OpenBSD has FBI backdoor, claims contractor
Installed 10 years ago.
The cryptography of open source operating system OpenBSD was rigged with FBI-sponsored backdoors a decade ago, a former government contractor has told OpenBSD founder Theo De Raadt.
A 'backdoor' is an algorithm or rootkit written to allow a third party to bypass usual security controls and gain access to a system.
"I wanted to make you aware of the fact that the FBI implemented a number of backdoors," Gregory Perry, former chief technology officer at former government contractor, Netsec, told De Raadt in an email.
De Raadt on Wednesday published the emailed allegation to give others a chance to review the code and allow those claimed to be involved to defend themselves.
Code donated by Perry and his team for OpenBSD were for the "IPSEC" or internet protocol security component of the system, said De Raadt.
Perry claimed that EMC VMware evangelist, Scott Lowe, was aware of the backdoor and had been advocating OpenBSD virtual machines in VMware vSphere deployments because he was on the FBI's "payroll". Lowe, however, has denied the allegation.
http://www.itnews.com.au/News/241876,op ... actor.aspx