OpenBSD IPSEC backdored by US gov

D69

D69

Dagobah Resident
This is kinda technical stuff but very interesting and shows how it works , I mean espionage.

__http://packetstormsecurity.org/files/view/96712/openbsd-backdoored.txt

Here is a definition of IPSEC by wiki __http://en.wikipedia.org/wiki/IPsec
 
New article , just released by The Reg

_http://www.theregister.co.uk/2010/12/15/openbsd_backdoor_claim/
 
Yes, I suspected this quite some time ago.

I think the above is not limited to the specified
OS in question, but all OSes are suspect...

No one is secure - ever. A computer is secure
ONLY if it is it's own island, i.e. is not networked,
nor connected to the Internet... but then again...
what about hardware chips... that have hidden
spy devices? Or, that your outlet plug serves as
an antennae when not networked? Sounds similar
to 'Enemy of the State"?

Expect attacks, and modes of the same...
comes to mind.

Thanks for posting!
Dan
 
No one is secure - ever. A computer is secure
ONLY if it is it's own island, i.e. is not networked,
nor connected to the Internet...
Click to expand...

I would say ..... if its turned off :D
 
drygol said:
This is kinda technical stuff but very interesting and shows how it works , I mean espionage.

__http://packetstormsecurity.org/files/view/96712/openbsd-backdoored.txt

Here is a definition of IPSEC by wiki __http://en.wikipedia.org/wiki/IPsec
Click to expand...
from wiki
IPsec is a successor of the ISO standard Network Layer Security Protocol (NLSP). NLSP was based on the SP3 protocol that was published by NIST, but designed by the Secure Data Network System project of the National Security Agency (NSA).
Click to expand...

This Theo guy did bold job of publishing his email and thus exposed it.
 
FYI there is also a thread here __http://seclists.org/fulldisclosure/2010/Dec/335

and another article here __http://arstechnica.com/open-source/news/2010/12/fbi-accused-of-planting-backdoor-in-openbsd-ipsec-stack.ars
 
Reply from Greg Perry

__http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd
 
Another interesting point of view bu Bruce Schneier.
Actually that is a good point.


I doubt this is true. One, it's a very risky thing to do. And two, there are more than enough exploitable security vulnerabilities in a piece of code that
large. Finding and exploiting them is a much better strategy than planting them. But maybe someone at the FBI is that dumb.
Click to expand...

I would say that they are just that dumb or simply scared or maybe lack of skill .... dunno :D

src:__http://www.schneier.com/blog/archives/2010/12/did_the_fbi_pla.html
 
Theo de Raadt response

__http://marc.info/?l=openbsd-tech&m=129296046123471&w=2
 
You must log in or register to reply here.

Trending content

Back
Top Bottom