

An FBI backdoor in OpenBSD? Further response from Gregory Perry - lwhi
http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd

======
maukdaddy
This guy is nuts. Anything approaching the level of backdoors is covered by
layers of clearances, compartmentalization, and is almost always performed by
government employees, not contractors. There is 0% chance something that
important is covered by a stupid NDA. Especially not with the FBI.

~~~
sammcd
I agree it probably isn't true. But I've seen this argument quite a few times
about how there is not a chance something this important is covered by an NDA.

People make mistakes. I think this argument has nothing to do with the
relevance of his claims. It could be covered by an NDA. Maybe he doesn't
understand that it is covered by more. Either way. I just don't see this as an
important point.

~~~
maukdaddy
It _is_ an important point - especially if you've ever worked in the
government contracting industry.

~~~
gcb
Care to elaborate? I never did...

~~~
firemanx
Intelligence operations, such as this, don't use NDAs when performing contract
work (at least not in any project I've ever seen). There's no reason for NDAs
- they have a robust, developed clearance infrastructure that assures a much
stronger legal commitment than any flimsy NDA can ever offer. As such, work
like this is ALWAYS covered under classified rules.

Second, when you go through the clearance process, the consequences and nature
of the legal ramifications are burned into you by the documentation and people
you have to deal with.

Hence the suspicion that the original claim is bogus. Either that, or the guy
who made the claim will most likely be brought up on some very serious
charges.

------
iskander
>>The person I reported to at EOSUA was Zal Azmi, who was later appointed to
Chief Information Officer of the FBI by George W. Bush, and who was chosen to
lead portions of the EOUSA VPN project based upon his previous experience with
the Marines (prior to that, Zal was a mujadeen for Usama bin Laden in their
fight against the Soviets...

That's just odd.

------
mrbill
His response reads like "How many important-sounding names and terms can I
drop in this email?" Frothing-at-the-mouth levels of Proper Captialization and
Acronym Usage.

------
graphene
I find it suspicious that he mentions the use of scanning tunneling microscopy
for analysis of circuit topologies. STM, as far as I know, is useful at the
atomic level and would be complete overkill for analyzing ICs today, let alone
ten years ago.

I'm not sure what to think, simple slip of the tongue or a sign he's making it
all up as he goes along?

~~~
reemrevnivek
Scanning electron microscopy is necessary for analyzing wafers (we have one in
the clean room at our university), but I'm not sure that the tunneling
features are necessary. From what I understand, you can usually see deep
enough with the SEM to see the bottom of the wafer. He does mention the use of
SEM and STM as separate topics, though, so I'm not sure that it was a slip of
the tongue.

Take a look at this very accessible article on Sparkfun.com for some more
information on analysis of circuit topologies. They're analyzing 4-year-old
circuits.

<http://www.sparkfun.com/news/384>

~~~
graphene
Yes, SEM is usefeul for analyzing circuits, but STM
(<http://en.wikipedia.org/wiki/Scanning_tunneling_microscope>) is a completely
different technique, which works at a scale about two orders of magnitude
smaller.

In a nutshell, SEM scans the sample with an electron beam and senses the
reflected electrons to produce an image, while in STM, a metal probe is
scanned across the surface at a very close distance, and variations in the
tunneling current between the probe and the sample produce a topological map
of the sample (because tunneling current depends strongly on distance).

I don't see how you could use the same machine for both techniques, nor why
you would need an STM in a semiconductor fab.

