It looks like someone has figured out a way to get an absolutely free hostile code audit of their IPSEC implementation. Hundreds of the smartest people in the field will be looking at the code with a critical eye; a process that would cost millions if they were paid for their time, and all for the chance to put their name on the discovery of the backdoor.
Crypto implementations have a history of vulnerabilities. Who's to say that anything that anyone finds is proof one way or the other. It's not like you're going to see:
It's more likely to be something along the lines of skipping a crucial step in adding entropy or subtly botching the rekey cycle so that it leaks session information. If anything like that exists. This may all be a subtle troll of Theo De Raadt, or of the internet at large.
The mail Theo forwards has a vague description of what has been done (not that I understand it, mind you):
"My NDA with the FBI has recently expired, and I wanted to make you aware of the fact that the FBI implemented a number of backdoors and side channel key leaking mechanisms into the OCF, for the express purpose of monitoring the site to site VPN encryption system implemented by EOUSA, the parent organization to the FBI."
Being able to find a particular commit, made by the people previously accused during the correct time-period, and showing how what they did was subtlety broken? Sure, that's very possible. Proof of mal-intent is hardly necessary.
"... I have received a mail regarding the early development of the OpenBSD IPSEC stack. It is alleged that some ex-developers (and the company they worked for) accepted US government money to put backdoors into our network stack, ... The mail came in privately from a person I have not talked to for nearly 10 years. I refuse to become part of such a conspiracy ..."
If like some you believe there are cyber skirmishes going on, it's also possible PSYOPS are in operation ~ http://en.wikipedia.org/wiki/Psychological_warfare OBSD could be viewed as a hardened OS and therefore a problem. I can't think of a better way to counter Puffys reputation, than with unsubstantiated and difficult to verify information.
I kind of doubt this. Too much planning would be involved to:
* pay people to add backdoors
* tell DARPA
* start a marketing arm to convince people to use it
Conspiracy stories very rarely turn out to be true; it's too hard to coordinate all of these efforts.
If it is true, though, it will be interesting to see how much code Cisco jacked from OpenBSD. (It's allowed by the license, but is probably a hard sell when you tell your Fortune 100 clients that they are just running OpenBSD but at 10000x the cost.)
Incidentally, I use OpenBSD for my VPN. But OpenVPN, not IPsec, as I could never figure it out :)
"Conspiracy stories very rarely turn out to be true;"
That's because when they are found out to be true, nobody calls them "Conspiracy stories" any more. We call them "scandals". (ref: "Watergate Scandal"). Note that the perpetrators were indited for conspiracy.
"it's too hard to coordinate all of these efforts."
Every week you should be allowed to upvote something twice. Conspiracy is pervasive in life. As far as I can tell (and I provide no evidence to back this up), "conspiracy theories" are often correct but lacking the direct evidence to do anything about. Those who discount something as a "conspiracy theory" are usually (a) naive, (b) like being "right", (c) personally benefiting from the situation, or (d) going to find a way to benefit from it.
pay people to add backdoors
This is hard if you have the money? Done.
tell DARPA
When the FBI spooks go to the military contrator parties, who else do you think is there? If you know that something is tainted, you tell people who might return the favor.
start a marketing arm to convince people to use it
Some conspiracy theories turn out to be true, but the problem is that people abuse this framework to support all kind of weird accusations. It's very convenient, because it frees them from the burden of supporting their claims with evidence.
"It's a conspiracy, of course there is no evidence!"
I think its far more common to say "conspiracy theory" as a way to discredit an idea. Take 9/11 for example. Pah! Conspiracy theory. Yet the evidence is that the evidence presented by the government is total bullshit. Which is evidence of conspiracy. What, exactly, happened I expect we will never know. But the evidence is that something happened beyond planes flying into buildings.
That's really an excellent point. Wikileaks is scandalous because it was leaked, not because of the content. There are a handful of embarrassing things in there, but that's it.
The best analogy I could come up with is if someone leaked all the private Facebook messages from all the students at a high school. Sure, feelings would be hurt, but at the end of the day it's really no big deal.
There was shocking information in the leaks -- that the government deliberately classified information that would simply make for bad PR and not to save lives or anything else.
Well, I suspected it but in my opinion the public in general should be outraged by it. It's also a significant violation of the laws that prohibit the government from propagandizing the American people.
Kind of. The cablegate is scandalous because it shows that wikileaks is serious and efficient. Otherwise it would be difficult to explain why virtually every country and major corporation in the world is shitting their pants now and want Assange's head on a silver plate. They figured they may be the next ones.
I'm not sure how trustworthy the following is, but they say that Medvedev's office unofficially recommends NGO to nominate Assange for a Nobel Peace Prize.
My guess it's because the cables regarding Russia are ridiculous beyond any recognition, they don't have ANY hard data and consist mostly of hoax and whatnot, there isn't anything there what you couldn't read in opposition media.
Public reaction here is more like:
Cable: Russian government is mafia
Russian citizen: ha-ha, oh wow
It also seems Putin has heavily criticized the UK for arresting Assange, claiming is the evidence that UK doesn't have a real democracy. I have no idea what's going on: the only explanation I could come with is that Putin is trolling hard.
The claim sounds weird to you because you are considering how the claim sounds to a citizen in a western democracy. The truth is, Putin really couldn't care less about that. The remarks were absolutely aimed at Russian citizens -- see, we are not that bad in comparison.
There appears to be an ongoing low-level diplomatic conflict between the UK and Russia since the FSB guy who was killed on British soil - I'm sure that plays a part in his comment.
The "conflict" has been going on ever since the Berezovsky received asylum in the UK. He continues to fund activities against the Russian government, but the UK refuses to extradite him. The reason all the politicians in the UK freaked out over Litvinenko is that it puts London's reputation as the leading safe haven for defectors/dissidents/mafiosos and their money in doubt. A big reason that London is the world's financial capital is that it is also the world's money laundering capital.
Of course none of this applies to people like Assange because they don't have any money or come from countries the US doesn't like.
I'll say that I dislike this, but I don't see anything illegal, or even unusual about this. This is absolutely politics as usual, and goes on every day in every country across the world. Every country lies to further their current interests.
I was more pointing my comment towards the notion that there was no conspiracy revealed. I do agree that everything thus far revealed by the cables hasn't been illegal in-and-of-itself nor is it all that surprising to those who have a non-romantic view of international diplomacy. It is an unfortunate truth that lying is a natural state of politics.
"Boy-play" parties (and it aint Legos). They're even illegal in Afghanistan where they happened. Paid for by our tax dollars. And that's just a start. If you haven't seen anything illegal, you might want to open your eyes.
So I looked around for the cable you mention, and as best I can tell, government contractor Dyncorp was involved (I haven't seen a cable that says how exactly) in boy-play parties. The cable details how the Afghanis involved in the party were arrested and put on trial, and asks for help in quashing an article about the event. Is that accurate?
I'll admit this is probably the closest item I've seen to passing the test of something that might actually be worth whistle-blowing on. To fully pass the test, I'd need to see something that detailed who from Dyncorp was involved and to what extent.
My main complaint with the leaked cables, and the reason I have zero qualms about Manning being court marshaled (or even tried for treason) is that he in no way was discriminant about what he released. A whistle-blower needs clear concise evidence of real wrongdoing. Manning lazily dumped a huge archive of classified information without any real item to point to say this is wrong.
"To fully pass the test, I'd need to see something that detailed who from Dyncorp was involved and to what extent."
Yes, thats where the "conspiracy" bit comes in. We know these things are happening. We know they are being funded by Dynocorp which is itself funded 95% by US tax dollars. But who exactly organized it, well, gosh, nobody actually wrote it down. Yet we are to believe that nobody knew. Like, "who could have imagined people would fly planes into buildings?", as our Secretary of State blathered. (Answer: NORAD. http://www.usatoday.com/news/washington/2004-04-18-norad_x.h...)
Why? As a professional security researcher, what makes you believe this is unlikely? I'm not saying I disagree with you, but it seems like you have additional context for an a priori belief that this isn't what happened.
I suspect that there's worlds of difference between, say, the arm of the FBI that chases drug dealers and the arm that chases Russian spies. It's a pretty broad church.
Don't discount the (admittedly unlikely) possibility that there was some cooperation in making sure that any /possible/ backdoors were done by people with REAL knowledge of how to get it done.
I'm still not convinced that the original Pentium Floating Point Bug wasn't a (mishandled) intentional corruption for crypto-backdoor purposes. Anyone who has heard the rumors about the POPCNT instruction would understand that the government is capable of making all sorts of deals with equipment and software vendors. Very few companies will decline such requests when received with "critical to National Security" assurances.
That's not what the claim is. The claim is that the FBI paid an engineer to do so. This seems entirely plausible, although I don't believe this case is true.
You think it's plausible that the largest law enforcement organization in the United States decided to insert cryptographic backdoors in critical security software used by many hundreds of companies... because they outsourced it to some random company?
They probably outsourced it to disconnect it from them, same as subcontractors doing things the state can't like operate drones on the border without massive outcry. Also it makes it less easy to pin on anyone at the agency/state and makes the individual(s) that put it in seem wacko if they stated that independently. You can just deny, deny, plausible deniability. It is easy to play the psychological reactions this way.
If the FBI, NSA, and others aren't doing stuff like this then I wonder how they are thinking they can hang with the Chinese, Russian, etc hackers of the state.
