Forgot your password?
typodupeerror
Government Security BSD

BSD Coder Denies Adding FBI Backdoor 239

Posted by CmdrTaco
from the not-gonna-quote-the-doors dept.
jfruhlinger writes "Theo de Raadt has made the shocking claim that OpenBSD includes a backdoor that the FBI paid coders to build. Brian Proffitt has tracked down one of the programmers named as being on the FBI payroll (actually, he tracked down two programmers with the same name). Both deny working with the FBI."
This discussion has been archived. No new comments can be posted.

BSD Coder Denies Adding FBI Backdoor

Comments Filter:
  • by Fibe-Piper (1879824) on Wednesday December 15, 2010 @12:05PM (#34561570) Journal

    I mean the idea that this person would still be alive when "the NDA expired..." was odd.

    Why would the FBI make any NDA on something as shameful as this that would expire during one's lifetime?

  • Bump (Score:5, Interesting)

    by AdmV0rl0n (98366) on Wednesday December 15, 2010 @12:41PM (#34562174) Homepage Journal

    The raw and cold truth is that contributors to all the open OSs can't really be vetted. Not in a meaningful way. And the number of people who are deep low level 'hackers' capable of writing the code is relatively small. The numbers able to code audit to a level of examination are even fewer. So yes, the code is open, the code is visible, the code can and could be audited. But here is the thing, being auditable is not the same as being audited. And personally, I would not be shocked if a full audit was run if something might be found.

    That being said, this is one step better than closed source, where some of the above is not possible or viable, and in cases where money crosses palms, may in fact be unwanted.

    Further to this though, I personally don't expect government to simply roll over and die. I expect them to take steps to try and stay one step ahead of bad things, and the relaxing of technology limits has benefitted people across the world, even if I were to make a case that the cost is that at the point of a pyramid - the goves can hunt down the world culprits and suspects. In some cases - releasing the tech in fact has your enemy using that tech after some time and you get to tap into it.

    At least its an interesting story :)

  • Re:No BBlobs? (Score:5, Interesting)

    by Lumpy (12016) on Wednesday December 15, 2010 @01:04PM (#34562554) Homepage

    You dont realize how it is possible to hide evil code in front of someone's face..

    http://underhanded.xcott.com/ [xcott.com]

    go there and read, look at the winning and runner up entries... If you are a competent coder you can hide things right in front of someone and they will not spot it. It's scary as hell what some of these guys can do.

  • Re:Bump (Score:4, Interesting)

    by snowgirl (978879) on Wednesday December 15, 2010 @01:20PM (#34562760) Journal

    So yes, the code is open, the code is visible, the code can and could be audited. But here is the thing, being auditable is not the same as being audited.

    Except this is OpenBSD we're talking about, where code audits happen frequently and often.

    And personally, I would not be shocked if a full audit was run if something might be found.

    A full audit would be run repeatedly over the course of this coming year even if this accusation had not come out. After all, we are talking about OpenBSD.

Q: How many IBM CPU's does it take to execute a job? A: Four; three to hold it down, and one to rip its head off.

Working...