jm + openbsd   3

OpenSSL Valhalla Rampage
OpenBSD are going wild ripping out "arcane VMS hacks" in an attempt to render OpenSSL's source code comprehensible, and finding amazing horrors like this:

'Well, even if time() isn't random, your RSA private key is probably pretty random. Do not feed RSA private key information to the random subsystem as entropy. It might be fed to a pluggable random subsystem…. What were they thinking?!'
random  security  openssl  openbsd  coding  horror  rsa  private-keys  entropy 
april 2014 by jm
packetdrill - network stack testing tool
[Google's] packetdrill scripting tool enables quick, precise tests for entire TCP/UDP/IPv4/IPv6 network stacks, from the system call layer down to the NIC hardware. packetdrill currently works on Linux, FreeBSD, OpenBSD, and NetBSD. It can test network stack behavior over physical NICs on a LAN, or on a single machine using a tun virtual network device.
testing  networking  tun  google  linux  papers  tcp  ip  udp  freebsd  openbsd  netbsd 
july 2013 by jm
Backdoor Allegations regarding OpenBSD IPSEC
'It is alleged that some ex-developers (and the company<br />
they worked for) accepted US government money to put backdoors into [the OpenBSD] network stack, in particular the IPSEC stack. Around 2000-2001'
openbsd  wow  ipsec  backdoors  fbi  nsa  us-politics  open-source  networking  security  from delicious
december 2010 by jm

Copy this bookmark:



description:


tags: