Hacker News new | comments | show | ask | jobs | submit login
Allegations of FBI crypto backdoors in OpenBSD IPSEC (marc.info)
395 points by tptacek 2117 days ago | hide | past | web | 139 comments | favorite

It looks like someone has figured out a way to get an absolutely free hostile code audit of their IPSEC implementation. Hundreds of the smartest people in the field will be looking at the code with a critical eye; a process that would cost millions if they were paid for their time, and all for the chance to put their name on the discovery of the backdoor.

Yay for Open Source!

Crypto implementations have a history of vulnerabilities. Who's to say that anything that anyone finds is proof one way or the other. It's not like you're going to see:

  /* FBI side-channel */
in the source

It's more likely to be something along the lines of skipping a crucial step in adding entropy or subtly botching the rekey cycle so that it leaks session information. If anything like that exists. This may all be a subtle troll of Theo De Raadt, or of the internet at large.

The mail Theo forwards has a vague description of what has been done (not that I understand it, mind you):

"My NDA with the FBI has recently expired, and I wanted to make you aware of the fact that the FBI implemented a number of backdoors and side channel key leaking mechanisms into the OCF, for the express purpose of monitoring the site to site VPN encryption system implemented by EOUSA, the parent organization to the FBI."

Proof? No.

Being able to find a particular commit, made by the people previously accused during the correct time-period, and showing how what they did was subtlety broken? Sure, that's very possible. Proof of mal-intent is hardly necessary.

"... I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, ... The mail came in privately from a person I have not talked to for nearly 10 years. I refuse to become part of such a conspiracy ..."

If like some you believe there are cyber skirmishes going on, it's also possible PSYOPS are in operation ~ http://en.wikipedia.org/wiki/Psychological_warfare OBSD could be viewed as a hardened OS and therefore a problem. I can't think of a better way to counter Puffys reputation, than with unsubstantiated and difficult to verify information.

It could also be a test to see how the community would react if such a thing was attempted or became public.

I kind of doubt this. Too much planning would be involved to:

  * pay people to add backdoors
  * tell DARPA
  * start a marketing arm to convince people to use it
Conspiracy stories very rarely turn out to be true; it's too hard to coordinate all of these efforts.

If it is true, though, it will be interesting to see how much code Cisco jacked from OpenBSD. (It's allowed by the license, but is probably a hard sell when you tell your Fortune 100 clients that they are just running OpenBSD but at 10000x the cost.)

Incidentally, I use OpenBSD for my VPN. But OpenVPN, not IPsec, as I could never figure it out :)

"Conspiracy stories very rarely turn out to be true;"

That's because when they are found out to be true, nobody calls them "Conspiracy stories" any more. We call them "scandals". (ref: "Watergate Scandal"). Note that the perpetrators were indited for conspiracy.

"it's too hard to coordinate all of these efforts."

You're doing it wrong.

Every week you should be allowed to upvote something twice. Conspiracy is pervasive in life. As far as I can tell (and I provide no evidence to back this up), "conspiracy theories" are often correct but lacking the direct evidence to do anything about. Those who discount something as a "conspiracy theory" are usually (a) naive, (b) like being "right", (c) personally benefiting from the situation, or (d) going to find a way to benefit from it.

pay people to add backdoors

This is hard if you have the money? Done.

tell DARPA

When the FBI spooks go to the military contrator parties, who else do you think is there? If you know that something is tainted, you tell people who might return the favor.

start a marketing arm to convince people to use it

Why? It's free crypto. Done.

EDIT: A proper response to this kind of situation: http://news.ycombinator.com/item?id=2006694

"Conspiracy is pervasive in life."

I think a definition of terms would be useful. Cooperation is necessary for much of what one does. At what point does cooperation become conspiracy?

When its criminal.

Some conspiracy theories turn out to be true, but the problem is that people abuse this framework to support all kind of weird accusations. It's very convenient, because it frees them from the burden of supporting their claims with evidence.

"It's a conspiracy, of course there is no evidence!"

I think its far more common to say "conspiracy theory" as a way to discredit an idea. Take 9/11 for example. Pah! Conspiracy theory. Yet the evidence is that the evidence presented by the government is total bullshit. Which is evidence of conspiracy. What, exactly, happened I expect we will never know. But the evidence is that something happened beyond planes flying into buildings.

"it's too hard to coordinate all of these efforts."

