科技回声

I'm where he is. Interesting discussion, though -- and it really highlights the limits of "with many eyes all bugs are shallow".

he didn't add anything new to the discussion but his opinion. Crypto scholars are excellent at cryptography and security theory, but when it comes to actually implementing secure systems (exception being crypto algorithms), and securing systems, Crypto scholars are horrible. For example he mentions that it would be better to just find an existing vulnerability instead of planting an FBI backdoor in the OpenBSD code: good luck Schneier, obviously you don't know that much about OpenBSD security culture and history. Plus the NSA has a history of putting backdoors into solutions. This is just my opinion from experience.

Given the past feats from Theo de Raadt, my guess is on a nice stunt to get a free thorough code check :)

Easy way to prove it isn't true:<p>Has there ever been a criminal case prosecuted in the USA where the FBI entered or revealed intercepted VPN data as evidence?

I'm where he is. Interesting discussion, though -- and it really highlights the limits of "with many eyes all bugs are shallow".

Given the past feats from Theo de Raadt, my guess is on a nice stunt to get a free thorough code check :)

Easy way to prove it isn't true:<p>Has there ever been a criminal case prosecuted in the USA where the FBI entered or revealed intercepted VPN data as evidence?

Schneier's take on the alleged backdoor in OpenBSD

4 条评论

Schneier's take on the alleged backdoor in OpenBSD

4 条评论