Aggrajag and Mortimer.CA, among others, wrote to inform us that Theo de Raadt has made public an email sent to him by Gregory Perry, who worked on the OpenBSD crypto framework a decade ago. The claim is that the FBI paid contractors to insert backdoors into OpenBSD’s IPSEC stack. Mr. Perry is coming forward now that his NDA with the FBI has expired. The code was originally added ten years ago, and over that time has changed quite a bit, “so it is unclear what the true impact of these allegations are” says Mr. de Raadt. He added: “Since we had the first IPSEC stack available for free, large parts of the code are now found in many other projects/products.” (Freeswan and Openswan are not based on this code.)
Read more of this story at Slashdot.