Allegations regarding OpenBSD IPSEC
Andy Kosela
akosela at andykosela.com
Thu Dec 16 16:41:38 UTC 2010
On Thu, Dec 16, 2010 at 3:47 PM, Christian Weisgerber
<naddy at mips.inka.de> wrote:
> Rob Farmer <rfarmer at predatorlabs.net> wrote:
>
>> They won't be secondary if someone does find a minor bug in the
>> network stack (regardless who introduced it or if it is even related),
>> which will probably happen given the attention this will invariably
>> receive.
>
> Here's the first one:
> http://marc.info/?l=openbsd-cvs&m=129245633605693&w=2
Like des@ written in the other post even if the backdoor is still
present in the OpenBSD code, IMHO it is very probable that FreeBSD is
unaffected as the FreeBSD OCF implementation has been substantially
modified.
http://www.usenix.org/publications/library/proceedings/bsdcon03/tech/leffler_crypto/leffler_crypto.pdf
Either way we will all know for sure in the not distant future...
--Andy
More information about the freebsd-security
mailing list