[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] OpenBSD Smoking Gun

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] OpenBSD Smoking Gun
From: Blank Reg <blankreg@xxxxxxxxxxxxxxx>
Date: Thu, 23 Dec 2010 13:46:48 +0000 (GMT)

> Musntlive has warned you all about
> OpenB(ackdoored)S(oftwared)D(istrobution) for is some time and is all

At risk of feeding the troll, this whole business has a positive side 
that no-one seems to have mentioned:

1> The seeding of "evil" developers into large software projects by The 
Man(tm) has now shifted from conspiracy theory to conspiracy in many 
peoples minds.

2> OpenBSD is the only project *we currently know of* that has been 
infiltrated. It seems highly likely that other projects/OS's will have 
been similarly treated.

3> As a result of being Open Source, the damage to OpenBSD's IPSec 
stack was pretty pathetic, and is now subject to scrutiny. In the end 
this will lead to the OpenBSD IPSec being the *only* trustworthy 
implementation.

4> A big questionmark now hangs over the security of closed-source crypto 
implementations. Seriously, can anyone really trust Windows IPSec after 
this incident? Do you trust your Apple AES-128 encrypted dmg 
files?

Reg

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] OpenBSD Smoking Gun
  - From: Jeffrey Walton
- Re: [Full-disclosure] OpenBSD Smoking Gun
  - From: Georgi Guninski

References:
- [Full-disclosure] OpenBSD Smoking Gun
  - From: Григорий Братислава

Prev by Date: [Full-disclosure] www.eVuln.com : "search" - Non-persistent XSS in Social Share
Next by Date: Re: [Full-disclosure] OpenBSD Smoking Gun
Previous by thread: [Full-disclosure] OpenBSD Smoking Gun
Next by thread: Re: [Full-disclosure] OpenBSD Smoking Gun
Index(es):
- Date
- Thread