FreeBSD IPSec stack contains backdoors?
Julian H. Stacey
jhs at berklix.com
Fri Dec 17 18:05:48 UTC 2010
Hi Mike L,
> Reads like an unacceptable response to an issue that seems quite critical.
1st.: Top posting on BSD lists is deprecated.
2nd: Serious security issues are best dealt with on security@
questions@ list was originally created for eg install
program to point beginners at.
3rd.: OpenBSD & FreeBSD etc are volunteer projects,
Best be grateful when volunteers dedicate leisure time free
of charge, to look at problems or allegations of problems.
4th _IF_ this is really "quite critical" to you, Yo can throw time or
money at the problem to find a solution: Either:
- Your leisure time to read parts of sources & report back
to security team, who I guess would be glad to co-ordinate
if enough people volunteer to do a code read through.
- Your employed time if your employer thinks its important.
- Your money or your employers' if you have dependent customers
There's various BSD consultants lists,
eg I maintain a global geographic indexed list of consultants:
( which also points to freebsd.org alphabetic consultants list )
( No I'm not looking for work, busy elsewhere )
There's also various BSD etc foundations if you want to donate
money indirect to pay toward a code review.
> On Fri, Dec 17, 2010 at 4:31 AM, Giorgos Keramidas <keramida at freebsd.org>wrote:
> > The FreeBSD security officer team has already written an official
> > response about this. Please have a look at:
> > http://lists.freebsd.org/pipermail/freebsd-security/2010-December/005746.html
> > Regards,
> > Giorgos
> > On Fri, 17 Dec 2010 14:28:37 +0600, Victor Lyapunov <
> > fullblaststorm at gmail.com> wrote:
> > > ---------- Forwarded message ----------
> > > From: Victor Lyapunov <fullblaststorm at gmail.com>
> > > Date: 2010/12/15
> > > Subject: FreeBSD IPSec stack contains backdoors?
> > > To: FreeBSD Mailing List <freebsd-questions at freebsd.org>
> > >
> > > Hi folks,
> > > Recently OpenBSD developer Gregory Perry disclosed information about
> > > possible backdoors in OpenBSD IPSec stack (see
> > > http://permalink.gmane.org/gmane.os.openbsd.tech/22557) In particular,
> > > Gregory Perry, who has been working on a OpenBSD -ish implementation
> > > of IPSec says a number of backdoors have been introduced into the
> > > code.
> > >
> > > As far as I am aware, FreeBSD contains considerable amount of code
> > > ported from OpenBSD. The question is: was the FreeBSD's ipsec code
> > > ported from OpenBSD's implementation? If so, what might be the impact
> > > of this?
> > >
> > > Thanks,
> > > Victor Lyapunov.
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
Mail plain text; Not quoted-printable, or HTML or base 64.
Avoid top posting, it cripples itemised cumulative responses.
More information about the freebsd-questions