Page 5 of 12 FirstFirst ... 34567 ... LastLast
Results 41 to 50 of 114

Thread: The FBI Paid OpenBSD Developers For Backdoors?

  1. #41
    Join Date
    Jun 2009
    Posts
    2,926

    Default

    Quote Originally Posted by deanjo View Post
    Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
    Really? Have you shown that closed source software is more secure / has zero backdoors?

    One backdoor which went unnoticed only shows that more eyes do not lead to perfect code without any backdoors. It doesn't show that open code has as many backdoors as closed code.

  2. #42
    Join Date
    May 2007
    Location
    Third Rock from the Sun
    Posts
    6,582

    Default

    Quote Originally Posted by pingufunkybeat View Post
    Really? Have you shown that closed source software is more secure / has zero backdoors?

    One backdoor which went unnoticed only shows that more eyes do not lead to perfect code without any backdoors. It doesn't show that open code has as many backdoors as closed code.
    Your missing the point. Far to many people have his illusion that opensource code because it is freely viewable means it is secure. What is really disturbing is that open has this backdoor and freebsd doesn't and a simple diff would have shown the code.

  3. #43
    Join Date
    Jun 2009
    Posts
    2,926

    Default

    Just for the record, nobody has even shown that there is a backdoor in the OpenBSD code today, even if there was one successfully planted 10 years ago.

  4. #44
    Join Date
    Dec 2008
    Posts
    22

    Default

    I wonder how much of this happens in closed-source development...

  5. #45
    Join Date
    Oct 2009
    Posts
    111

    Default

    Quote Originally Posted by deanjo View Post
    Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
    That is not a myth per se.
    Actually it is true.
    If more (knowledgeable) people look at your code it will turn out more secure, at least if not all of them have bad intentions.

    Now the only problem is to get more eyes.

  6. #46
    Join Date
    Oct 2009
    Posts
    845

    Default

    Quote Originally Posted by deanjo View Post
    Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
    Ahh so if something open source has been compromised then it somehow PROVES that it's not more secure than closed source? How
    did you reach that generalised conclusion (apart from either being stupid or just trolling) ?

    With open source you CAN audit, with closed source you CAN'T audit and thus you are totally at the mercy of your provider when it comes to security.

  7. #47
    Join Date
    Mar 2007
    Location
    DG, IL, USA
    Posts
    195

    Default

    Quote Originally Posted by yogi_berra View Post
    No, no, it's sex by surprise.
    Hmm they could also plant child porn on his comp using another persons backdoor code
    Those who would give up Essential Liberty to purchase a little Temporary Safety,deserve neither Liberty nor Safety.
    Ben Franklin 1755

  8. #48
    Join Date
    Apr 2008
    Location
    Saskatchewan, Canada
    Posts
    460

    Default

    Quote Originally Posted by deanjo View Post
    Well there goes another opensource myth. So much for "more eyes lead to more secure code" argument.
    The funny part is that no-one has actually demonstrated any proof of an actual back door. There's just an email saying 'someone paid someone to put a back door in the code', and suddenly everyone is running around shouting 'OH MY GOD! BSD SUCKS! OPEN SOURCE SUCKS!'

    And there's precisely zero actual evidence so far of an real, actual back door in the code.

    Wake me up when there's something more than a random email from a random person making random claims.

    OH MY GOD! I FORGOT! I worked on a contract for Microsoft a decade ago and somoene told me that their brother's aunt's first cousin's boyfriend was paid by Richard Nixon to put a backdoor in Windows!

    Would anyone take that at all seriously even though Microsoft source is closed and no-one outside the company can even check to see whether such a back door exists? Yet people are ranting about the horrible security of an operating system where anyone who cares can trivially check the real, actual source code.

  9. #49
    Join Date
    Dec 2008
    Location
    Australia
    Posts
    880

    Default

    One can only hope the following is true.

    "OpenBSD/FBI allegations denied by named participants"
    http://www.itworld.com/open-source/1...ed-participant

  10. #50
    Join Date
    Apr 2010
    Posts
    1,946

    Default

    Quote Originally Posted by BlackStar View Post
    The main issue is that the open-source model is based on trust (or the illusion of trust).
    Open-source is based on "public eyes" model.
    Closed source is based on trust(how that chip "secure" was called again?).
    Trust is a weakness.

    Still, the situation is not so bad as in Syndicate Wars...

    I guess *BSD has once more confirmed they are useless.

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •