FBI accused of planting backdoor in OpenBSD IPSEC stack
#1
Moderator
Thread Starter
iTrader: (12)
Join Date: Nov 2008
Location: Tampa, Florida
Posts: 21,029
Total Cats: 3,123
FBI accused of planting backdoor in OpenBSD IPSEC stack
I have no idea what this actually means, but it seemed important to a geek buddy of mine so I thought I'd share.
What does this mean to Joe everyguy and what does this mean to Joe Perez?
http://arstechnica.com/open-source/n...psec-stack.ars
What does this mean to Joe everyguy and what does this mean to Joe Perez?
http://arstechnica.com/open-source/n...psec-stack.ars
#3
Well... basically, openbsd code has been copied into almost everything out there, since its not under the GNU license. Theoretically this back doors could be in your cell phone or blue ray player. Nothing to see here, move along. (in reality, I doubt that anything remains after 10 years, especially given the audits that occur within openbsd)
#4
mkturbo.com
iTrader: (24)
Join Date: May 2006
Location: Charleston SC
Posts: 15,193
Total Cats: 1,685
IPSec is more or less the protocol that encrypts your packets so that they are secure. Here is an article that says it does not have a backdoor.
Basically if it is true what I understand it does if is gets certain parts of the encryption key so that they can brute force the encryption key quicker.
Basically if it is true what I understand it does if is gets certain parts of the encryption key so that they can brute force the encryption key quicker.
#5
If this really happened 10 years ago I'm wondering if it would still be relevant. Key sizes and algorithms have changed fairly dramatically since then which even makes brute force pretty damn difficult. Just to give you some perspective - the DES standard (used until 2k2) had a 56 bit key, today we use the AES standard in which the smallest key size is 2.5x larger. Even if they escrow bits of of the encryption key they'd still have quite a bit to crack.
#6
I have no idea what this actually means, but it seemed important to a geek buddy of mine so I thought I'd share.
What does this mean to Joe everyguy and what does this mean to Joe Perez?
http://arstechnica.com/open-source/n...psec-stack.ars
What does this mean to Joe everyguy and what does this mean to Joe Perez?
http://arstechnica.com/open-source/n...psec-stack.ars
#7
If this really happened 10 years ago I'm wondering if it would still be relevant. Key sizes and algorithms have changed fairly dramatically since then which even makes brute force pretty damn difficult. Just to give you some perspective - the DES standard (used until 2k2) had a 56 bit key, today we use the AES standard in which the smallest key size is 2.5x larger. Even if they escrow bits of of the encryption key they'd still have quite a bit to crack.
#9
DES? If I had a dime for every WEP neighbor. . . Mr. Ubuntu, my directional antenna, and my friend Mr. Kismet disagrees. Good times.
Last edited by Newbsauce; 12-16-2010 at 11:47 AM.
Thread
Thread Starter
Forum
Replies
Last Post
hustler
Front Desk
98
12-28-2009 08:03 PM