Linked by Thom Holwerda on Tue 14th Dec 2010 23:55 UTC, submitted by Oliver
OpenBSD Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.
Permalink for comment 453649
To read all comments associated with this story, please click here.
Member since:

isn't open code supposed to prevent this kind of stuff?

The good thing: Even if it is vulnerable now, everybody who is competent has the freedom to review and patch the code, or to pay someone competent she/he trusts enough.

With closed sources, you neither ever know whether there are backdoors (except with reverse engineering, which is a criminal act in some jurisdictions; gladly not in germany), nor are you able to patch it (except for cracking, not legal everywhere, too).

Edited 2010-12-15 08:48 UTC

Reply Parent Score: 1