FBI paid for back doors into OpenBSD?

fbi paid for back doors into openbsd

The lead developer on the OpenBSD project, Theo de Raadt, has disclosed an email message sent to him by a former contractor, Gregory Perry, who has alleged the U.S. Federal Bureau of Investigation paid developers to put a number of back doors into the communication encryption software used by the OpenBSD operating system. Although the report has not been substantiated, if the allegations are true it means the FBI has been working secretly for years to develop ways to look at encrypted network traffic—and hidden those methods in source code submitted to the open source OpenBSD operating system. And, of course, if the FBI has, in fact, put back doors into OpenBSD, who knows what other open source projects it may worked to clandestinely infiltrate.

The former contractor making the allegations, Gregory Perry, is currently the CEO of GoVirtual, a VMware virtual services firm, and claims his non-disclosure agreement with the FBI has now expired, which is why he only contacted de Raadt with the information now.

“The mail came in privately from a person I have not talked to for nearly 10 years,” da Raadt wrote in his a posting to an OpenBSD discussion list. “I refuse to become part of such a conspiracy, and will not be talking to Gregory Perry about this. Therefore I am making it public.”

Perry names specific contractors and others who implemented back doors, and urges de Raadt and OpenBSD community to review code committed to the project by those developers. Perry also asserts the back doors are one reason the FBI has been advocating the use of OpenBSD for virtual private networks in virtualized environments—all the easier for them to monitor.

Theo de Raadt notes that since the time when Perry worked on the OpenBSD project, the IPSEC stack has been made available for free and substantial parts of the code are now used in a wide variety of open source projects. However, the code has also been through a number of substantial changes in the last decade, making it difficult to assess the potential impact of Perry’s allegations, if they’re true. Making the unsubstantiated claims public, de Raadt says, gives users a chance to audit their code, and a chance for anyone accused to defend themselves.

At least one person named by Perry has categorically denied ever working for the FBI.

So far, the Internet security community is largely greeting Perry’s claims with skepticism, but security experts have noted that, after a decade, it might be very difficult to “walk back the cat” to determine what portions of OpenBSD networking could potentially be impacted.


Why are game studios run like sweat shops? The human toll of ‘crunch time’

After the revelation of 100-hour work weeks in Red Dead Redemption 2’s development, we spoke with a number of developers about what it’s like to work in crunch culture in the game industry.

Protect your digital identity with these four easy steps to online anonymity

You don't have to be a secret agent or a notorious hacktivist to care about anonymity. Consult this guide to learn tips, tricks, and best practices for staying anonymous and keeping your online activity private
Movies & TV

The best shows on Netflix, from 'The Haunting of Hill House’ to ‘The Good Place’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.

Apple CEO demands Bloomberg retract its Chinese surveillance story

Apple CEO Tim Cook is calling on Bloomberg to retract a story alleging that Apple had purchased compromised servers that allowed the Chinese government to spy on Apple. Apple's investigation found no truth to the story.

Core i9s and Threadrippers are all powerful, but should you go AMD or Intel?

The battle for the top prosumer CPUs in the world is on. In this head to head, we pit the Core i9 versus the Threadripper to see which is the best when it comes to maximizing multi-core performance on a single chip.

Despite serious security flaws, D-Link will (again) not patch some routers

D-Link revealed that it won't patch six router models despite warnings raised by a security researcher. The manufacturer, for the second time in a span of about a year, cited end-of-life policies for its decision to not act.
Product Review

Dell’s G3 Gaming laptop knows what gamers want, and what they can live without

Compromise and budget gaming laptops go hand-in-hand, but with the G3, Dell has figured out how to balance what gamers want with what they can live without.

Apple’s latest feature ensures MacOS apps are safer than ever

MacOS is mythically known for being more immune to viruses than Windows, but that doesn't mean there isn't room to make it safer. Apple is using an app notarization feature to protect users from downloading malicious apps.

There’s now proof that quantum computing is superior to the classical variety

For the first time in computer science history, researchers have tangibly demonstrated how a quantum computer is better than a classical computer. A quantum computer was able to solve a math problem that a classical PC cannot.

In 2018, the rivalry between AMD and Intel has become more interesting than ever

When it comes to selecting a CPU for your PC, there's no shortage of chips for you to choose from. With Ryzen, Threadripper, and Core i9 CPUs though, the AMD vs. Intel argument is muddier than ever.

Will Apple introduce a new MacBook at its Oct. 30 event? Here's everything we know

Whether it's called the MacBook Air or just the MacBook, Apple is highly rumored to introduce a new, affordable laptop in 2018. We discuss reports about upgrading displays, processors, sign-in features, and more.
Product Review

Amid a new fleet of budget laptops, the ZenBook 13 sails where others sink

It’s never been truer that you don’t need to spend over a thousand bucks to buy a good laptop. The ZenBook 13 takes we’ve always loved about its predecessor and makes enough small refinements to keep it ahead of its competitors.

Gaming on a laptop has never been better. These are your best options

Gaming desktops are powerful, but they tie you down to your desk. For those of us who prefer a more mobile experience, here are the best gaming laptops on the market, ranging from budget machines to maxed-out, wallet-emptying PCs.

How does Samsung's new 2-in-1 stack up against the tried-and-true Surface Pro 6?

We're the stacking Surface Pro 6 and Galaxy Book 2 up against each other in this head-to-head. Both of these devices share a similar form factor and design, but be it LTE connectivity or difference in pricing, each offers up its own pros…