It's so funny, people believe in their own tribe/country that the authority would never do this but you think of it happening in China or Russia and you think, 'of course they are doing that!'. It is a problem of relativity/trust. Wikileaks put evidence of our very own State Department and Hilary Clinton bugging the United Nations but we aren't doing this across the internet/software landscape? hrm. Algorithms are hard to put trapdoors in, but the software that wraps them can help make it easier...
In this particular case, yes. The government has a fetish for secrecy, classifying useless (and often public knowledge anyways) things indefinitely. To think that something this sensitive would wind up under an NDA that expires in a decade or two is lunacy, especially without the slightest shred of evidence.
"This is also probably the reason why you lost your DARPA funding, they
more than likely caught wind of the fact that those backdoors were
present and didn't want to create any derivative products based upon
the same."
At the time (2003) this was blamed on Theo criticizing the Iraq war in the Canadian press.
They do that too, of course. But I have trouble believing that they always stop there. Look at their idiotic trojan PRNG, for instance (and if you believe their "What? That curve was chosen completely randomly! Of course we didn't construct it specially!" story, I have a bridge to sell you.)
They prefer researching backdoors. The FBI implements them. Big difference. NSA researched and designed the clipper chips, then the FBI tried to get everyone to use the phones.
If by "implementing" you mean "sending an actual person over to plug in the recording device", yes. If by "implementing" you mean "contracting somebody to insert a cryptographic side channel in an operating system", then, very no.
You're not a real government agency until you have an intelligence branch. The Department of Agriculture gets funding in defense bills (because, ahem, America gets angry when our cows get mad).
Seriously, though, there are something like two dozen intelligence services [edit: Wiki says 16 big ones] in the US federal government.
The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work.
It's unfair of me to cast aspersions against Greg that the general public wouldn't be in a position to back up; but I think you'd be hard pressed to find anyone with knowledge of either him or the situation to not consider him an untrustworthy source (about this, or really anything).
I can say I have no reason to doubt anything that Jason says (although if this crazy accusation were true, logically, it would make sense for him to deny it).
The good news is that this is something that is verifiable. If there is in fact a backdoor in the code, someone should be able to find it.
I guess I'm balking because my answer to the question "is he a known liar?" is "yes, by anyone who knows him or has worked with him."
The problem with that statement is that from what I can see, no one who meets that criteria is commenting in this article. I am aware of no public record that he is a liar; but if someone asked if my Aunt Verna is crazy I would want to respond "oh yes, absolutely).
Because he can't substantiate without breaking confidences. It's fine to ask the question and fine to say you're not going to take him at his word, but let's leave it there.
After seeing the post I linked, I searched the Googles in vain to find a wisp of what he was referring to. It's perfectly fine to not break confidences, but you can't call someone "bat-shit insane" and then demurely say you won't cast aspersions on him; that horse has left the barn.
He didn't say he wouldn't; he acknowledged that it was unfair. It is. That doesn't make him wrong. Please can we drop it? You raised the point. We get it.
Sorry, but that kind of ends it for me. Either the FBI was so ignorant they had him sign an NDA which they knew would expire, and then told him to put in backdoors; or he's lying.
Expiration date on crypto makes sense: a crypto algo and more so the implementation is only a timelock, at best, because they become increasingly easy to attack with time.
He could have signed a stock sw dev NDA form that suited everybody.
But what doesn't make sense is that they would sign him on with an NDA that expired, knowing full well that he could then go on and tell people that the FBI had put a backdoor in something they helped to design.
I would wager that they didn't know "full well" that they were going to request a backdoor. Remember this is the US Government we're talking about. That kind of foresight is rare and even when it does exist the left hand doesn't know what the right is doing and expiring NDAs could occur. All it takes is the person making the request to assume, "Hey, he's doing US Gov crypto work so he much have a permanent NDA. I'll go ahead and request a back door without double checking the terms of his NDA."
IF the allegations are true, I am on the side that says he misinterpreted the NDA. There could be reason to believe that the NDA had to do with his working with the FBI but the backdoor was a separate entity.
Either case, its all speculation. Hopefully this isn't a stunt to discredit oBSD. Some serious combing will be done in the code, I trust the oBSD team will do their best to clean up any mess that exists. We will all have a better oBSD after this.
Or maybe the NDA hasn't expired but he's misinterpreted the contract that he signed. Just like how some folks can admit they used to work for the CIA or special forces but are not allowed to talk about specific missions because they are still classified.
"The recent incident of "backdoors" in Microsoft software is indicative of a fundamental problem that electronic commerce will need to address very soon," Jerry Harold, president & co-founder of NetSec [...] Even if Microsoft has stringent internal requirements for software assurance, it's very difficult to catch a backdoor that may be hidden by a single coder deep inside hundreds of thousands of lines of code," said Harold
"This is why NetSec builds its products on an operating system (OpenBSD) that has made security its number one goal," Harold told SOURCES. "The source for the operating system was re-built from the ground up for security and is publicly available. As a result, it is continuously subjected to rigorous security review by independent software engineers around the world. This has additional benefits because secure code often tends to be well designed, stable, and efficient."
