note that this assumes that there is no backdoor in random(6) (or
arc4random_uniform, which it calls) designed to prevent the source file
with the backdoor from being selected with the above command.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: Allegations regarding OpenBSD IPSEC, Theo de Raadt, (Tue Dec 21, 11:29 am)

Re: Allegations regarding OpenBSD IPSEC, Kurt Knochner, (Tue Dec 21, 11:57 am)

Re: Allegations regarding OpenBSD IPSEC, martin tarb, (Fri Dec 24, 12:27 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Fri Dec 24, 12:38 pm)

Re: Allegations regarding OpenBSD IPSEC, martin tarb, (Fri Dec 24, 12:53 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Fri Dec 24, 1:09 pm)

Re: Allegations regarding OpenBSD IPSEC, martin tarb, (Fri Dec 24, 1:56 pm)

Re: Allegations regarding OpenBSD IPSEC, Janne Johansson, (Thu Dec 30, 1:38 am)

Re: Allegations regarding OpenBSD IPSEC, Ryan McBride, (Thu Dec 30, 1:56 am)

Re: Allegations regarding OpenBSD IPSEC, Kjell Wooding, (Thu Dec 30, 8:41 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Thu Dec 30, 11:57 pm)

Re: Allegations regarding OpenBSD IPSEC, Ray Percival, (Fri Dec 31, 10:16 am)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v4 11/11] sched: update tg->shares after cpu.shares write
Mr. James W. Laferriere	Re: Linux 2.6.25-rc1 , syntax error near unexpected token `;'
Chuck Ebbert	Re: PCI: Unable to reserve mem region problem
Linus Torvalds	Linux 2.6.34-rc4
Mingming Cao	Re: [RFC 1/4] Large Blocksize support for Ext2/3/4
git:
Ralf Wildenhues	[PATCH] Fix typos in the documentation
Len Brown	Re: fatal: unable to create '.git/index': File exists
Adeodato	Bazaar's patience diff as GIT_EXTERNAL_DIFF
Denis Bueno	Git clone error
Johannes Schindelin	Re: [PATCH 2/4] Add functions get_relative_cwd() and is_inside_dir()
git-commits-head:
Linux Kernel Mailing List	ASoC: fix registration of the SoC card in the Freescale MPC8610 drivers
Linux Kernel Mailing List	drivers/acpi: use kasprintf
Linux Kernel Mailing List	nfsd41: sanity check client drc maxreqs
Linux Kernel Mailing List	bnx2x: Moving includes
Linux Kernel Mailing List	V4L/DVB: gspca - sonixj: Adjust minor values of sensor ov7630. - set the color ga...
openbsd-misc:
Sevan / Venture37	Re: This is what Linus Torvalds calls openBSD crowd
Netmaffia.hu	Tini Lányok AKCIÓBAN OTTHON
Sam Fourman Jr.	Re: Help with Altell PC6700
Siju George	This is what Linus Torvalds calls openBSD crowd
Darrin Chandler	Re: OT: Python (was Re: vi in /bin)
linux-netdev:
Kurt Van Dijck	Re: [PATCH net-next-2.6 1/2] can: add driver for Softing card
Eric Dumazet	Re: [PATCH net-next-2.6] net: Introduce skb_orphan_try()
Jamie Lokier	Re: POHMELFS high performance network filesystem. Transactions, failover, performa...
Jarek Poplawski	Re: socket api problem: can't bind an ipv6 socket to ::ffff:0.0.0.0
David Miller	Re: [PATCH v2] net: typos in comments in include/linux/igmp.h