3 MILLION people have access to the docs Bradley Manning leaked. ONE leaked it. I think you're overstating the difficulty of coordinating activities.

The documents Manning leaked weren't really conspiracies. Nothing that I've seen so far is illegal, and most of it isn't even interesting.

3 million people didn't leak it because there was no compelling reason to leak them.

That's really an excellent point. Wikileaks is scandalous because it was leaked, not because of the content. There are a handful of embarrassing things in there, but that's it.

The best analogy I could come up with is if someone leaked all the private Facebook messages from all the students at a high school. Sure, feelings would be hurt, but at the end of the day it's really no big deal.

There was shocking information in the leaks -- that the government deliberately classified information that would simply make for bad PR and not to save lives or anything else.

To argue otherwise is anti-democratic.

Not really. I was not shocked. Were you shocked? If so, have you gotten all the sand out of your ears yet?

Well, I suspected it but in my opinion the public in general should be outraged by it. It's also a significant violation of the laws that prohibit the government from propagandizing the American people.

Lotta depressed kids would probably kill themselves if that happened.

Kind of. The cablegate is scandalous because it shows that wikileaks is serious and efficient. Otherwise it would be difficult to explain why virtually every country and major corporation in the world is shitting their pants now and want Assange's head on a silver plate. They figured they may be the next ones.

I'm not sure how trustworthy the following is, but they say that Medvedev's office unofficially recommends NGO to nominate Assange for a Nobel Peace Prize.

My guess it's because the cables regarding Russia are ridiculous beyond any recognition, they don't have ANY hard data and consist mostly of hoax and whatnot, there isn't anything there what you couldn't read in opposition media.

Public reaction here is more like:

    Cable: Russian government is mafia
    Russian citizen: ha-ha, oh wow

It also seems Putin has heavily criticized the UK for arresting Assange, claiming is the evidence that UK doesn't have a real democracy. I have no idea what's going on: the only explanation I could come with is that Putin is trolling hard.

The claim sounds weird to you because you are considering how the claim sounds to a citizen in a western democracy. The truth is, Putin really couldn't care less about that. The remarks were absolutely aimed at Russian citizens -- see, we are not that bad in comparison.

There appears to be an ongoing low-level diplomatic conflict between the UK and Russia since the FSB guy who was killed on British soil - I'm sure that plays a part in his comment.

The "conflict" has been going on ever since the Berezovsky received asylum in the UK. He continues to fund activities against the Russian government, but the UK refuses to extradite him. The reason all the politicians in the UK freaked out over Litvinenko is that it puts London's reputation as the leading safe haven for defectors/dissidents/mafiosos and their money in doubt. A big reason that London is the world's financial capital is that it is also the world's money laundering capital.

Of course none of this applies to people like Assange because they don't have any money or come from countries the US doesn't like.

He is just having fun :)

Extensive oil corporation involvement in the Nigerian government doesn't pique your interest?


That's not all that new, though.

There was the revelation that the US and China worked together, or one might say conspired, to derail the Copenhagen Climate talks: http://www.spiegel.de/international/world/0,1518,733630,00.h...

I'll say that I dislike this, but I don't see anything illegal, or even unusual about this. This is absolutely politics as usual, and goes on every day in every country across the world. Every country lies to further their current interests.

I was more pointing my comment towards the notion that there was no conspiracy revealed. I do agree that everything thus far revealed by the cables hasn't been illegal in-and-of-itself nor is it all that surprising to those who have a non-romantic view of international diplomacy. It is an unfortunate truth that lying is a natural state of politics.

Not every conspiracy is illegal or unusual. They're still _wrong_, especially when perpetrated by governments against their people's will.

If it isn't illegal, it isn't a conspiracy.

I read about that particular collusion yesterday and it chilled me to the bone. It's the biggest thing to drop so far.

"3 million people didn't leak it because there was no compelling reason to leak them."

Or more likely dozens of people leaked them, but they weren't made publicly available until WikiLeaks got them.

"Boy-play" parties (and it aint Legos). They're even illegal in Afghanistan where they happened. Paid for by our tax dollars. And that's just a start. If you haven't seen anything illegal, you might want to open your eyes.

While we're at it: here's the legal definition of conspiracy: http://www.lectlaw.com/def/c103.htm

WikiLeaks documents many such conspiracies.

