lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Dec 2010 13:46:48 +0000 (GMT) From: Blank Reg <blankreg@...khotmail.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: OpenBSD Smoking Gun > Musntlive has warned you all about > OpenB(ackdoored)S(oftwared)D(istrobution) for is some time and is all At risk of feeding the troll, this whole business has a positive side that no-one seems to have mentioned: 1> The seeding of "evil" developers into large software projects by The Man(tm) has now shifted from conspiracy theory to conspiracy in many peoples minds. 2> OpenBSD is the only project *we currently know of* that has been infiltrated. It seems highly likely that other projects/OS's will have been similarly treated. 3> As a result of being Open Source, the damage to OpenBSD's IPSec stack was pretty pathetic, and is now subject to scrutiny. In the end this will lead to the OpenBSD IPSec being the *only* trustworthy implementation. 4> A big questionmark now hangs over the security of closed-source crypto implementations. Seriously, can anyone really trust Windows IPSec after this incident? Do you trust your Apple AES-128 encrypted dmg files? Reg _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists