Linked by Thom Holwerda on Tue 14th Dec 2010 23:55 UTC, submitted by Oliver
OpenBSD Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.
Thread beginning with comment 453742
To view parent comment, click here.
To read all comments associated with this story, please click here.
ichi
Member since:
2007-03-06

been working on an audit for the purpose of certification for the last two weeks now. It is proprietary software, and we will need to re-certify regularly.

On the flip side, I have never audited any open source project for security issues.

so yeah, it happens.


What does auditing for a certification have to do with being sued for a bug?

Reply Parent Score: 2

TheGZeus Member since:
2010-05-19

My guess is this is all copypasta.

Reply Parent Score: 2