Allegations regarding OpenBSD IPSEC

Erik Cederstrand erik at
Wed Dec 15 13:19:24 UTC 2010

Den 15/12/2010 kl. 12.36 skrev Andy Kosela:

> Some of you probably already read this:
> Interesting...I wonder what is the impact of all this on FreeBSD code.
> We may very well suppose that any government or corporation funded code
> can theoretically have some kind of backdoor inside.

That wouldn't be restricted to funded code. If somebody really wanted to place backdoors in FreeBSD, posing as NSA, FBI, KGB or whatever doesn't seem like the best option. Position a guy as a src committer instead, pretending to work alone.

I'm not saying this to point fingers or spread FUD or anything like that, just that people should be careful reading any commits to catch backdoors, intentional or by mistake, regardless where they come from. Which is one thing I admire about FreeBSD - commits are actually read carefully, by many people, and frequently commented upon.


More information about the freebsd-security mailing list