Re: Allegations regarding OpenBSD IPSEC

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Ted Unangst

Subject: Re: Allegations regarding OpenBSD IPSEC

Date: Wednesday, December 15, 2010 - 1:54 pm

On Wed, Dec 15, 2010 at 3:36 PM, Damien Miller <djm@mindrot.org> wrote:
quoted text> On Wed, 15 Dec 2010, patrick keshishian wrote:
>
>> It is easy to shoot one's mouth off like that about bounty offered,
>> given the ridiculously constrained "conditions" the bounty is offered
>> under. He might as well offered a million USD. No one will be able to
>> prove this under these restrictions.
>
> His conditions aren't "ridiculously constrained", they seem to be pretty
> much approproiate for the allegations.

The requirement that the bug still be exploitable in the current code
is a little much.  A hidden side channel might possibly be quite
fragile and easily disarmed by accident without fixing the underlying
flaw, but that wouldn't invalidate the allegation.  That part did read
a lot like hedging the bet.

An exploit like this that only worked pre-4.4 (to pick a random older
release for example) would still be very valuable.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Allegations regarding OpenBSD IPSEC, Theo de Raadt, (Tue Dec 14, 3:24 pm)

Re: Allegations regarding OpenBSD IPSEC, Bob Beck, (Tue Dec 14, 3:52 pm)

Re: Allegations regarding OpenBSD IPSEC, Damien Miller, (Tue Dec 14, 6:30 pm)

Re: Allegations regarding OpenBSD IPSEC, Brandon Mercer, (Tue Dec 14, 8:26 pm)

Re: Allegations regarding OpenBSD IPSEC, Otto Moerbeek, (Tue Dec 14, 11:48 pm)

Re: Allegations regarding OpenBSD IPSEC, Gregory Edigarov, (Wed Dec 15, 3:20 am)

Re: Allegations regarding OpenBSD IPSEC, Brandon Mercer, (Wed Dec 15, 3:40 am)

Re: Allegations regarding OpenBSD IPSEC, Stuart Henderson, (Wed Dec 15, 3:54 am)

Re: Allegations regarding OpenBSD IPSEC, Peter N. M. Hansteen, (Wed Dec 15, 12:33 pm)

Re: Allegations regarding OpenBSD IPSEC, patrick keshishian, (Wed Dec 15, 1:25 pm)

Re: Allegations regarding OpenBSD IPSEC, Peter N. M. Hansteen, (Wed Dec 15, 1:31 pm)

Re: Allegations regarding OpenBSD IPSEC, Damien Miller, (Wed Dec 15, 1:36 pm)

Re: Allegations regarding OpenBSD IPSEC, Ted Unangst, (Wed Dec 15, 1:54 pm)

Re: Allegations regarding OpenBSD IPSEC, patrick keshishian, (Wed Dec 15, 2:01 pm)

Re: Allegations regarding OpenBSD IPSEC, Marc Espie, (Thu Dec 16, 4:30 pm)

Re: Allegations regarding OpenBSD IPSEC, Brandon Mercer, (Thu Dec 16, 5:10 pm)

Re: Allegations regarding OpenBSD IPSEC, Carson Harding, (Thu Dec 16, 7:27 pm)

Re: Allegations regarding OpenBSD IPSEC, Pawel Veselov, (Fri Dec 17, 3:25 am)

Re: Allegations regarding OpenBSD IPSEC, Kevin Chadwick, (Fri Dec 17, 4:11 am)

Re: Allegations regarding OpenBSD IPSEC, Andres Perera, (Mon Jan 3, 1:03 pm)


linux-kernel:
Mel Gorman	Re: [PATCH 1/4] vmstat: remove zone->lock from walk_zones_in_node
Guenter Roeck	Re: [lm-sensors] Location for thermal drivers
David Woodhouse	Re: RFC: Moving firmware blobs out of the kernel.
Siddha, Suresh B	Re: [PATCH 2.6.21 review I] [11/25] x86: default to physical mode on hotplug CPU k...
Peter Zijlstra	Re: [patch 4/6] mm: merge populate and nopage into fault (fixes nonlinear)
git-commits-head:
Linux Kernel Mailing List	[MIPS] Fix potential latency problem due to non-atomic cpu_wait.
Linux Kernel Mailing List	USB: rename USB_SPEED_VARIABLE to USB_SPEED_WIRELESS
Linux Kernel Mailing List	lib/vsprintf.c: fix bug omitting minus sign of numbers (module_param)
Linux Kernel Mailing List	[Bluetooth] Initiate authentication during connection establishment
Linux Kernel Mailing List	[POWERPC] 4xx: Add ppc40x_defconfig
linux-netdev:
MERCEDES	Your mail id has won 950,000.00 in the MERCEDES Benz Online Promo.for claims send:
David Miller	Re: [PATCH] xen/netfront: do not mark packets of length < MSS as GSO
David Miller	Re: skb_segment() questions
Shan Wei	[RFC PATCH net-next 2/5]IPv6:netfilter: Send an ICMPv6 "Fragment Reassembly Timeou...
Stanislaw Gruszka	[PATCH 1/4] bnx2x: use smp_mb() to keep ordering of read write operations
git:
Nicolas Sebrecht	git-svn died of signal 11 (was "3 failures on test t9100 (svn)")
Junio C Hamano	Re: [PATCH 2/2] Add url.<base>.pushInsteadOf: URL rewriting for push only
Martin Langhoff	Re: [PATCH] GIT commit statistics.
Alexandre Julliard	[PATCH] gitweb: Put back shortlog instead of graphiclog in the project list.
Josh Triplett	[PATCH 2/2] Add url.<base>.pushInsteadOf: URL rewriting for push only
openbsd-misc:
Taisto Qvist XX	Re: AMD GEODE LX-800 just works with kernel from install42.iso and kernelpanics wi...
Nico Meijer	Re: gOS Develop Kit with VIA pc-1 Processor Platform VIA C7-D
Andreas Bihlmaier	Re: jetway board sensors (Fintek F71805F)
admin	Drive a 2009 car from R799p/m
Antti Harri	Re: how to create a sha256 hash