Linked by Thom Holwerda on Tue 14th Dec 2010 23:55 UTC, submitted by Oliver
OpenBSD Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.
Permalink for comment 453593
To read all comments associated with this story, please click here.
Member since:

Agreed. I first heard of the compiler-as-a-spyware trick about 6 years ago. Ultimately, even if your code is clean, the compiler you're using to compile that code might not be. This is the TRUE threat.

And while I do love me conspiracy theories, if I was FBI/NSA/CIA, I'd do just that too. It just makes sense from an insecure agency point of view...

Edited 2010-12-15 00:50 UTC

Reply Parent Score: 4