HALEN666 Posted December 15, 2010 Share Posted December 15, 2010 The US Federal Bureau of Investigation implemented a number of backdoors in the open cryptographic framework used in OpenBSD, according to a former developer of the operating system. Gregory Perry wrote to OpenBSD project chief Theo de Raadt a few days back, explaining that he was revealing this information now because he could - his non-disclosure agreement with the FBI had expired. http://www.itwire.com/opinion-and-analysis/open-sauce/43933-developer-claims-fbi-implemented-backdoors-in-openbsd This is just another prove that even open source can have backdoors. Took almost 9 years to find out about this hahaha. Guess we can't complain about Windows too much now. Pretty ssure there has to be something going on in those millions of lines of code in Linux. This is sad cause we can't feel secure. I dont have the knowledge to analyze millions and millions of lines of code in an open source project such has BSD or Linux. Guess my dependency on other people to keep open source projects to make sure it is backdoor free is just the same dependency I have in Close Source Projects. Quote Link to comment Share on other sites More sharing options...
HALEN666 Posted December 15, 2010 Author Share Posted December 15, 2010 I don't think Linus or anybody in charge of the decisions for Linux has or has had the nuts to say no to the FBI or CIA. I wouldn't blame the though because I gues they would not any other choice. However, that stings because they give us a false sense of security and freedom. Quote Link to comment Share on other sites More sharing options...
digip Posted December 15, 2010 Share Posted December 15, 2010 (edited) Few things. Already a thread here: http://www.hak5.org/forums/index.php?showtopic=18513 Also, OpenBSD != Linux. OpenBSD has nothing to do with Linus Torvalds, although, I don't doubt someone, somewhere, has put something into a module or two of linux, but that would probably be caught fairly quickly these days. ie: the ProFTPD incident last week. Thing is, at least with open source stuff you can go through line by line and check the source code before compiling. In things like Windows and OSX, no chance of checking the source before hand. You have to live with and trust whats there until someone either reverse engineers it(such as the skype encryption making the rounds) or someone just guesses, like the HP hard coded back door, or the 3 Cisco shadow accounts in its voip product. They still haven't confirmed the OpenBSD back door, but I don't doubt its possibility given our governments abuse of power. Any government for that matter. Edited December 15, 2010 by digip Quote Link to comment Share on other sites More sharing options...
HALEN666 Posted December 16, 2010 Author Share Posted December 16, 2010 When was the last time you checked "line by line" in the linux kernel or any open source software added in the Linux distribution you use?. I trust open source not because I have the knowledge and skills to debug and check every single line of code of the software I use, but because people with that knowledge says they do. However, it is kind of difficult to do that now because they forget about it when they are given money. At the end they are just humans who make mistakes and are weak to certain things in life. I know BSD != Linux, but they are both open source that the point. Took almost 10 years to "find" the backdoor (which by the way, it does not guarantee it will be easy to find it after 10 yeras and all the modification that has been done to OpenBSD). Quote Link to comment Share on other sites More sharing options...
justapeon Posted December 16, 2010 Share Posted December 16, 2010 A lot of linux utilities are bsd based. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.