1. Computers
  2. Display Drivers
  3. Graphics Cards
  4. Memory
  5. Motherboards
  6. Processors
  7. Software
  8. Storage
  9. Operating Systems


Facebook RSS Twitter Twitter Google Plus


Phoronix Test Suite

OpenBenchmarking.org

The FBI Paid OpenBSD Developers For Backdoors?

BSD

Published on 14 December 2010 07:55 PM EST
Written by Michael Larabel in BSD
113 Comments

Government organizations, whether they be from the United States, the European Union, or anywhere else for that matter, contributing to open-source projects is not new. Heck, Security Enhanced Linux (SELinux) in the mainline kernel can largely be attributed to the United State's National Security Agency (NSA). More organizations contributing to open-source isn't bad -- government or not -- when it's mutually beneficial work with good intentions. However, there are new allegations being made today about OpenBSD's networking stack, in particular it's IPsec code. The FBI allegedly paid OpenBSD developers to insert back-doors into the code-base.

OpenBSD's Theo de Raadt brought to light via an email from Gregory Perry, the former CTO of NETSEC, that the FBI paid several open-source developers to compromise the IPSEC stack. "the FBI implemented a number of backdoors and side channel key leaking mechanisms into the OCF, for the express purpose of monitoring the site to site VPN encryption system implemented by EOUSA, the parent organization to the FBI. Jason Wright and several other developers were responsible for those backdoors, and you would be well advised to review any and all code commits by Wright as well as the other developers he worked with originating from NETSEC."

This code has been in OpenBSD for a decade now, but Gregory Perry's Non-Disclosure Agreement with the FBI has finally expired, which is now allowing him to speak on the matter. Gregory also goes on with further details, "This is also probably the reason why you lost your DARPA funding, they more than likely caught wind of the fact that those backdoors were present and didn't want to create any derivative products based upon the same...This is also why several inside FBI folks have been recently advocating the use of OpenBSD for VPN and firewalling implementations in virtualized environments, for example Scott Lowe is a well respected author in virtualization circles who also happens top be on the FBI payroll, and who has also recently published several tutorials for the use of OpenBSD VMs in enterprise VMware vSphere deployments."

The email can be read here. This story is still developing.

About The Author
Michael Larabel is the principal author of Phoronix.com and founded the web-site in 2004 with a focus on enriching the Linux hardware experience and being the largest web-site devoted to Linux hardware reviews, particularly for products relevant to Linux gamers and enthusiasts but also commonly reviewing servers/workstations and embedded Linux devices. Michael has written more than 10,000 articles covering the state of Linux hardware support, Linux performance, graphics hardware drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated testing software. He can be followed via and or contacted via .
Latest Linux Hardware Reviews
  1. Trying The Configurable 45 Watt TDP With AMD's A10-7800 / A6-7400K
  2. Sumo's Omni Gets Reloaded
  3. AMD A10-7800 & A6-7400K APUs Run Great On Linux
  4. Radeon Gallium3D Is Running Increasingly Well Against AMD's Catalyst Driver
Latest Linux Articles
  1. CPUFreq Scaling Tests With AMD's Kaveri On Linux 3.16
  2. Enabling HyperZ Is Still An Easy Way For Faster RadeonSI Performance
  3. AMD Kaveri: Catalyst vs. RadeonSI Gallium3D On Linux
  4. Linux OpenCL Performance With The Newest AMD & NVIDIA Drivers
Latest Linux News
  1. Systemd 216 Piles On More Features, Aims For New User-Space VT
  2. Mesa 10.2.6 Has Plenty Of OpenGL Driver Bug Fixes
  3. Wasteland 2 Gets An Official Release Date
  4. Dead Island For Linux Appears Imminent
  5. LXQt 0.8 Is Being Released Soon
  6. Linux 3.17 Lands Memfd, A KDBUS Prerequisite
  7. Humble Jumbo Bundle 2 Shafts Linux Gamers
  8. Ubuntu 14.10's Feature Freeze Is This Wednesday
  9. New VM Software Claims To Be 4.5x Faster Than QEMU
  10. Kpatch Gets Exposure This Week, kGraft Misses Out
Latest Forum Discussions
  1. Dead Island for Linux (?)
  2. Updated and Optimized Ubuntu Free Graphics Drivers
  3. AMD Offers Mantle For OpenGL-Next, Pushes Mantle To Workstations
  4. The dangers of Linux kernel development
  5. Next-Gen OpenGL To Be Announced Next Month
  6. OpenGL 4.5 Released With New Features
  7. Updated graphics drivers for Ubuntu 12.04 Precise LTS
  8. Builder: A New Development IDE Being Built For GNOME