Language Selection

English French German Italian Portuguese Spanish

OpenBSD backdoor claims: bugs found during code audit

Filed under

The OpenBSD project has found two bugs during an audit of the cryptographic code in which, it has been alleged, the FBI, through former developers, was able to plant backdoors.

OpenBSD project head Theo de Raadt told iTWire: "We've been auditing since the mail came in! We have already found two bugs in our cryptographic code. We are assessing the impact. We are also assessing the 'archeological' aspects of this.."

The mail he was referring to was sent to him on December 11 by Gregory Perry, a former developer with the project, and claimed that the US Federal Bureau of Investigation had, through some other ex-developers, implemented a number of backdoors in the open cryptographic framework used in OpenBSD.

De Raadt decided to go public with the mail, posting it to the openbsd-tech mailing list, along with his own comments.

rest here

More in Tux Machines

openSUSE Leap 42.1 + Cinnamon, XFCE, or Budgie = GeckoLinux

GeckoLinux is based on openSUSE Leap 42.1, and it exists to make the openSUSE distribution more refined and approachable. It has recently released live installable DVD editions featuring the Cinnamon, XFCE, and Budgie desktop environments. These include many refinements and features not available in the standard openSUSE Leap installation images.

Read more

GOL, Phoronix on Graphics

Supporting Software Freedom Conservancy

There are a number of important organizations in the Open Source and Free Software world that do tremendously valuable work. This includes groups such as the Linux Foundation, Free Software Foundation, Electronic Frontier Foundation, Apache Software Foundation, and others. Read more

Leftovers: OSS

  • Video: PBS Pro Workload Manager Goes Open Source
  • Turris Omnia: high-security, high-performance, open-source router
    An Indigogo campaign was recently launched for the Turis Omnia, promising backers a high-security, high-performance, open-source router. “With powerful hardware, Turris Omnia can handle gigabit traffic and still be able to do much more,” the company said. “You can use it as a home server, NAS, printserver, and it even has a virtual server built-in.”
  • IBM SystemML Machine Learning Technology Goes Open-Source
  • PuppetLabs Introduces Application Orchestration
    Everybody loves Puppet! Or at the very least, an awful lot of people USE Puppet and in the IT world, “love” is often best expressed by the opening of one’s wallet. I know, in the FOSS world wallets are unnecessary, and Puppet does indeed have an Open Source version. However, once one gets to enterprise-level computing, a tool designed for enterprise scale is preferable and usually there is a cost associated. Puppet was originally started as an open source project by Luke Kanies in 2005, essentially out of frustration with the other configuration management products available at the time. Their first commercial product was released in 2011, and today it is the most widely used configuration management tool in the world with about 30,000 companies running it. According to our own surveys, better than 60% of Linux Journal readers use some form of Puppet already and you must like it too as it regularly finishes at or near the top in Readers’ Choice awards.