Announcement

Collapse
No announcement yet.

The FBI Paid OpenBSD Developers For Backdoors?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by deanjo View Post
    Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
    Really? Have you shown that closed source software is more secure / has zero backdoors?

    One backdoor which went unnoticed only shows that more eyes do not lead to perfect code without any backdoors. It doesn't show that open code has as many backdoors as closed code.

    Comment


    • #42
      Originally posted by pingufunkybeat View Post
      Really? Have you shown that closed source software is more secure / has zero backdoors?

      One backdoor which went unnoticed only shows that more eyes do not lead to perfect code without any backdoors. It doesn't show that open code has as many backdoors as closed code.
      Your missing the point. Far to many people have his illusion that opensource code because it is freely viewable means it is secure. What is really disturbing is that open has this backdoor and freebsd doesn't and a simple diff would have shown the code.

      Comment


      • #43
        Just for the record, nobody has even shown that there is a backdoor in the OpenBSD code today, even if there was one successfully planted 10 years ago.

        Comment


        • #44
          I wonder how much of this happens in closed-source development...

          Comment


          • #45
            Originally posted by deanjo View Post
            Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
            That is not a myth per se.
            Actually it is true.
            If more (knowledgeable) people look at your code it will turn out more secure, at least if not all of them have bad intentions.

            Now the only problem is to get more eyes.

            Comment


            • #46
              Originally posted by deanjo View Post
              Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
              Ahh so if something open source has been compromised then it somehow PROVES that it's not more secure than closed source? How
              did you reach that generalised conclusion (apart from either being stupid or just trolling) ?

              With open source you CAN audit, with closed source you CAN'T audit and thus you are totally at the mercy of your provider when it comes to security.

              Comment


              • #47
                Originally posted by yogi_berra View Post
                No, no, it's sex by surprise.
                Hmm they could also plant child porn on his comp using another persons backdoor code
                Those who would give up Essential Liberty to purchase a little Temporary Safety,deserve neither Liberty nor Safety.
                Ben Franklin 1755

                Comment


                • #48
                  Originally posted by deanjo View Post
                  Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
                  The funny part is that no-one has actually demonstrated any proof of an actual back door. There's just an email saying 'someone paid someone to put a back door in the code', and suddenly everyone is running around shouting 'OH MY GOD! BSD SUCKS! OPEN SOURCE SUCKS!'

                  And there's precisely zero actual evidence so far of an real, actual back door in the code.

                  Wake me up when there's something more than a random email from a random person making random claims.

                  OH MY GOD! I FORGOT! I worked on a contract for Microsoft a decade ago and somoene told me that their brother's aunt's first cousin's boyfriend was paid by Richard Nixon to put a backdoor in Windows!

                  Would anyone take that at all seriously even though Microsoft source is closed and no-one outside the company can even check to see whether such a back door exists? Yet people are ranting about the horrible security of an operating system where anyone who cares can trivially check the real, actual source code.

                  Comment


                  • #49
                    One can only hope the following is true.

                    "OpenBSD/FBI allegations denied by named participants"
                    http://www.itworld.com/open-source/1...ed-participant

                    Comment


                    • #50
                      Originally posted by BlackStar View Post
                      The main issue is that the open-source model is based on trust (or the illusion of trust).
                      Open-source is based on "public eyes" model.
                      Closed source is based on trust(how that chip "secure" was called again?).
                      Trust is a weakness.

                      Still, the situation is not so bad as in Syndicate Wars...

                      I guess *BSD has once more confirmed they are useless.

                      Comment

                      Working...
                      X