[BlueOnyx:24869] Re: FreeBSD 13 and pfSense drama (Off-Topic)
Ken Hohhof
khohhof at kwom.com
Sun Mar 28 08:21:51 -05 2021
The lesson of the article seems not to be that the convicted felon wrote bad
code (although he did), but that open source code being safe because it is
reviewed by the community is a myth.
-----Original Message-----
From: Blueonyx <blueonyx-bounces at mail.blueonyx.it> On Behalf Of Michael
Stauber
Sent: Saturday, March 27, 2021 11:43 PM
To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
Subject: [BlueOnyx:24868] FreeBSD 13 and pfSense drama (Off-Topic)
Hi all,
This is not BlueOnyx related at all, but if you want a giggle at the expense
of others, say no more:
https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-a
nd-bad-code-freebsd-13s-close-call/
TL;DR: Netgate paid a convicted felon to port WireGuard into the FreeBSD
kernel to make it easier for them to use pfSense on FreeBSD for their stuff.
That guy eventually delivered and the code submission was merged into the
code tree for the upcoming release of FreeBSD 13.
Until the FreeBSD core maintainers found out what an unmitigated and
exploitable disaster that code was. "Bad" just doesn't cut it. It was a hell
of a lot worse.
So in a two week bender they rewrote it from scratch on their own. Which
gave Netgate the fits and put them into a rage-fit of accusations and easily
refutable denials. The reason for that unwise move was: They already had
merged the shitty pre-beta FreeBSD-code into pfSense 2.5.0 (released a month
before FreeBSD 13 was to come out) and FreeBSD's fixes now clearly showed
what an exploitable buggy mess pfSense 2.5.0 actually had become.
End result: FreeBSD and Netgate no longer seem to be "friends" and WireGuard
has been stripped from the upcoming FreeBSD 13 release entirely.
That went well. /facepalm
I actually liked pfSense a little. Now I'm wondering what other "surprises"
they have under the hood. :-/
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
More information about the Blueonyx
mailing list