FreeBSD IPSec stack contains backdoors?

Julian H. Stacey jhs at berklix.com
Fri Dec 17 18:05:48 UTC 2010 

Hi Mike L,

> Reads like an unacceptable response to an issue that seems quite critical.

1st.: Top posting on BSD lists is deprecated.

2nd: Serious security issues are best dealt with on security@ 
	questions@ list was originally  created for eg install
	program to point beginners at.

3rd.: OpenBSD & FreeBSD etc are volunteer projects,
	Best be grateful when volunteers dedicate leisure time free
	of charge, to look at problems or allegations of problems.

4th _IF_ this is really "quite critical" to you, Yo can throw time or 
    money at the problem to find a solution:  Either:
	- Your leisure time to read parts of sources & report back
	  to security team, who I guess would be glad to co-ordinate
	  if enough people volunteer to do a code read through.
	- Your employed time if your employer thinks its important.
	- Your money or your employers' if you have dependent customers 
		There's various BSD consultants lists,
		eg I maintain a global geographic indexed list of consultants:
			http://www.berklix.com//consultants/
		( which also points to freebsd.org alphabetic consultants list )
		( No I'm not looking for work, busy elsewhere )
	  There's also various BSD etc foundations if you want to donate
	  money indirect to pay toward a code review.

> On Fri, Dec 17, 2010 at 4:31 AM, Giorgos Keramidas <keramida at freebsd.org>wrote:
> 
> > The FreeBSD security officer team has already written an official
> > response about this.  Please have a look at:
> >
> >
> > http://lists.freebsd.org/pipermail/freebsd-security/2010-December/005746.html
> >
> > Regards,
> > Giorgos
> >
> > On Fri, 17 Dec 2010 14:28:37 +0600, Victor Lyapunov <
> > fullblaststorm at gmail.com> wrote:
> > > ---------- Forwarded message ----------
> > > From: Victor Lyapunov <fullblaststorm at gmail.com>
> > > Date: 2010/12/15
> > > Subject: FreeBSD IPSec stack contains backdoors?
> > > To: FreeBSD Mailing List <freebsd-questions at freebsd.org>
> > >
> > > Hi folks,
> > > Recently OpenBSD developer Gregory Perry disclosed information about
> > > possible backdoors in OpenBSD IPSec stack (see
> > > http://permalink.gmane.org/gmane.os.openbsd.tech/22557) In particular,
> > > Gregory Perry, who has been working on a OpenBSD -ish implementation
> > > of IPSec says a number of backdoors have been introduced into the
> > > code.
> > >
> > > As far as I am aware, FreeBSD contains considerable amount of code
> > > ported from OpenBSD. The question is: was the FreeBSD's ipsec code
> > > ported from OpenBSD's implementation? If so, what might be the impact
> > > of this?
> > >
> > > Thanks,
> > > Victor Lyapunov.
> >
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
> 


Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
	Mail plain text;  Not quoted-printable, or HTML or base 64.
	Avoid top posting, it cripples itemised cumulative responses.

More information about the freebsd-questions mailing list