Linked by Thom Holwerda on Tue 14th Dec 2010 23:55 UTC, submitted by Oliver
OpenBSD Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.
Thread beginning with comment 453605
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:

It is easy to prove that gcc does not have the Thompson hack. (Technically, the proof shows either that gcc doesn't have the hack or else all C compilers have the identical hack).

Actually, the proof is not nearly that strong. Rather than requiring all C compilers to have it, only the set of C compilers on which this test were tried and passed must have it. Now, if a new C compiler, with a clean room design and test were written and the test passed, this would dramatically increase the confidence (it would be imperfect, since there may be some structural indication that this is a C compiler that an infected "booting" compiler would detect and propagate the hack). Also, libraries, assemblers, parser generators, etc., must also be checked.

Given sufficient resources it could be increasingly difficult to detect; however, the US Federal Government (FBI, CIA, NSA) would be one of the very few -- if not only -- entity with the resources to do it; further, the cost of doing so would be far higher than that needed to detect it.

Edited 2010-12-15 01:26 UTC

Reply Parent Score: 2

Delgarde Member since:

Also, libraries, assemblers, parser generators, etc., must also be checked.

Don't forget the kernel. Compiler binaries could be clean on disk, but compromised when loaded into memory. The kernel binary is clean too, but that was compromised by the boot loaded, which was in turn compromised by the BIOS. And that came about because the software controlling the manufacturing plant was compromised to embed the hack into every chip that came out.

Just how paranoid do you want to be? Because taking precautions is good, but it's the first step on the road to madness.

Reply Parent Score: 5

TheGZeus Member since:

I take my paranoia as far as considering moving as much as I can to UltraSparc machines.
The giant V880 (LOADED V880! BOW TO MY NERDNESS) sucks too much power to use regularly, sadly. Crazy fast if you're doing parallel and/or memory-intensive stuff.(shocking if you look at the bus and individual proc speeds)
Why? OpenBoot is allegedly fully open source and can be, at least theoretically, replaced with OpenFirmware; though much would need to be ported back, or irrelevant.
It's all interpreted code, and the bytecode can be decompiled on a different machine than the one that created it for auditing after compilation.
You basically get the same code with no comments. Little changes when compiling to bytecode, since you're working with the VM pretty directly with a Forth implementation.
You need to know your ASM and Forth but that's why I've got all these books laying about/in the mail.

I'm not stopping there, but it's not for security reasons.
I'll probably have enough done in a year and a half to write an article, but yeah... not doing this alone, btw. A smart leader finds smarter people to whom they can delegate.

Reply Parent Score: 3