So I looked around for the cable you mention, and as best I can tell, government contractor Dyncorp was involved (I haven't seen a cable that says how exactly) in boy-play parties. The cable details how the Afghanis involved in the party were arrested and put on trial, and asks for help in quashing an article about the event. Is that accurate?

I'll admit this is probably the closest item I've seen to passing the test of something that might actually be worth whistle-blowing on. To fully pass the test, I'd need to see something that detailed who from Dyncorp was involved and to what extent.

My main complaint with the leaked cables, and the reason I have zero qualms about Manning being court marshaled (or even tried for treason) is that he in no way was discriminant about what he released. A whistle-blower needs clear concise evidence of real wrongdoing. Manning lazily dumped a huge archive of classified information without any real item to point to say this is wrong.

"To fully pass the test, I'd need to see something that detailed who from Dyncorp was involved and to what extent."

Yes, thats where the "conspiracy" bit comes in. We know these things are happening. We know they are being funded by Dynocorp which is itself funded 95% by US tax dollars. But who exactly organized it, well, gosh, nobody actually wrote it down. Yet we are to believe that nobody knew. Like, "who could have imagined people would fly planes into buildings?", as our Secretary of State blathered. (Answer: NORAD. http://www.usatoday.com/news/washington/2004-04-18-norad_x.h...)

Consider how many people were part of stuxnet, and no leaks have come out. This seems far more manageable.


I have a hard time imagining the FBI putting a crypto backdoor in and securing it with an expiring NDA.

I have a hard time imagining the FBI putting a crypto backdoor in.

Why? As a professional security researcher, what makes you believe this is unlikely? I'm not saying I disagree with you, but it seems like you have additional context for an a priori belief that this isn't what happened.

The FBI's level of security sophistication appears to end (normally) at EnCase.

I suspect that there's worlds of difference between, say, the arm of the FBI that chases drug dealers and the arm that chases Russian spies. It's a pretty broad church.

That is hilarious, but very true.

emphasis on "normally"

This is at least some precedent to this:


Don't discount the (admittedly unlikely) possibility that there was some cooperation in making sure that any /possible/ backdoors were done by people with REAL knowledge of how to get it done.

I'm still not convinced that the original Pentium Floating Point Bug wasn't a (mishandled) intentional corruption for crypto-backdoor purposes. Anyone who has heard the rumors about the POPCNT instruction would understand that the government is capable of making all sorts of deals with equipment and software vendors. Very few companies will decline such requests when received with "critical to National Security" assurances.

What crypto code uses floating point? DES and AES don't. I doubt most PRNGs do either..

That's not what the claim is. The claim is that the FBI paid an engineer to do so. This seems entirely plausible, although I don't believe this case is true.

You think it's plausible that the largest law enforcement organization in the United States decided to insert cryptographic backdoors in critical security software used by many hundreds of companies... because they outsourced it to some random company?

If true...

They probably outsourced it to disconnect it from them, same as subcontractors doing things the state can't like operate drones on the border without massive outcry. Also it makes it less easy to pin on anyone at the agency/state and makes the individual(s) that put it in seem wacko if they stated that independently. You can just deny, deny, plausible deniability. It is easy to play the psychological reactions this way.

If the FBI, NSA, and others aren't doing stuff like this then I wonder how they are thinking they can hang with the Chinese, Russian, etc hackers of the state.

It's so funny, people believe in their own tribe/country that the authority would never do this but you think of it happening in China or Russia and you think, 'of course they are doing that!'. It is a problem of relativity/trust. Wikileaks put evidence of our very own State Department and Hilary Clinton bugging the United Nations but we aren't doing this across the internet/software landscape? hrm. Algorithms are hard to put trapdoors in, but the software that wraps them can help make it easier...

It has nothing to do with believing our government is incapable of it. It has to do with believing the FBI is incapable of it.

Plausible? Entirely. Likely in this case? No.

You have trouble believing that a huge bureaucracy could do something that stupid?

In this particular case, yes. The government has a fetish for secrecy, classifying useless (and often public knowledge anyways) things indefinitely. To think that something this sensitive would wind up under an NDA that expires in a decade or two is lunacy, especially without the slightest shred of evidence.

Holy shit:

"This is also probably the reason why you lost your DARPA funding, they more than likely caught wind of the fact that those backdoors were present and didn't want to create any derivative products based upon the same."

At the time (2003) this was blamed on Theo criticizing the Iraq war in the Canadian press.

