Linked by Thom Holwerda on Tue 14th Dec 2010 23:55 UTC, submitted by Oliver
OpenBSD Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.
Thread beginning with comment 453617
To view parent comment, click here.
To read all comments associated with this story, please click here.
TheGZeus
Member since:
2010-05-19

I take my paranoia as far as considering moving as much as I can to UltraSparc machines.
The giant V880 (LOADED V880! BOW TO MY NERDNESS) sucks too much power to use regularly, sadly. Crazy fast if you're doing parallel and/or memory-intensive stuff.(shocking if you look at the bus and individual proc speeds)
Why? OpenBoot is allegedly fully open source and can be, at least theoretically, replaced with OpenFirmware; though much would need to be ported back, or irrelevant.
It's all interpreted code, and the bytecode can be decompiled on a different machine than the one that created it for auditing after compilation.
You basically get the same code with no comments. Little changes when compiling to bytecode, since you're working with the VM pretty directly with a Forth implementation.
You need to know your ASM and Forth but that's why I've got all these books laying about/in the mail.

I'm not stopping there, but it's not for security reasons.
I'll probably have enough done in a year and a half to write an article, but yeah... not doing this alone, btw. A smart leader finds smarter people to whom they can delegate.

Reply Parent Score: 3

Delgarde Member since:
2008-08-19

Why? OpenBoot is allegedly fully open source and can be, at least theoretically, replaced with OpenFirmware; though much would need to be ported back, or irrelevant.


Ah, but do you trust the hardware OpenBoot / OpenFirmware is running on? Or could it be subverting things right down at the hardware level? ;)

Reply Parent Score: 2

TheGZeus Member since:
2010-05-19

That's open, too. Well, the next generation is, and you can verify the behaviour of chips.

Reply Parent Score: 2