[BlueOnyx:24873] Re: FreeBSD 13 and pfSense drama (Off-Topic)
Lewis Gardner
lewisg at iglou.com
Sun Mar 28 22:45:08 -05 2021
I certainly wouldn't take that "lesson" from this tale of woe!
If the code WASN'T open then no one would be the wiser. In this case
others were able to see the mess and fix it. A black eye for some is a
chance for brilliance for others. Who do you trust now? I have always
been impressed with FreeBSD.
I have no problems with felons that have paid their debt doing work.
Some may be more honest now than those that have not been caught and
convicted yet. Supervision is the key to success...
On 3/28/21 9:21 AM, Ken Hohhof wrote:
> The lesson of the article seems not to be that the convicted felon wrote bad
> code (although he did), but that open source code being safe because it is
> reviewed by the community is a myth.
>
>
> -----Original Message-----
> From: Blueonyx <blueonyx-bounces at mail.blueonyx.it> On Behalf Of Michael
> Stauber
> Sent: Saturday, March 27, 2021 11:43 PM
> To: BlueOnyx General Mailing List <blueonyx at mail.blueonyx.it>
> Subject: [BlueOnyx:24868] FreeBSD 13 and pfSense drama (Off-Topic)
>
> Hi all,
>
> This is not BlueOnyx related at all, but if you want a giggle at the expense
> of others, say no more:
>
> https://arstechnica.com/gadgets/2021/03/buffer-overruns-license-violations-a
> nd-bad-code-freebsd-13s-close-call/
>
> TL;DR: Netgate paid a convicted felon to port WireGuard into the FreeBSD
> kernel to make it easier for them to use pfSense on FreeBSD for their stuff.
> That guy eventually delivered and the code submission was merged into the
> code tree for the upcoming release of FreeBSD 13.
>
> Until the FreeBSD core maintainers found out what an unmitigated and
> exploitable disaster that code was. "Bad" just doesn't cut it. It was a hell
> of a lot worse.
>
> So in a two week bender they rewrote it from scratch on their own. Which
> gave Netgate the fits and put them into a rage-fit of accusations and easily
> refutable denials. The reason for that unwise move was: They already had
> merged the shitty pre-beta FreeBSD-code into pfSense 2.5.0 (released a month
> before FreeBSD 13 was to come out) and FreeBSD's fixes now clearly showed
> what an exploitable buggy mess pfSense 2.5.0 actually had become.
>
> End result: FreeBSD and Netgate no longer seem to be "friends" and WireGuard
> has been stripped from the upcoming FreeBSD 13 release entirely.
>
> That went well. /facepalm
>
> I actually liked pfSense a little. Now I'm wondering what other "surprises"
> they have under the hood. :-/
>
> --
> With best regards
>
> Michael Stauber
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx
>
More information about the Blueonyx
mailing list