The impact of this if true is going to be huge.

"You are an alien consciousness in a robot body that looks like a human."

The impact of this if true is going to be huge.

I call shenanigans. The alien robots of John McCain and Keith Richards have had little to no impact whatsoever.

Why would the FBI put a backdoor into an ipsec stack? That's the NSA's job.

Pretty sure the NSA is content to sit back and watch people inadvertantly add the backdoors for them.

They do that too, of course. But I have trouble believing that they always stop there. Look at their idiotic trojan PRNG, for instance (and if you believe their "What? That curve was chosen completely randomly! Of course we didn't construct it specially!" story, I have a bridge to sell you.)

You wonder whether it was some kind of crazy NSA intern project.

They prefer researching backdoors. The FBI implements them. Big difference. NSA researched and designed the clipper chips, then the FBI tried to get everyone to use the phones.

If by "implementing" you mean "sending an actual person over to plug in the recording device", yes. If by "implementing" you mean "contracting somebody to insert a cryptographic side channel in an operating system", then, very no.

which government agency is traditionally in charge of backdooring security systems?

FBI if it's like, a keylogger. NSA otherwise.

Duplication of effort in government? In the intelligence community, no less?

Outrageous, who ever heard of such a thing ;)

You're not a real government agency until you have an intelligence branch. The Department of Agriculture gets funding in defense bills (because, ahem, America gets angry when our cows get mad).

Seriously, though, there are something like two dozen intelligence services [edit: Wiki says 16 big ones] in the US federal government.

the Washington Post had a fantastic series which tried to get a handle on the complexity of the intelligence services operating in America today: http://projects.washingtonpost.com/top-secret-america/articl...

here's the leader:

The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work.

It's a harrowing read.

Ag stats are pretty sensitive.

I would bet that the animal pathology work they do is more sensitive.

Honestly, I don't think the FBI has the expertise they'd need to slip in a backdoor which goes for this long without being found.

according to the e-mail, so the FBI could monitor the VPN of the its parent organization, the EOUSA

Why would they want to do this? Don't they have physical access at the endpoints?

Not domestically cough.

After conferring with some folks, I will now say that the odds of this being true are virtually nill.

This might not be helpful for people here, but the best advice I can give is to "consider the source" (Greg Perry).

Who's Greg Perry? Is he a known liar? What about asking this Jason Wright who apparently implemented some of this? Or is he also a known liar?

It's unfair of me to cast aspersions against Greg that the general public wouldn't be in a position to back up; but I think you'd be hard pressed to find anyone with knowledge of either him or the situation to not consider him an untrustworthy source (about this, or really anything).

I can say I have no reason to doubt anything that Jason says (although if this crazy accusation were true, logically, it would make sense for him to deny it).

The good news is that this is something that is verifiable. If there is in fact a backdoor in the code, someone should be able to find it.

> It's unfair of me to cast aspersions against Greg that the general public wouldn't be in a position to back up

Hasn't stopped you yetº. Why balk at the request to provide a little substantiation?


I guess I'm balking because my answer to the question "is he a known liar?" is "yes, by anyone who knows him or has worked with him."

The problem with that statement is that from what I can see, no one who meets that criteria is commenting in this article. I am aware of no public record that he is a liar; but if someone asked if my Aunt Verna is crazy I would want to respond "oh yes, absolutely).

Because he can't substantiate without breaking confidences. It's fine to ask the question and fine to say you're not going to take him at his word, but let's leave it there.

After seeing the post I linked, I searched the Googles in vain to find a wisp of what he was referring to. It's perfectly fine to not break confidences, but you can't call someone "bat-shit insane" and then demurely say you won't cast aspersions on him; that horse has left the barn.

He didn't say he wouldn't; he acknowledged that it was unfair. It is. That doesn't make him wrong. Please can we drop it? You raised the point. We get it.

> My NDA with the FBI has recently expired [...]

Sorry, but that kind of ends it for me. Either the FBI was so ignorant they had him sign an NDA which they knew would expire, and then told him to put in backdoors; or he's lying.

Expiration date on crypto makes sense: a crypto algo and more so the implementation is only a timelock, at best, because they become increasingly easy to attack with time.

He could have signed a stock sw dev NDA form that suited everybody.

But what doesn't make sense is that they would sign him on with an NDA that expired, knowing full well that he could then go on and tell people that the FBI had put a backdoor in something they helped to design.

