Allegations regarding OpenBSD IPSEC
Erik Cederstrand
erik at cederstrand.dk
Wed Dec 15 13:19:24 UTC 2010
Den 15/12/2010 kl. 12.36 skrev Andy Kosela:
> Some of you probably already read this:
>
> http://marc.info/?l=openbsd-tech&m=129236621626462&w=2
>
> Interesting...I wonder what is the impact of all this on FreeBSD code.
> We may very well suppose that any government or corporation funded code
> can theoretically have some kind of backdoor inside.
That wouldn't be restricted to funded code. If somebody really wanted to place backdoors in FreeBSD, posing as NSA, FBI, KGB or whatever doesn't seem like the best option. Position a guy as a src committer instead, pretending to work alone.
I'm not saying this to point fingers or spread FUD or anything like that, just that people should be careful reading any commits to catch backdoors, intentional or by mistake, regardless where they come from. Which is one thing I admire about FreeBSD - commits are actually read carefully, by many people, and frequently commented upon.
Erik
More information about the freebsd-security
mailing list