Gregory Perry completes full disclosure on OpenBSD compromise?

Leave a comment

Ok, so it’s kind of hyperbolic since OpenBSD itself is not compromised but what Perry is saying is that some of the encryption algorithms used by OpenBSD products, particularly for vpn, have been compromised for some time but the FBI let it slide so they could exploit it for surveillance. Previously strict export regulation crypto algos was quietly relaxed while RSA never bothered to renew their patent on the RSA crypto. Perry suggests that this is a loud “tell” indicating that vulnerabilities have been found so it’s being allowed to propagate in the wild until enough people use it and effective surveillance can be implemented.

If any of this conjecture is the case, then it could reasonably be said that the FBI intentionally – and very seriously – weakened the United States critical infrastructure and our military capabilities by advocating the use of a fundamentally weak encryption algorithm as a tradeoff between US National Security and their need to observe domestic communications in the United States. This of course has serious implications for any technology predicated upon the RSA encryption algorithm and its progeny, such as military grade GPS which uses RSA for weapons targeting, military smart card technology such as the Common Access Card, commercial smart card technologies used in RFID and contactless payment solutions, etc. Most of these standards are now literally set in stone insofar as embedded systems are concerned, and the vast majority of OpenBSD / OCF installations are embedded-based without an upgrade path due to the small footprint of OpenBSD and the BSD licensing scheme used by the OpenBSD project. Literally millions (and potentially hundreds of millions) of OpenBSD installations are out there in the embedded space such as routers, firewalls, VPN devices etc, and this goes without mentioning the many other operating systems that have incorporated the OpenBSD OCF and PF firewalling stack without any audit of the source code based on the security and reputation inherent to the OpenBSD Project.

I personally think Perry is being a bit sensational and doing a bit of drama in the security theater but those are still some serious allegations. Have to say, not really surprised. I do remember the days when it was edgy to tattoo a perl one-liner that did RSA encryption as it was still considered a munition at that time so if one left the country with said tattoo, one was technically an illegal arms dealer. Checking openbsd misc for any Theo ranting responses…

The original email thread that started this

Austin police need a priority check

1 Comment

The whole point of a police force is to protect and serve, especially those who are not able to do so themselves. Maintaining public order and such is kind of secondary in my opinion. I’m actually of the opinion that police are just there to gather evidence after a crime scene, but that’s not the point of this post.

Antonio Buehler, reputedly a West Point graduate and an Army Ranger veteran of both Iraq and Afghanistan, got roughed up by the Austin police department very early New Year’s Day while stopping to get gas on the way home as a designated driver for his friend and subsequently observing what appeared to be police brutality. He started recording video, I think. Someone across the street recorded video of Buehler himself getting the abusive treatment while he was trying to intervene against what he thought was rather excessive force against some young girl that was pulled over for DWI. I think the trigger was when APD pulled her passenger out who was just clicking away on her phone quietly inside the car.

So, the jury is still out, obviously, but given that Buehler is a noted local activist and Ron Paul supporter, I’m inclined to be biased towards his story. Besides, I’ve been on the receiving side of APD’s velvet glove so I can relate.

After some thought, it’s pretty clear to me that DWI stops are BIG BUSINESS in Austin and a lot of Real Crime ends up getting ignored so they can be thugs for the corrupt criminal justice system in the City of Austin and Travis County.

To put this into perspective, while Buehler and these girls were getting roughed up for being some kind of threat to society (?), a locally well-known and popular girl named Esme Barrera was murdered in her own home in a very nice neighborhood north of the University of Texas. The same night, 2 other females were assaulted in the same neighborhood and I think on the same block but fortunately managed to escape. The message I’m getting here is that if I want to go commit violent crimes, I should do them when APD is focused on zero-tolerance holiday weekends when they likely make millions in revenue for the prison/legal industrial complex.

What a shame. Even more disturbing is that I live less than a 1/4 mile from this area and until this happened, I always felt safe leaving the windows and doors open in my house and car. Now, on top of never going out again for a beer or 2 for fear of getting my blood drawn on the side of the road, I lock up everything. The anti-gun limousine liberal Obamanoids around here probably think I’m crazy for having guns, but I bet they are thinking twice now.

Update 01 Dec 2012 Bob Ransom is right on. LEOs just enforce laws. I add that laws are written by a crony cabal who seek to monetize every human action they can by making practically everything illegal. They are literally parasites on productive and creative members of society. If there were ever a justification for eugenics, it would be for the criminal class that this cabal is composed of.

Even Maddox points out how out of control these retards are.

And as for us: record cops. Record them all the time. Record them even if they’re not doing anything. Cops are cracking down on this and they’re trying to change the laws to make it illegal so they can’t be held accountable for breaking the law. They look up your plates every time they’re behind you at a stop, even if you haven’t done anything, just to check up on you. It’s time we started checking up on them.