

OpenBSD IPSec backdoor allegations: triple $100 bounty - pingswept
http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html

======
tptacek
Nobody who is readily capable of finding such a flaw --- which probably
doesn't exist, but let's stipulate that it does --- would bid as little as
$300 an hour for this work.

------
there
the idea of finding an fbi-sponsored, 10-year old backdoor in a notoriously
secure operating system installed in many government and corporate networks
around the world sounded pretty boring to me, but now that there's a whole
hundred dollars on the line, i'll _surely_ be working day and night to find
it!

------
icey
From the comments, it looks like it's up to around $3900 now.

~~~
tptacek
At this rate, you might get a reasonable audit after 25 continuous days of
contributions.

~~~
poet
Reasonable audits of this type and scope typically take about a work week to
complete?

~~~
tptacek
I was thinking more like 3 weeks.

~~~
poet
Thanks :)

------
rmc
If you knew of a flaw like this, you could probably get more than $300 for it.

------
wildmXranat
It's time to break out my 7 monitor, swordfish hacking code and roll up my
sleeves. I've got mouths to feed.

~~~
getsat
I realise that you are joking, but if you have seven monitors and can't feed
your family your priorities need readjusting. :)

