lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Sun, 5 Aug 2007 19:31:06 -0400
From: "Michael Smythe" <michael.smythe.jr@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: Remote hole in OpenBSD 4.1

There's something about this that makes my blood boil. I'm not sure what it
is, but I don't think it's the post by this particular individual, but
rather the behaviour and actions of Theo de Raadt in the past.

First off, the contents of this email do not shock me. In fact, I would say
this would be the kind of hypocrisy I would expect from Theo. He is
arrogant, loud and generally outspoken about other peoples' behaviour, but
when it comes to how he behaves himself on mailing lists, in public or
otherwise he clearly holds a set of double standards. While he often calls
FreeBSD and Linux developers "sellouts" because they sign NDAs to create
drivers to support new hardware, he turns around and secretly does the same
thing with AMD, only in a worse fashion -- spreading FUD against AMD's main
competitor, Intel. What's next, AMD is going to pay him to rail against
nVidia too?

What I find most appalling about all of this is when I read Kuro5hin this
morning I saw this post come up:
http://www.kuro5hin.org/story/2007/8/2/15233/84896

And when I checked back later this afternoon, Theo had actually replied,
heatedly. A few things in his response also don't lend him any credibility.

First, he makes thinly veiled legal threats and outrageous demands that the
article be taken down and that an apology be made. I guess Theo's love and
belief in free speech (and flaming FreeBSD and Linux developers) is not
something other people are allowed to have -- you can't credit Theo (Caesar
can do no wrong, after all).

Second he admits that there is a relationship between him and AMD, and that
AMD has provided the project support in the past. In fact, he seems to try
to downplay it, and make it look like the support is token at best. I find
this very hard to believe, since OpenBSD has often been placed before other
BSDs in AMD's AMD64 ecosystem.

Finally, his general attitude throughout the email (and grammatical errors)
suggests that he recognizes he is doing something wrong, and is angry that
someone is calling him out on it.

If Theo truly felt that he was working legitimately and wasn't doing
anything sketchy behind the scenes in his dealings with AMD and other major
vendors, perhaps the fact that he's being scrutinized should be welcome, and
allow him to show the world how clean his conscience is. The fact that he
literally freaked out and went on a rampage suggests to me, however, that
his conscience is not clear and that he is afraid that somebody is on the
trail of his questionable doings.

Best regards,
Michael.

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