[PC-BSD Testing] Scary FBI Cloak & Dagger stuff possibly going on with IPSec

Warner Losh imp at bsdimp.com
Sat Dec 18 11:09:30 PST 2010


On 12/16/2010 08:05, Arthur Koziol wrote:
> On 12/15/2010 9:11 PM, Erik Saline wrote:
>> On Dec 15, 2010, at 8:18 AM, Arthur Koziol wrote:
>>
>>> On 12/15/2010 10:11 AM, LinuxBSDos.com wrote:
>>>>>> Just passing along a story I read just now:
>>>>>> http://permalink.gmane.org/gmane.os.openbsd.tech/22557
>>>>>>
>>>>>> Arthur
>>>>>>
>>>>> Scary, but I'm not surprised.
>>>>>
>>>>> -- 
>>>>> Fini Decima
>>>>> http://LinuxBSDos.com
>>>>>
>>>> This has serious implications. What other free software project has 
>>>> been
>>>> compromised in this manner?
>>>>
>>>> FreeBSD? Linux kernel? SELinux?
>>>>
>>>> When I learned back in early 2000 that the NSA was contributing 
>>>> SELinux to
>>>> Linux, I did not think that it was a good idea for it to be accepted.
>>>>
>>>> Scary stuff.
>>> If true, I can't image the audit trail this will have. 10 years in 
>>> computer time might not seem like much but there's going to be gobs 
>>> of code to sift through. I guess some smarty coders is going to 
>>> create a toolkit (fuzzer perhaps?) with "definitions" to detect the 
>>> code, if it exists, in other apps which may have borrowed from IPSec 
>>> or code contributed by NSA et al. Should be interesting to watch it 
>>> unfold. Maybe Wikileaks will beat them to it, ha ha.
>>>
>>> Arthur
>> Not sure if this helps.
>>
>> http://www.itworld.com/open-source/130820/openbsdfbi-allegations-denied-named-participant 
>>
> The plot thickens: http://marc.info/?l=openbsd-tech&m=129244045916861&w=2

I think that this will all turn out to be poo.  Nothing in the initial 
email sounded the least bit credible, and nothing I've seen since then 
enhance its credibility.

Warner


More information about the Testing mailing list