[nycbug-talk] Fwd: Allegations regarding OpenBSD IPSEC

George Rosamond george at ceetonetechnology.com
Tue Dec 14 23:11:41 EST 2010

<return to bottom/inline-posting here>

On 12/14/10 22:20, Mark Saad wrote:
> handkar<siraaj at khandkar.net>  wrote:
>> Anyone else noticed this? Any thoughts?
> http://cm.bell-labs.com/who/ken/trust.html

cool.  More below.

>> Begin forwarded message:
>>> From: Theo de Raadt<deraadt at cvs.openbsd.org>
>>> Date: 14 December 2010 16:18:27 EST
>>> To: security-announce at openbsd.org
>>> Subject: Allegations regarding OpenBSD IPSEC
>>> I have received a mail regarding the early development of the OpenBSD
>>> IPSEC stack.  It is alleged that some ex-developers (and the company
>>> they worked for) accepted US government money to put backdoors into
>>> our network stack, in particular the IPSEC stack.  Around 2000-2001.
>>> Since we had the first IPSEC stack available for free, large parts of
>>> the code are now found in many other projects/products.  Over 10
>>> years, the IPSEC code has gone through many changes and fixes, so it
>>> is unclear what the true impact of these allegations are.
>>> The mail came in privately from a person I have not talked to for
>>> nearly 10 years.  I refuse to become part of such a conspiracy, and
>>> will not be talking to Gregory Perry about this.  Therefore I am
>>> making it public so that
>>>     (a) those who use the code can audit it for these problems,
>>>     (b) those that are angry at the story can take other actions,
>>>     (c) if it is not true, those who are being accused can defend themselves.
>>> Of course I don't like it when my private mail is forwarded.  However
>>> the "little ethic" of a private mail being forwarded is much smaller
>>> than the "big ethic" of government paying companies to pay open source
>>> developers (a member of a community-of-friends) to insert
>>> privacy-invading holes in software.
>>> ----
>>> From: Gregory Perry<Gregory.Perry at GoVirtual.tv>
>>> To: "deraadt at openbsd.org"<deraadt at openbsd.org>
>>> Subject: OpenBSD Crypto Framework
>>> Thread-Topic: OpenBSD Crypto Framework
>>> Thread-Index: AcuZjuF6cT4gcSmqQv+Fo3/+2m80eg==
>>> Date: Sat, 11 Dec 2010 23:55:25 +0000
>>> Message-ID:<8D3222F9EB68474DA381831A120B1023019AC034 at mbx021-e2-nj-5.exch021.domain.local>
>>> Accept-Language: en-US
>>> Content-Language: en-US
>>> X-MS-Has-Attach:
>>> X-MS-TNEF-Correlator:
>>> Content-Type: text/plain; charset="iso-8859-1"
>>> Content-Transfer-Encoding: quoted-printable
>>> MIME-Version: 1.0
>>> Status: RO
>>> Hello Theo,
>>> Long time no talk.  If you will recall, a while back I was the CTO at
>>> NETSEC and arranged funding and donations for the OpenBSD Crypto
>>> Framework.  At that same time I also did some consulting for the FBI,
>>> for their GSA Technical Support Center, which was a cryptologic
>>> reverse engineering project aimed at backdooring and implementing key
>>> escrow mechanisms for smart card and other hardware-based computing
>>> technologies.
>>> My NDA with the FBI has recently expired, and I wanted to make you
>>> aware of the fact that the FBI implemented a number of backdoors and
>>> side channel key leaking mechanisms into the OCF, for the express
>>> purpose of monitoring the site to site VPN encryption system
>>> implemented by EOUSA, the parent organization to the FBI.  Jason
>>> Wright and several other developers were responsible for those
>>> backdoors, and you would be well advised to review any and all code
>>> commits by Wright as well as the other developers he worked with
>>> originating from NETSEC.
>>> This is also probably the reason why you lost your DARPA funding, they
>>> more than likely caught wind of the fact that those backdoors were
>>> present and didn't want to create any derivative products based upon
>>> the same.
>>> This is also why several inside FBI folks have been recently
>>> advocating the use of OpenBSD for VPN and firewalling implementations
>>> in virtualized environments, for example Scott Lowe is a well
>>> respected author in virtualization circles who also happens top be on
>>> the FBI payroll, and who has also recently published several tutorials
>>> for the use of OpenBSD VMs in enterprise VMware vSphere deployments.
>>> Merry Christmas...
>>> Gregory Perry
>>> Chief Executive Officer
>>> GoVirtual Education
>>> "VMware Training Products&  Services"
> Why are his phone numbers in here?

maybe since it *was* a private email?  I'm more curious about the Facebook.

>>> 540-645-6955 x111 (local)
>>> 866-354-7369 x111 (toll free)
>>> 540-931-9099 (mobile)
>>> 877-648-0555 (fax)
>>> http://www.facebook.com/GregoryVPerry
> Also a fun read as it has his personal
> phooooooooooooooooooooooooooooooooooooooooooooooooooooooo
>>> http://www.facebook.com/GoVirtual

Something really stinks about this whole thing.

Does anyone remember the last time a law enforcement agency had someone 
sign a 10 year NDA on a backdoor?

"Oh, times up, I can post it on Facebook now.  Cool."

Maybe he was being "outed" on Wikileaks.  Yet another connection. </grin>

As mentioned by Beck, the binary driver issue certainly seems like a 
very relevant follow-up.


More information about the talk mailing list