[kwlug-disc] openbsd backdoored by FBI
John Van Ostrand
john at netdirect.ca
Thu Dec 16 16:33:26 EST 2010
----- Original Message -----
> Or so the claim goes:
> http://www.computerworld.com/s/article/9201220/Former_contractor_says_FBI_put_back_door_in_OpenBSD
>
> Isn't OpenBSD opensource? How can someone backdoor OSS?
I'm not yet convinced this is an actual fact. It's been out for days now and there hasn't been a huge amount of press on this. There isn't any specific information about what the back door is.
I can imagine how this would be done though. A programmer could purposely inject a flaw in the code. The more subtle the flaw the better since it would escape detection. This could be an error in the key generation making the key more predictable. The one-the-wire encoding would have to match the standard but perhaps there are opportunities to leak information and stay within the standard.
--
John Van Ostrand
CTO, co-CEO
Net Direct Inc.
564 Weber St. N. Unit 12, Waterloo, ON N2L 5C6
Ph: 866-883-1172 x5102
Fx: 519-883-8533
Linux Solutions / IBM Hardware
More information about the kwlug-disc
mailing list