[cryptography] OpenBSD (fwd)

[J.A. Terranson]

//Alif

-- 
"Never belong to any party, always oppose privileged classes and public
plunderers, never lack sympathy with the poor, always remain devoted to
the public welfare, never be satisfied with merely printing news, always
be drastically independent, never be afraid to attack wrong, whether by
predatory plutocracy or predatory poverty."

Joseph Pulitzer, 1907 Speech

---------- Forwarded message ----------
Date: Wed, 22 Dec 2010 13:39:03 -0500
From: Randall Webmail <rvh40 at insightbb.com>
Reply-To: Crypto discussion list <cryptography at randombit.net>
To: Crypto discussion list <cryptography at randombit.net>
Cc: dave at farber.net, dewayne at warpspeed.com
Subject: [cryptography] OpenBSD

OpenBSD Founder Believes FBI Built IPsec Backdoor

But Theo de Raadt said it is unlikely that the Federal Bureau of Investigation's Internet protocol security code made it into the final operating system.

By Mathew J. Schwartz ,  InformationWeek

The bugs are of interest given the recent allegation made by Gregory Perry, former CTO of now-defunct Federal Bureau of Investigation contractor Network Security Technology (NetSec), that the FBI created a backdoor in the OpenBSD code base, specifically in how it implements IPsec. He also alleged that multiple developers involved in contributing code to OpenBSD were on the payroll of NetSec, and that the FBI had hired it to create the backdoors. [SNIP]

Technical explanation aside, is this vulnerability exploitable? "This is a neat attack, but also a total pain in the a-- to use, and certainly not an FBI backdoor in OpenBSD IPsec," said Ptacek. [SNIP]

http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=228900037&cid=RSSfeed_IWK_News

 http://snipurl.com/1p4dlf