BSD Coder Denies Adding FBI Backdoor

← Back to Stories (view on slashdot.org)

BSD Coder Denies Adding FBI Backdoor

Posted by CmdrTaco on Wednesday December 15, 2010 @04:00AM from the not-gonna-quote-the-doors dept.

jfruhlinger writes "Theo de Raadt has made the shocking claim that OpenBSD includes a backdoor that the FBI paid coders to build. Brian Proffitt has tracked down one of the programmers named as being on the FBI payroll (actually, he tracked down two programmers with the same name). Both deny working with the FBI."

4 of 239 comments (clear)

Min score:

Reason:

Sort:

The whole story seemed a bit off by Fibe-Piper · 2010-12-15 04:05 · Score: 4, Interesting

I mean the idea that this person would still be alive when "the NDA expired..." was odd.
Why would the FBI make any NDA on something as shameful as this that would expire during one's lifetime?

--
I went to battle M.C. Escher, but drew a blank.
Bump by AdmV0rl0n · 2010-12-15 04:41 · Score: 5, Interesting

The raw and cold truth is that contributors to all the open OSs can't really be vetted. Not in a meaningful way. And the number of people who are deep low level 'hackers' capable of writing the code is relatively small. The numbers able to code audit to a level of examination are even fewer. So yes, the code is open, the code is visible, the code can and could be audited. But here is the thing, being auditable is not the same as being audited. And personally, I would not be shocked if a full audit was run if something might be found.
That being said, this is one step better than closed source, where some of the above is not possible or viable, and in cases where money crosses palms, may in fact be unwanted.
Further to this though, I personally don't expect government to simply roll over and die. I expect them to take steps to try and stay one step ahead of bad things, and the relaxing of technology limits has benefitted people across the world, even if I were to make a case that the cost is that at the point of a pyramid - the goves can hunt down the world culprits and suspects. In some cases - releasing the tech in fact has your enemy using that tech after some time and you get to tap into it.
At least its an interesting story :)

--
We`re all equal .. Just some of us are less equal than others.
1. Re:Bump by snowgirl · 2010-12-15 05:20 · Score: 3, Interesting
  
  So yes, the code is open, the code is visible, the code can and could be audited. But here is the thing, being auditable is not the same as being audited.
  Except this is OpenBSD we're talking about, where code audits happen frequently and often.
  
  And personally, I would not be shocked if a full audit was run if something might be found.
  A full audit would be run repeatedly over the course of this coming year even if this accusation had not come out. After all, we are talking about OpenBSD.
  
  --
  WARNING! This girl exceeds the MAXIMUM SAFE standards established by the FDA for BRATTINESS
Re:No BBlobs? by Lumpy · 2010-12-15 05:04 · Score: 5, Interesting

You dont realize how it is possible to hide evil code in front of someone's face..
http://underhanded.xcott.com/
go there and read, look at the winning and runner up entries... If you are a competent coder you can hide things right in front of someone and they will not spot it. It's scary as hell what some of these guys can do.

--
Do not look at laser with remaining good eye.