(netsec being the company that worked with the fbi and employed the developer that wrote the openbsd ipsec code in question)
Wouldn't that be a great way to hide it though, insert a vulnerability that you've seen elsewhere and know how to exploit rather than inserting something completely unfamiliar. Indeed if it's been in some other app and not discovered then it's unlikely to get noticed quickly.
Basically that I absolutely believe this is a bogus story, but my reasons for believing that aren't able to be shared due to direct involvement.
I don't expect other people to take that as evidence of anything (because who the hell am I), but thankfully, this isn't the kind of thing that has to be wondered about for eternity (if his claim is true, it should be able to be verified).
The work described here isn't something that would be classified FOUO, or likely even just "secret". This would be at a minimum TS or most likely SCI. As such, you don't just sign an NDA to do work on a project like this - you go through an extensive background check process, get interviewed, and sign a bunch of paperwork that lasts the rest of your life regarding the criminal penalties of disclosure (at least until the underlying project goes through the declassification process).
To use the term "NDA" in such a context belies a general ignorance of how projects like this work in the government intelligence field. I suspect a hoax.
I was the lead architect for the site-to-site VPN project developed for Executive Office for United States Attorneys, which was a statically keyed VPN system used at 235+ US Attorney locations and which later proved to have been backdoored by the FBI so that they could recover (potentially) grand jury information from various US Attorney sites across the United States and abroad.
he mentions pf, but also that he left the company in 2000. pf wasn't even created until 2001.
and now jason wright (the developer in question) has responded:
This reminds me of a brilliant april fools joke the german Linux Magazin pulled off back in 2001 where they suggested that a backdoor was added to the Linux networking stack disguised in many harmless looking patches
a binary driver blob can do a better job at backdooring. or even dare to say, the hardware, network card, may have already had one built into it at the factory. i vote for a mostly fudd value of this info.
but it (and every other operating system) still has drivers for network cards that use binary, closed-source firmware that operates on the network card's own processor.
which can be backdoored, and would then be impossible to detect from the operating system.
>We have never allowed US citizens or foreign citizens working in the US
to hack on crypto code
This is hilarious logic, because no other country could possibly want to have a backdoor, and the NSA/CIA couldn't possibly hire a foreign national working in another country.
Hrm on Assange's personal blog on the item called 'Sun 18 Jun 2006 : NetBSD foundation Membership Agreement' he mentioned a new legal document everyone in NetBSD had to sign. Did something change in 2006? Mac OSX/Intel took off as an OS.
The link for this thread states it may have happened in 2000-2001 around the time of the terror frenzy which is possible. But BSD has gotten more corporate, and with that backdoors usually such as NSA/Windows in the late 90's (http://www.heise.de/tp/r4/artikel/5/5263/1.html).
If this was actually in response to my psyops comment, I didn't reference spying, I referenced psychological operations. It was just a not-necessarily-plausible thought I tossed out there, hoping for discussion.
If a large group of US nationals were mirroring Wikileaks content, and happened to be using OpenBSD for their infrastructure, it might be an interesting "warning".
What is this... christmas trolling? This whole story sounds so unlikely: a definite rather than infinite NDA, and in an open-sourced project of this magnitude which welcomes an infinite number of people to peer through it (don't respond to this with "the best place to hide something is in plain sight", please...)
There should be a thousand pairs of eyes going through the current OCF and its historical states by now, so I guess the answer will be out in the blink of an eye.
Yes, obviously. And given the OBSD team's track record on meticulousness and attention to detail in ironing out these specific creases, I think I know what the majority of bets on this one will be.
The CEO of a consulting firm with government funding just told you there is very likely a set of backdoors in a crypto stack that will be increasingly relied on in coming years.
Theo's lack of concern is unsettling.
"Meh, if it's there, someone who cares will look for it and find it."
"The ex-CTO of a government contractor with a history of being bat-shit insane just told you there is very likely a set of backdoors in a crypto stack"...
You left out the bit where it was his company that he claimed added the alleged backdoors. If he's as untrustworthy as you've hinted at, I expect that those with authoritative knowledge will speak to that soon enough, but it seems like it will take more than just evidence of past lying to put this one to rest. Even liars tell truths.
I assume that he came to the conclusion that he isn't qualified to look for it - without massive familiarity with the code trying to find something that was intentionally hidden would probably just be a waste of time he could better spend.
Disclosing the allegations so those with a reasonable chance of finding the thing if it exists is, basically, the responsible thing to do here.
Yay for Open Source!