Según el mensaje del líder del proyecto OpenBSD, el gobierno de los EEUU presionó a sus desarrolladores entre 2000 y 2001 para que incluyeran en este sistema una puerta trasera a partir de la cual pudieran colarse en este sistema operativo.
Theo de Raadt ha solicitado la ayuda de la comunidad para auditar este código y dejarlo limpito…. La verdad, si se descubre esto en un proyecto Open Source, qué no esconderán las soluciones cerradas de dos empresas tan yankis como Microsoft o Apple… con o sin presión de su gobierno. Miedo me da.
I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, in particular the IPSEC stack. Around 2000-2001. Since we had the first IPSEC stack available for free, large parts of the code are now found in many other projects/products. Over 10 years, the IPSEC code has gone through many changes and fixes, so it is unclear what the true impact of these allegations are. The mail came in privately from a person I have not talked to for nearly 10 years. I refuse to become part of such a conspiracy, and will not be talking to Gregory Perry about this. Therefore I am making it public so that (a) those who use the code can audit it for these problems, (b) those that are angry at the story can take other actions, (c) if it is not true, those who are being accused can defend themselves. Of course I don't like it when my private mail is forwarded. However the "little ethic" of a private mail being forwarded is much smaller than the "big ethic" of government paying companies to pay open source developers (a member of a community-of-friends) to insert privacy-invading holes in software.
Más información en muylinux.
En Securitybydefault aprovechan el caso para hablarnos de las Backdoors más escandalosas.
18/12/10 at 2:12 am
La pagina de tu Blog se ha actualizado…
[..]Articulo Indexado Correctamente en la Blogosfera de Sysmaya[..]…