Linked by Thom Holwerda on Wed 15th Dec 2010 23:34 UTC, submitted by Oliver
OpenBSD Yesterday, we reported on the allegations made by Gregory Perry. He claims that 10 years ago, several developers were paid by the FBI to implement hidden backdoors into OpenBSD's IPSEC stack. This has prompted a lot of speculation about the allegations' validity, and less than 24 hours later, it has descended into one person's word against that of others. Update: Jason Wright, too, denies all the allegations. "I will state clearly that I did not add backdoors to the OpenBSD operating system or the OpenBSD crypto framework (OCF). [...] It is a baseless accusation the reason for which I cannot understand."
Permalink for comment 453782
To read all comments associated with this story, please click here.
I am very skeptical...
by kop316 on Thu 16th Dec 2010 05:08 UTC
kop316
Member since:
2006-07-01

In the original e-mail, Mr. Parry said:

"My NDA with the FBI has recently expired"

The fact that he calls it an NDA tells me that he does not even know that the FBI grants you a security clearance. A security clearance from a government agency is much different then an NDA from a private company.

In the government, your security clearance expiring means that you no longer have access to classified information, but it does not mean you can now tell classified information. Doing so will get you in a lot of legal trouble; whether your "NDA" is valid or not.

Now lets say that he did have a security clearance, and merely just told De Raadt it was an NDA to avoid confusion.

Information like this would certainly be classified. If his story does check out, he will get into a LOT legal trouble with the US government for leaking classified information.

Considering that his has not been a quiet incident and I have yet to see a response from the US government; I very much doubt the validity of this story.

Reply Score: 4