Domain: openbgpd.org
Stories and comments across the archive that link to openbgpd.org.
Comments · 8
-
OpenBSD
It is never a happy occasion to realize that a not-for-profit group, no matter how destitute or successful, is undeserving of charitable donations. And just last week I had such an unhappy realization. I wanted to donate a sizable sum of money to the OpenBSD Foundation for development of the OpeBSD operating system and other related projects.
My uncle, an old Unix graybeard from the Seventies, devoted his retirement and considerable savings to teaching inner-city youth about computers and programming. He recently passed away and left instructions in his will that I donate money, in the amount of US $100,000, to the most meritorious Free, Unix-like operating system as according to my own research into the matter.
I immediately looked at OpenBSD and began to review its technical merits, of which there are many. Despite lacking serious symmetric multi-processing support and drivers for recent graphics hardware, OpenBSD security and code-auditing are second to none. One only has to take a look at the bevy of routers that ship with OpenBSD to know how many people successfully depend on it everyday.
The OpenBSD Foundation is also behind several software packages widely adopted in other operating systems, such as OpenBGPD, OpenCVS, OpenNTPD, and OpenSSH. OpenSSH, for instance, is what allows clueless Mac users to remotely log into their systems safely, blissfully unaware of hackers.
After looking at the technical merits of OpenBSD and related projects, I owed it to the memory of my uncle to check out the history of the people behind it all. But that's when I ran into some interesting decisions regarding OpenBSD advocacy and funding made my OpenBSD's lead developer, Theo de Raadt.
In 2003, Mr. de Raadt trash-talked the United States military and its various aid projects for the Iraqi people. But at the time, OpenBSD was receiving a multi-million dollar grant from the United States Department of Defense. After the interview was published the DOD cancelled funding, which left several OpenBSD projects in limbo for quite some time thereafter.
This is just one of the more public instances of Mr. de Raadt sharing unpopular personal opinions while acting as OpenBSD's public advocate and costing the project considerable time and money. And, unfortunately, there are others.
Another time, Mr. de Raadt visited his native South Africa to receive a donation from a wealthy politician but unexpectedly refused it at the podium, instead making a speech in which he equated the use of non-Free graphics drivers with Apartheid. Mr. de Raadt left without the check but later claimed to have won an important moral victory.
Mr. de Raadt himself is at the root of the problem, but here I can't really separate the man from the project; Theo de Raadt is OpenBSD. So donating toward OpenBSD's goals means handing over money to this crackpot activist, if he would even accept it. That's too bad because OpenBSD would be further ahead without these sorts of megalomaniacal antics.
Digging even further back in time, it's clear that this pattern of behavior is nothing new. Theo de Raadt was one of the incipient developers of NetBSD, but harass[ed] and abuse[d] both users and developers of NetBSD. His colleagues subsequently locked him out of the project, de Raadt forked OpenBSD, and the rest is history.
After reviewing these facts, it is clear that I will fail to honor my uncle's memory and all of the hard work he did in life by donating to OpenBSD. If I wanted to dishonor him, maybe. And I find it highly likely that Theo de Raadt
-
Re:OpenCVS?
Just read up a little bit about OpenBSD, and you'll notice they are not afraid of complexity. Examples that come to mind are pf, OpenBGPD, W^X, etc.
Besides, choosing a stable and secure algorithm is not a bad idea. See this post for a valid example.
Finally, I can't help but notice that Subversion is available as an OpenBSD package, so quit your yakking already.
Sheesh, anti-OpenBSD trolls these days. -
Re:Sorry, wrong answer
why should you pay OpenBSD for the CDs when you download everything you need in, I don't know, say 10-15 minutes
The cd pack includes a bunch of stickers. :) Plus, the CDs that you buy are bootable on a few platforms, making installation even more of a breeze. Also, if you don't want to order discs - after you find out that OpenBSD is so very excellent, you can pick up a swanky shirt or just donate some cash to keep the project alive and coding. That way, you get more releases in the future and more great software like OpenSSH, OpenBGPD, CARP, pf, and pretty soon, OpenCVS. -
Re:But will it...
-
How about giving it to these guys....They write some pretty decent software: OpenBSD, OpenSSH, OpenBGPD, OpenNTPD, OpenCVS. And they need your hardware as well: "AMD64 and i386 hardware, especially with multiple processors"
If I were you then I would contact Theo to see how you can get the box to a developer. By the way, no matter who you end up donating it to, it's an awesome gesture on your part. Good on ya.
-
routing securityWhat's really sad is how many admins don't change the IOS "enable" level account from its default of "cisco". If we cared about the security of large IP networks, we would really be working on and using openbgpd anyways.
-
No mention of OpenBGPD?
A couple of OSS projects have tried and essentially failed to be stable BGP4 daemons before, but OpenBGPD from the OpenBSD team looks like it's set to succeed where others failed. I understand the FreeBSD team is already including it with their OS and there's supposedly porting work being done to other OSs.
Given the track record of the other OSS routing projects, I would think administrators would be dubious by now, but with OpenBSD's solid track record OpenBGPD should be a safe choice.
-
OpenBSD projects
the openbsd team has branched off quite a few projects where they saw the security and/or license was insufficient and needed to be redone.
OpenSSH, who's box doesn't have this?
OpenNTPD, a network time protocol daemon and server, recently released.
OpenBGPD, the border gateway protocol daemon.
They were pioneers in the use of stack protection software on the i386 platform (kernel and compiler), as well as privilage seperated daemons (it's in your sshd now), and randomized library linking locations.
(i think i'm missing a few, anyone care to fill them in?)
they have implemented (a far better implementation over the old one that they didn't write) their i.p. filter, PF (which has now made it into netbsd, freebsd, and hopefully linux soon enough). this includes INSANE amounts of configurability options, with integrated routing and traffic shaping.
many people grumble about how the project is run and its priorities. but we all benefit from their efforts. i think i'm going to buy a cd even though i am not an openbsd user. these sales help keep these projects going.