On Oct 9, 2013, at 9:06 PM, Michael Schuh <[email protected]> wrote:
> ridiculous Head, meet sand. Then again, consider the country of origin. They have a history of not recognizing naked tyranny and evil until it's far too late. They will be in good company with all the apologists for the current American surveillance state. > > vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv > From: Thinker Rix <[email protected] > > > User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; > rv:17.0) Gecko/20130801 Thunderbird/17.0.8 > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > > = = = http://michael-schuh.net/ = = = > Projektmanagement - IT-Consulting - Professional Services IT > Rev. Michael Schuh > Ordained Dudeist Priest > Postfach 10 21 52 > 66021 Saarbrücken > phone: 0681/8319664 > @: m i c h a e l . s c h u h @ g m a i l . c o m > > = = = Ust-ID: DE251072318 = = = > > > 2013/10/10 Chris Buechler <[email protected]> > On Wed, Oct 9, 2013 at 9:20 AM, Thinker Rix <[email protected]> wrote: > > Dear pfsense-team, > > > > today I posted the following on your blog at http://blog.pfsense.org/?p=712 > > > > > > ################################################ > > > > “Worried User Says: Your comment is awaiting moderation. > > > > October 9th, 2013 at 7:55 am > > > > Hi guys, > > > > I want to ask if you have been approached by any US government officials, > > such as NSA, FBI, etc. and been asked/ forced to include any backdoors, > > spyware, loggers, etc. into pfsense and if you did so. > > > > Thank you > > > > Worried User” > > > > ################################################ > > > > > > Some minutes later I could see that my entry was not released to the public > > - but deleted by the moderator, without any further comment. > > > > Not true, the comment was moderator approved. The only reason we have > moderation at all is because spam significantly outnumbers legit > comments and we don't want any spam on any of our sites, there isn't > some vast conspiracy going on. > > No, we have not been approached by anyone to backdoor or otherwise > compromise security of the project, at any point during our 9 year > history. > > I have indeed met with the NSA in person related to the product of one > of our rebrand customers a couple years back, one of their groups was > interested in evaluating the product. It survived their security > analysis quite well (at least from what they declassified and > released), and better than most things that come into their lab from > what I understand. At no point did any discussion happen related to > back doors or other means of compromising security for them. I wasn't > under NDA nor do I have a security clearance. > > It is effectively a moot question to ask, given if we were, there's no > way we could disclose that. Evidence suggests a number of huge tech > companies have complied. There hasn't been any evidence to date that > any open source projects were approached. A number of widely-respected > security people have come out and said that open source solutions are > better in the aftermath of the recent revelations. One example: > "My guess is that most encryption products from large US companies > have NSA-friendly back doors, and many foreign ones probably do as > well. It's prudent to assume that foreign products also have > foreign-installed backdoors. Closed-source software is easier for the > NSA to backdoor than open-source software." -Bruce Schneier > https://www.schneier.com/blog/archives/2013/09/how_to_remain_s.html > > On crypto-related components, we rely on what's in stock FreeBSD. > There are no indications it has been weakened or compromised. > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
