Since I posted this article the code review of IPSEC has finished and no backdoor was found so this either never happened or updates removed the backdoor. There is a minute chance that a really clever side channel vulnerability was introduced but in this case I find it highly unlikely something like that would have been missed by the openbsd community especially after such a claim.

As for the NDA, well I’m not so sure that back then introducing a backdoor would have broken any laws; however, one must remember that this is the FBI we are talking about. Even in the modern times when the whole wiretapping thing was deemed illegal, the government simply changed the laws to allow it and had it applied retroactively. I’m not saying that the FBI is above the law or anything of the sort, it’s just that I can understand that when an organization is tasked to do something questionable and then abide by an NDA, it would do so without questioning its legality and would certainly not try to go around it.