I would wager that they didn't know "full well" that they were going to request a backdoor. Remember this is the US Government we're talking about. That kind of foresight is rare and even when it does exist the left hand doesn't know what the right is doing and expiring NDAs could occur. All it takes is the person making the request to assume, "Hey, he's doing US Gov crypto work so he much have a permanent NDA. I'll go ahead and request a back door without double checking the terms of his NDA."

Yeah, that's entirely possible. I guess my argument made the assumption the government would know what it was doing.

IF the allegations are true, I am on the side that says he misinterpreted the NDA. There could be reason to believe that the NDA had to do with his working with the FBI but the backdoor was a separate entity.

Either case, its all speculation. Hopefully this isn't a stunt to discredit oBSD. Some serious combing will be done in the code, I trust the oBSD team will do their best to clean up any mess that exists. We will all have a better oBSD after this.

Or maybe the NDA hasn't expired but he's misinterpreted the contract that he signed. Just like how some folks can admit they used to work for the CIA or special forces but are not allowed to talk about specific missions because they are still classified.

Translation: plain-text email from the FBI says: "Please stop using IPSEC."

Anyone want to start a pool? I'm definitely a "no".


"The recent incident of "backdoors" in Microsoft software is indicative of a fundamental problem that electronic commerce will need to address very soon," Jerry Harold, president & co-founder of NetSec [...] Even if Microsoft has stringent internal requirements for software assurance, it's very difficult to catch a backdoor that may be hidden by a single coder deep inside hundreds of thousands of lines of code," said Harold

"This is why NetSec builds its products on an operating system (OpenBSD) that has made security its number one goal," Harold told SOURCES. "The source for the operating system was re-built from the ground up for security and is publicly available. As a result, it is continuously subjected to rigorous security review by independent software engineers around the world. This has additional benefits because secure code often tends to be well designed, stable, and efficient."

(netsec being the company that worked with the fbi and employed the developer that wrote the openbsd ipsec code in question)

That depends. Do we just have to find a vuln somewhere in one of NETSEC's check-ins, or do we have to prove it was put there deliberately?

Vulns are disqualified if a similar vuln was check in to an analogous crypto product within a 5 year window.

Wouldn't that be a great way to hide it though, insert a vulnerability that you've seen elsewhere and know how to exploit rather than inserting something completely unfamiliar. Indeed if it's been in some other app and not discovered then it's unlikely to get noticed quickly.

I also will go with "no", although I'm a little too close to this story to wager.

Do you mind elaborating on that a little?

Basically that I absolutely believe this is a bogus story, but my reasons for believing that aren't able to be shared due to direct involvement.

I don't expect other people to take that as evidence of anything (because who the hell am I), but thankfully, this isn't the kind of thing that has to be wondered about for eternity (if his claim is true, it should be able to be verified).

edit: Oh look, HD Moore just posted this link on Twitter about the guy who sent the original email: http://www.bop.gov/iloc2/InmateFinderServlet?Transaction=IDS...

Fair enough - I'm not going to pry any deeper. It's nice to see the depth of the HN community though.

I'm a 'no' too. I think OpenBSD is just being trolled.

The work described here isn't something that would be classified FOUO, or likely even just "secret". This would be at a minimum TS or most likely SCI. As such, you don't just sign an NDA to do work on a project like this - you go through an extensive background check process, get interviewed, and sign a bunch of paperwork that lasts the rest of your life regarding the criminal penalties of disclosure (at least until the underlying project goes through the declassification process).

To use the term "NDA" in such a context belies a general ignorance of how projects like this work in the government intelligence field. I suspect a hoax.

a response from greg perry:


I was the lead architect for the site-to-site VPN project developed for Executive Office for United States Attorneys, which was a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad.

he mentions pf, but also that he left the company in 2000. pf wasn't even created until 2001.

and now jason wright (the developer in question) has responded:


The more famous (with VMware) Scott Lowe rarely writes about BSD and has denied any sort of involvement. http://blog.scottlowe.org/2010/12/14/allegations-regarding-f...

This reminds me of a brilliant april fools joke the german Linux Magazin pulled off back in 2001 where they suggested that a backdoor was added to the Linux networking stack disguised in many harmless looking patches


if you can read german.

Can't read German, but this sounds like the DirectTV(right company?) updates to stop hackers from getting free TV. Pretty ingenious if you ask me.


