FBI Alleged To Have Backdoored OpenBSD's IPSEC Stack 536
Aggrajag and Mortimer.CA, among others, wrote to inform us that Theo de Raadt has made public an email sent to him by Gregory Perry, who worked on the OpenBSD crypto framework a decade ago. The claim is that the FBI paid contractors to insert backdoors into OpenBSD's IPSEC stack. Mr. Perry is coming forward now that his NDA with the FBI has expired. The code was originally added ten years ago, and over that time has changed quite a bit, "so it is unclear what the true impact of these allegations are" says Mr. de Raadt. He added: "Since we had the first IPSEC stack available for free, large parts of the code are now found in many other projects/products." (Freeswan and Openswan are not based on this code.)
Re:I forget... (Score:5, Informative)
No. NeXTSTEP pre-dated NetBSD and FreeBSD. NeXTSTEP was based on BSD Tahoe 4.3, and OS X took code from all three codebases (OS X was NetBSD-heavy in the early days until Jordan Hubbard joined Apple and influenced further conversion to FreeBSD code).
To this day you can find BSD code from all BSD codebases, but not quite as much from OpenBSD. Run 'strings' on the libraries to get the skinny.
Re:But but but (Score:5, Informative)
Some of the files SCO claimed were infringing turned out to be BSD code, and as such, entirely okay (SCO couldn't claim rights to BSD code because of the Regents of the U of C vs AT&T case).
-- Barbie
Denial by Scott Lowe (Score:5, Informative)
The original message claimed Scott Lowe was on the FBI payroll:
for example Scott Lowe is a well
respected author in virtualization circles who also happens top be on
the FBI payroll, and who has also recently published several tutorials
for the use of OpenBSD VMs in enterprise VMware vSphere deployments.
In response, Scott Lowe has denied any affiliation with the FBI [marc.info] or other government agency.
-molo
Re:But but but (Score:5, Informative)
Is Google really that hard to use?
http://www.computerworld.com/s/article/9141105/NSA_helped_with_Windows_7_development
"Working in partnership with Microsoft and elements of the Department of Defense, NSA leveraged our unique expertise and operational knowledge of system threats and vulnerabilities to enhance Microsoft's operating system security guide without constraining the user to perform their everyday tasks, whether those tasks are being performed in the public or private sector," Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security yesterday as part of a prepared statement.
Re:But but but (Score:5, Informative)
http://www.openbsd.org/reprints/article_20000419.html [openbsd.org]
"The recent incident of "backdoors" in Microsoft software is indicative of a fundamental problem that electronic commerce will need to address very soon," Jerry Harold, president & co-founder of NetSec [...] Even if Microsoft has stringent internal requirements for software assurance, it's very difficult to catch a backdoor that may be hidden by a single coder deep inside hundreds of thousands of lines of code," said Harold
"This is why NetSec builds its products on an operating system (OpenBSD) that has made security its number one goal," Harold told SOURCES. "The source for the operating system was re-built from the ground up for security and is publicly available. As a result, it is continuously subjected to rigorous security review by independent software engineers around the world. This has additional benefits because secure code often tends to be well designed, stable, and efficient."
(A) Scott Lowe denies the charge (Score:5, Informative)
I interviewed Scott Lowe this evening for ITworld and he denies the allegations. Asked why Perry made his charge, Lowe speculated that Perry may have meant another Scott Lowe [itworld.com].
BKP
Re:So Sycraft-fu (Score:5, Informative)
Not that this has ever happened before, mind you:
The Baltimore Sun, About December 4, 1995, pp. 9-11.
as found in Cryptome [cryptome.org]
Doctorate level math skills not needed ... (Score:5, Informative)
99.99% of code can be cleaned by talented enough audit freaks. Crypto code is in the other 0.01%. Proper cryptography development requires doctorate level mathematics skills.
Such math skills are needed to develop the algorithms but not to implement a provided algorithm or to verify the coded implementation.
Re:Many eyes make bugs / backdoors shallow (Score:5, Informative)
Re:Many eyes make bugs / backdoors shallow (Score:5, Informative)
It seems that link may have been /.ed. They are doing precisely as you say.
Here is a dump of the information, last I had it.
IRC: irc.freenode.net #openbsd
Twitter: OpenBSDGate [twitter.com]
The etherpad [piratenpad.de] (most detailed and up to date):
OPENBSD IPSEC STACK VERIFICATION
Original Email:
http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 [marc.info]
The code:
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_input.c [openbsd.org]
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ipsec_output.c [openbsd.org]
Misc:
What other software includes the OpenBSD IPSEC implementation?
Not Linux:
Triaging Linux; git clone git://git.kernel.org/pub/scm/linux/kernel/git/tglx/history.git
Initial commit 6c55c29fa, Oct 2002, Alexey Kuznetsov
Does not appear to be derived from the above? (checking strings from ipsec_input.c version 1.54.2.3, Oct 2002). Neither copyright information nor comment strings match. Linux's IPSec implementation looks original.
'git log -p --grep=IPSEC' on the above clone shows complete history for the period.
Communications:
IRC: irc.freenode.net #openbsd
Twitter: OpenBSDGate [twitter.com]
PublicPad (this document); http://piratenpad.de/condition-beige [piratenpad.de]
Press:
http://blogs.forbes.com/taylorbuley/2010/12/14/fbi-accusedipsec-of-decade-old-cryptography-code-conspiracy/ [forbes.com]
http://bsd.slashdot.org/story/10/12/15/004235/FBI-Alleged-To-Have-Backd [slashdot.org]
We have never allowed US citizens or foreign citizens working in the US
to hack on crypto code (Niels Provos used to make trips to Canada to
develop OpenSSH for this reason), so direct interference in the crypto
code is unlikely. It would also be fairly obvious - the crypto code
works as pretty basic block transform API, and there aren't many places
where one could smuggle key bytes out. We always used arcrandom() for
generating random numbers when we needed them, so deliberate biases of
key material, etc would be quite visible.
oored-OpenBSDs-IPSEC-Stack
http://www.reddit.com/r/programming/comments/elw0x/allegations_regarding_openbsd_ipsec_fbi_backdoors/ [reddit.com]
http://www.metafilter.com/98547/Subject-Allegations-regarding-OpenBSD-IPSEC [metafilter.com]
Docs:
http://web.archive.org/web/20000621015208/www.netsec.net/gsa.html [archive.org]
https://www.gsaadvantage.gov/ref_text/GS35F0040K/GS35F0040K_online.htm [gsaadvantage.gov]
http://web.archive.org/web/19980101000000-20040101235959*sh_re_sr_1nr_30/http://www.netsec.net/* [archive.org]
http://web.archive.org/web/20000816024729/www.netsec.net/ltr_doj.html [archive.org]
Source Contributors:
Jason: http://www.linkedin.com/in/jasonwright [linkedin.com]
Possibility #1: (eldragon)
http://www.openbsd.org/cgi-bin/cvs [openbsd.org]