[Owasp-Malaysia] The Curious Case of FOSS paid developer

najmi.zabidi at gmail.com najmi.zabidi at gmail.com
Thu Dec 16 02:45:04 EST 2010


On Wed, Dec 15, 2010 at 7:41 PM, Ang Chin Han <ang.chin.han at gmail.com> wrote:
> On Wed, Dec 15, 2010 at 6:34 PM, najmi.zabidi at gmail.com
> <najmi.zabidi at gmail.com> wrote:
>> According to this;
>>
>> http://marc.info/?l=openbsd-tech&m=129237675106730&w=2
>>
>> "We have never allowed US citizens or foreign citizens working in the US
>> to hack on crypto code (Niels Provos used to make trips to Canada to
>> develop OpenSSH for this reason), so direct interference in the crypto
>> code is unlikely"
>>
>> Luckily Canada is just nearby north America, and I don't have to eat
>> carrots and see my dentist in the other day.
>>
>> So much for a free country and "land of the brave". Better come here
>> to Malaysia and have fun with us downloading movies.
>
> ?
>
> Strong crypto (at that time) export was classifiable as weaponsin the
> US. You really don't want your coders to get in trouble. Besides, that
> policy is similar to not letting an Open Source project's code get
> tainted by contributions from people who may inevitably contribute
> tainted closed code.
>
> Besides, "we never allowed" == "openbsd never allowed", not "X country
> never allowed"

That's the safe way to avoid OpenBSD cryptocode come into dispute
later on for export restrictions. I believe so.


>
> /me remembers tuning down the rsa key length just to be able to let
> crypto-export restricted browsers to be able to connect to it.
> _______________________________________________



More to come:

http://blogs.csoonline.com/1296/an_fbi_backdoor_in_openbsd

Denial from one of the accused:
http://blog.scottlowe.org/2010/12/14/allegations-regarding-fbi-involvement-with-openbsd/


More information about the Owasp-Malaysia mailing list