Anything classified is classified until the government decides otherwise.

There's no such thing as a "NDA" when working with the government.

This story doesn't make sense.

a binary driver blob can do a better job at backdooring. or even dare to say, the hardware, network card, may have already had one built into it at the factory. i vote for a mostly fudd value of this info.

Which is why OpenBSD does not come with any binary drivers.

but it (and every other operating system) still has drivers for network cards that use binary, closed-source firmware that operates on the network card's own processor.

which can be backdoored, and would then be impossible to detect from the operating system.


I thought this was hacker news. Are we going to yammer or are we going to look at the code?

Anyone familiar with the code in question? Even the neighbourhood would be helpful.


>We have never allowed US citizens or foreign citizens working in the US to hack on crypto code

This is hilarious logic, because no other country could possibly want to have a backdoor, and the NSA/CIA couldn't possibly hire a foreign national working in another country.

It has nothing to do with that. The rationale for this is to avoid any problems with US law regarding the exporting of cryptographic software:


It has to do with the laws the US places on exporting crypto.

Paranoia? I wasn't looking for a smoking gun, I was looking for an illustration of business as usual.

I get the impression crypto is very hard to implement right, which would mean it's very hard to evaluate.

"Hard" is just an opportunity to learn something. Are you saying you're not a hacker?

Has anybody come up with a plausible motive to lie about this? Shouldn't there be an audit of the relevant source tree at the time rather than now?

smells like déjà vu (synæsthesia: http://news.ycombinator.com/item?id=188792)

Could this be a psyops operation regarding Wikileaks mirrors?


Hrm on Assange's personal blog on the item called 'Sun 18 Jun 2006 : NetBSD foundation Membership Agreement' he mentioned a new legal document everyone in NetBSD had to sign. Did something change in 2006? Mac OSX/Intel took off as an OS.


The link for this thread states it may have happened in 2000-2001 around the time of the terror frenzy which is possible. But BSD has gotten more corporate, and with that backdoors usually such as NSA/Windows in the late 90's (http://www.heise.de/tp/r4/artikel/5/5263/1.html).

What's the interest in spying such connections? We all know what is going to be the content in all those mirrors.

If this was actually in response to my psyops comment, I didn't reference spying, I referenced psychological operations. It was just a not-necessarily-plausible thought I tossed out there, hoping for discussion.

If a large group of US nationals were mirroring Wikileaks content, and happened to be using OpenBSD for their infrastructure, it might be an interesting "warning".

> Merry Christmas...

What is this... christmas trolling? This whole story sounds so unlikely: a definite rather than infinite NDA, and in an open-sourced project of this magnitude which welcomes an infinite number of people to peer through it (don't respond to this with "the best place to hide something is in plain sight", please...)

There should be a thousand pairs of eyes going through the current OCF and its historical states by now, so I guess the answer will be out in the blink of an eye.

A hundred thousand pairs of eyes might not spot a deliberate side channel inserted in a crypto implementation.

Yes, obviously. And given the OBSD team's track record on meticulousness and attention to detail in ironing out these specific creases, I think I know what the majority of bets on this one will be.

The OpenBSD team's track record has very little to do with intricate crypto vulnerabilities. This is a different kind of vulnerability research.

So what will find and fix vulnerabilities in crypto implementations?

Nothing we know of. Sleep tight!

The CEO of a consulting firm with government funding just told you there is very likely a set of backdoors in a crypto stack that will be increasingly relied on in coming years.

Theo's lack of concern is unsettling.

"Meh, if it's there, someone who cares will look for it and find it."

To be more accurate:

"The ex-CTO of a government contractor with a history of being bat-shit insane just told you there is very likely a set of backdoors in a crypto stack"...

You left out the bit where it was his company that he claimed added the alleged backdoors. If he's as untrustworthy as you've hinted at, I expect that those with authoritative knowledge will speak to that soon enough, but it seems like it will take more than just evidence of past lying to put this one to rest. Even liars tell truths.

Part of the reason is that there's a newer IKEv2 implementation in OpenBSD:


I assume that he came to the conclusion that he isn't qualified to look for it - without massive familiarity with the code trying to find something that was intentionally hidden would probably just be a waste of time he could better spend.

Disclosing the allegations so those with a reasonable chance of finding the thing if it exists is, basically, the responsible thing to do here.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact