FreeBSD IPSec stack contains backdoors?

Giorgos Keramidas keramida at
Fri Dec 17 16:32:09 UTC 2010

On Fri, 17 Dec 2010 10:36:39 -0500, Mike L <jackoroses at> wrote:
> On Fri, Dec 17, 2010 at 4:31 AM, Giorgos Keramidas <keramida at>wrote:
>> The FreeBSD security officer team has already written an official
>> response about this.  Please have a look at:
> Reads like an unacceptable response to an issue that seems quite critical.

On Fri, 17 Dec 2010 11:11:17 -0500, Mike Tancsa <mike at> wrote:
> Strange, reads like a totally reasoned response to me to an issue that
> is somewhere between a practical joke and something critical. I will
> go with the SECTeam's assessment. They have a proven track record for
> assessing and dealing with security issues.

Mike L, unacceptable or not this is the response of people who have been
involved with FreeBSD security for a long time.  I think their response
is reasonable, given the out-of-scale proportions that the entire issue
seems to have been blown into when magazine-style web sites picked it up
and started 'decorating' the original email of Theo with their own view
of what the message between the lines MIGHT have been.

The role of the security officer team is not to take an issue that has
been blown entirely out of proportion and add to the FUD.  It's their
responsibility to handle security incidents on a fact-based basis, and
there are very little "real facts" out there about this particular
theory right now.

I don't know why you consider the security officer reply `unacceptable',
but I'm relatively sure you will agree that they are quite sensible when
they say:

    As always, anyone who believes that they have found a vulnerability
    affecting FreeBSD is requested to contact secteam at

I think that's a quite reasonable, sensible and down to earth thing to
say.  The rest of what the interwebs seems to be writing about these
particular allegations are, to the best of my current knowledge, just
a conspiracy theory trying to become as public as possible.

I too will agree with Mike Tansa.  I'll go 100% with the SECTeam’s
assessment.  They have a proven track record for assessing and dealing
with security issues.

Note: Let's keep the email traffic of security-officer down a bit.  They
don't really have to get Cc: copies of *all* the email messages of all
the people subscribed to freebsd-questions.  It's probably annoying and
it may even turn out to be a waste of their time, or even obstruct them
From seeing other, really *important* stuff about security issues.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url :

More information about the freebsd-questions mailing list