Linked by Thom Holwerda on Tue 14th Dec 2010 23:55 UTC, submitted by Oliver
OpenBSD Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.
Thread beginning with comment 453627
To view parent comment, click here.
To read all comments associated with this story, please click here.
TheGZeus
Member since:
2010-05-19

Well, it actually seems to hold true.
This isn't a bug, it's a _well-designed door_, not just your average hole that results from a bug.
It was probably carefully correct code, but what said code was doing was... evil.

Even then, generally when a closed project is opened, a _huge_ number of bugs are discovered and fixed.

Even through it will never be none, less is still less.

There are more security bugs reported for Linux than Windows/OS X, but they're generally minor, and are generally fixed more quickly.

Reply Parent Score: 3

google_ninja Member since:
2006-02-05

a bug is when someone makes a mistake in code. a "well-designed door" is a full feature. If you can't catch the get_pwnd_by_fbi() function, then you sure as hell aren't going to catch a bug.

Reply Parent Score: 1

Valhalla Member since:
2006-01-24

a bug is when someone makes a mistake in code. a "well-designed door" is a full feature. If you can't catch the get_pwnd_by_fbi() function, then you sure as hell aren't going to catch a bug.


A bug is not purposely hidden, a backdoor is. But you are obviously just trolling what with the 'get_pwnd_by_fbi()'.

Reply Parent Score: 2

TheGZeus Member since:
2010-05-19

Nope. phail.

Any logic I throw at you will be pointless if you can't understand this.

Reply Parent Score: 2

lucas_maximus Member since:
2009-08-18

Well, it actually seems to hold true.
This isn't a bug, it's a _well-designed door_, not just your average hole that results from a bug.
It was probably carefully correct code, but what said code was doing was... evil.


A software defect (bug) is surely any behaviour the software does that is not in the specification. So a backdoor is a bug.

Edited 2010-12-17 13:32 UTC

Reply Parent Score: 1

TheGZeus Member since:
2010-05-19

Inventing definitions doesn't help your case.

Reply Parent Score: 2