Well, I have been, as I said, pursuing an issue for a long time now — much longer

than you’ve been hearing about this in the news — with some compromising of my

computer systems in my house — my personal computer systems as well as my

work computer systems. I thought they were immune to being compromised —

because they all ran OpenBSD — but I guess I was wrong. So, we’re digging into

that and just not ready to say much more right now, but I am concerned.



Dear OpenBSD developers and users:Regretfully, I have decided to abandon OpenBSD and thought I wouldshare my reasoning with this list. I thought the 4th of July was agood date to do so since my reasons address national securityimplications. As a group of people who take development, security, andprivacy seriously, I know you will want to know why I made the drasticdecision to abandon OpenBSD and never look back.I'm sure we've all heard of PRISM by now, the user-friendly name ofthe United States Federal Government's massive civilian and residentspying program otherwise known as US-984XN. PRISM is certainly badenough of its own accord, but it's how PRISM works, and the pattern ofbehavior found in OpenBSD development, that was the tipping point formy use of OpenBSD.And we all know Theo de Raadt, OpenBSD generalissimo of much infamy.After being fired from the NetBSD team, Theo forked the code andstarted OpenBSD. He's been pretty much solely responsible fordevelopment of OpenBSD over the years, taking volunteer code as hesees fit. He also has final say over security audits in the operatingsystem, something that turns out to be very important.I was prepping to migrate the whole of our shop, a regional ISP in theUnited States of America, to OpenBSD 5.3 when the news broke: CBS Newsreporter Sharyl Attkisson claimed, during a live radio interview, thatshe had been dealing with suspicious computer and phone issues. Checkout this snippet from the full transcript of the interview. One lineSince that interview in May, I've watched story after story of directserver access, PRISM, and NSA spying and connected some dots. Forexample, consider the accusations that the FBI had been accused ofplanting backdoors in OpenBSD's IPSEC in December of 2012, and thatthe accusations later proved true. The two scandals broke 18 onlymonths apart.Consider that PRISM allows the United States Federal Government todirectly access the servers of virtually any company doing onlinebusiness, including tech giants like Apple, Facebook, Google, andMicrosoft. But those same tech giants deny complicity. I'm sure we allagree that personal privacy is beyond the scope of private enterprise,but let's assume their denials are true. Then connect more dots:OpenBSD has shipped on over half of all network devices, includingthings like routers, switches, gateways, and servers, for the last sixyears. The current estimated number of OpenBSD installations sits atover 350 million devices, comprising an almost ubiquitous presence ofOpenBSD in networks worldwide.EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENTDIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAMEACCESS THROUGH THE PRESENCE OF ITS BACKDOORS.There it is. Let it sink in. Words like Gestapo and Stasi and KGB cometo mind. OpenBSD is part and parcel to the United States FederalGovernment's program to spy on its own citizens through bodies likethe NSA and FBI and has been since the FBI paid for backdoors in IPSECabout a dozen years ago.Yesterday, I told the company that we must migrate all our servicesfrom OpenBSD to something else because the risk to our customers'privacy and security is simply unacceptable. Theo de Raadt may seemlike some kind of guard dog of security, but he's really just a littlebitch bought and sold by the United State Federal Government.The kicker is that Theo denies anything suggesting that OpenBSD isless than perfect at security, as if he's personally offended by themere suggestion. He routinely attacks developers and enthusiasts forsimply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSEYOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THEHISTORY OF THE WORLD?!Today, be a true patriot to the ideals of personal privacy and publicliberty: prevent and reject any and all use of OpenBSD.Happy 4th of July.