Re: [Nolug] alleged FBI backdoor in OpenBSD crypto code

From: B. Estrade <estrabd_at_gmail.com>
Date: Wed, 15 Dec 2010 13:41:12 -0600
Message-ID: <AANLkTiky_5N4GY_05SC5nNaLqoDRu0wFr_U9g8j1zNy5@mail.gmail.com>

Yeah, the thread has some speculation as to what could be done. I tend
to think that this might not be an innocent whistle blow and the de
Raadt is doing the right think by making it public.

Brett

On Wed, Dec 15, 2010 at 12:57 PM, Mark A. Hershberger <mah@everybody.org> wrote:
> Alex Levy <mrbones102@gmail.com> writes:
>
>> Wait wouldn't such a code have been brought to light years ago? Being that
>> the program(s) are/is open source, you have access to the source code right?
>> So know one was like "hey what the hell is this extra stuff in here?"
>
> Sure, if they were sending the decrypted stream to some fixed address.
>
> However, as others in the thread noted (see
> http://marc.info/?l=openbsd-tech&m=129237675106730&w=2), it would be
> possible (and bugs like this have occurred in the past) to enable a
> third party to snoop on the IPSec traffic and use embedded information
> to decode it.
>
> Mark.
>
>
> --
> http://hexmode.com/
>
> War begins by calling for the annihilation of the Other,
>    but ends ultimately in self-annihilation.
> ___________________
> Nolug mailing list
> nolug@nolug.org
>

-- 
B. Estrade <estrabd@gmail.com>
___________________
Nolug mailing list
nolug@nolug.org
Received on 12/15/10

This archive was generated by hypermail 2.2.0 : 12/15/10 EST