In message <[EMAIL PROTECTED]>, Terry Lambert writes: >Matthew Emmerton wrote: >> > There is a backdoor in all versions of FreeBSD that are not compiled >> > from source code within portmapper and telnetd. >> >> Hmm. Let's check out this logic. The binaries that ship on the FreeBSD >> distros are compiled from source. When I upgrade my system, I compile from >> source. And the backdoor only exists in binaries that are not compiled from >> source. So where do these binaries-with-no-source come from? Oh, I know! >> Carnivore detects FreeBSD ISO downloads, and tells the Magic Lantern >> software on my ISP's servers to change the binaries inside the ISO images >> that I FTP. Makes perfect sense! > >Bell Systems Technical Journal, July-August 1978, "On the Security >of UNIX.", D. M. Ritchie. > >They hacked the compiler to hack the passwd program when it was >being compiled, and also to hack the compiler to include hacks >to the compiler and the passwd program when the compiler itself >was being compiled.
Sigh. Wrong reference. That was from Brians ACM Turning award thankyou-presentation. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [EMAIL PROTECTED] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
