OpenBSD's FBI file

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

OpenBSD's FBI file

Frank Beuth
https://www.muckrock.com/foi/united-states-of-america-10/foia-fbi-openbsd-70084/

Earlier this year I FOIAed the FBI for details on allegations of backdoor installed in the IPSEC stack in 2010, originally discussed by OpenBSD devs (https://marc.info/?l=openbsd-tech&m=129236621626462 …) Today, I got an interesting but unexpected responsive record: https://www.muckrock.com/foi/united-states-of-america-10/foia-fbi-openbsd-70084/ … #FOIAfriday

The record I was provided by the FBI was created Sept. 2002, and details a separate investigation into an operation tiled 'OPERATION 0DAY COMPUTER INTRUSIONS': https://cdn.muckrock.com/foia_files/2019/07/19/Ecd74aeb090e009e1ede26e1a0fe860c184bb6797_Q52218_R348013_D2256726.pdf …

To my knowledge there are no other public agency records available regarding this.

There are a lot of redactions here, but it looks like the focus here might have been an exploit that lead also to the following OpenSSH vuln: https://web.archive.org/web/20080622172542/www.iss.net/threats/advise123.html …

"OpenBSD was compromised through the internet host http://cvs.openbsd.org  or http://ftp.openbsd.org ,.. [REDACTED] claimed on IRC channel [REDACTED] which he connects to from internet hosts in Australia, to have committed the hack."

https://twitter.com/RooneyMcNibNug/status/1152329067707928583

Reply | Threaded
Open this post in threaded view
|

Re: OpenBSD's FBI file

Theo de Raadt-2
> There are a lot of redactions here, but it looks like the focus here
> might have been an exploit that lead also to the following OpenSSH
> vuln:
> https://web.archive.org/web/20080622172542/www.iss.net/threats/advise123.html

That is a ridiculous claim.  It is unrelated.

I believe the record is related to a different event which occurred.  It
connects a few dots but water under the bridge.