Slashdot Mirror

`` I've never had any trouble with the MSDN documentation. Linux man pages don't generally specify API at all - they specify configuration file formats and potential arguments. Perhaps that's because Linux doesn't really have "an API", it instead has a number of different APIs (GTK+/Qt, ALSA/OSS, V4L, GStreamer, X, SDL, CUPS, etc.). Manpages can't really be compared with MSDN - you have to compare the individual API guides. When you do that, you'll see that frequently they are out-of-date or simply plain wrong (as is the case with much of the GTK+ documentation). ''

I'm not aware of how MSDN works, as I didn't use windows for years. But all I can say is that the API *is* described in the manpages under Unix, and linux specifically.

Just check out this page : it's the man page of the select function in the BSD API.

But when you don't have a manpage for a given function, or if you think the manpage is outdated, as you have the full source code of what you want to use you can run Doxygen on the library, and then use its output. And if there's no javadoc-like comments in the source, hey, you can always use that source, luke !

And don't tell me if you use the boost C++ library under windows, you'll have a MSDN page describing the API, it sounds to me quite unprobable... You'll need the boost.org to get the documentation, and, how surprising, they even offer manpages.

Sorry people, Linux is not "safe."

Depends on which Linux your talking about. Maybe if you were talking about a Linux that is geared towards military use, and that underwent formal methods of software verification (which is a standard practice in that industry), you wouldn't say that. Or, to keep it at a more prosaic level, if only Linux hackers looked thouroughly at their source code and adopted counter-measures to buffer overflows, maybe you would have a resonably safe Os at your home.
However, at the current state of: 1) hacker sloppiness (99% couldn't give a shit about proving and algorithm correct - let alone construct software with formal specification and verification); 2) languages used (C/C++ used everywhere is a disease we must cure ourselves of - we're all in trouble.
And what fucks the software industry is this attitude that there's nothing you can do about. Or, as is the philosophy in the Linux Kernel community: ship fast, fix later, because "there are many eyes looking at the source code and somebody will fix it. Bullshit. May 2005 - Linux already has 9 kernel exploits from this year.

OpenBSD's pretty safe, as well as usable despite conventional wisdom to the contrary---I'm running it as a desktop right now with very few problems.

Ahem.

Some people are on this big-time... they even have a song!

Some people are on this big-time... they even have a song!

As I recall, OpenBSD 3.7 now supports the Zaurus. You can run X on it.

OpenBSD may not be your cup of tea, but if there is a port, it means they did it without signing any NDAs (they don't ever sign them). So the information required to do the port is freely available, implying that you'll probably also have good Linux support.

I've noticed that a lot of mobile hardware sellers will sell you a Linux SDK, but they charge a disgusting amount of money ($900 or so).

But if you go with the Zaurus (commodity HW), you've got all your free tools (well supported too). I wouldn't even think of using Windows anything for any hobbyist stuff -- it costs money, and you strengthen MS's position without getting paid for it.

I simply told you which one I like better and why (i.e. what you asked for). I didn't tell you what are the differences between them, so your deduction is wrong.
In fact, the main differences are technical, in their very goals: while FreeBSD focuses mainly on features and i386 performance, OpenBSD focuses mainly on code correctness and security.

>Do these two share between each other?

Sure they do - and massively.
For example, one little jewel that came from OpenBSD to the other *BSDs is pf (packet filter), that has an excellent reputation for its being very clean and easy to use.

>Is there a common BSD kernel or anything like that?

No.
The *BSDs are developed like OSes, not "distros". So, while they massively share code, they maintain their own kernels.

To better understand the differences, it helps to notice that OpenBSD was born as a NetBSD fork, 8 years ago - and even today, it shares more code with NetBSD than with FreeBSD.

But to understand even better, well.. FreeBSD and OpenBSD are renowned for their excellent documentation, that is well worth having a look at.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/h andbook/index.html
http://openbsd.org/faq/index.html
--
Requiem for the FUD

I simply told you which one I like better and why (i.e. what you asked for). I didn't tell you what are the differences between them, so your deduction is wrong.
In fact, the main differences are technical, in their very goals: while FreeBSD focuses mainly on features and i386 performance, OpenBSD focuses mainly on code correctness and security.

>Do these two share between each other?

Sure they do - and massively.
For example, one little jewel that came from OpenBSD to the other *BSDs is pf (packet filter), that has an excellent reputation for its being very clean and easy to use.

>Is there a common BSD kernel or anything like that?

No.
The *BSDs are developed like OSes, not "distros". So, while they massively share code, they maintain their own kernels.

To better understand the differences, it helps to notice that OpenBSD was born as a NetBSD fork, 8 years ago - and even today, it shares more code with NetBSD than with FreeBSD.

But to understand even better, well.. FreeBSD and OpenBSD are renowned for their excellent documentation, that is well worth having a look at.
http://www.freebsd.org/doc/en_US.ISO8859-1/books/h andbook/index.html
http://openbsd.org/faq/index.html
--
Requiem for the FUD

Oh yeah, because the switch to ELF wasn't big, nor was the switch from GCC 2 to 3..

Come on, OBSD is a great OS, but this is the wrong point to argue. Upgrading RedHat is far simpler than upgrading OBSD. With RH, you just stick the CD in and choose upgrade. Away you go. The changes that were made were for the better, and is one of the reasons Linux is a more progressive operating system that continues to break new ground all the time.

Instructions for upgrading OpenBSD are . Now please tell me which is more administration work.

A lot of the information on the wireless work can be found in the Changelog. Basically, they got a lot of work done and are continuing to work on 802.11g chips and HostAP protocols for many wireless devices.

Also, as noted in a previous story, the Sharp Zaurus port allows you to (with a CF ethernet adapter) set up a handheld, on-the-go wireless AP.

A much better source of information can be found at this ONLamp Interview With OpenBSD Developers

wget -q -O - 'http://serifos.eecs.harvard.edu:8000/cgi-bin/exit .pl?addr=1' | perl -ne 'if (/whois.pl\?q=(\d+\.\d+\.\d+\.\d+)/) { print $1."\n"}'

Until v1.21, it was compatible (and shouldn't be much more difficult now). See CVS log.

I understand your point!

I just spent almost 3 hours (I know there should be a better way to handle this, but hey I am human) to upgrade OpenBSD 3.7.

I do not have a CDROM on the laptop, so I did a remote installation.

I used the instructions from http://openbsd.org/faq/upgrade37.html

So I did a pkg_info > packages_installed, and then I removed all packages. Oh I forgot that I had installed the jdk-1.4. Oh well, I will recompile and download all the sources again from Sun.

Next, I installed the kernel and reboot as specified. So far so good.

After rebooting the machine, I had extracted all the files according to the instructions. Good but I had to go the server because the PC card, which has my wireless card is not detected on my laptop. Well, there is no problem because I have done it in the past. Recompile a new kernel with the appropriate memory ranges for my laptop.

After installing the new kernel and rebooting, I am about to install the new packages, which I did manually since I could not find any instructions on how to do it automatically, which by the way I have 107 packages. Yes, I know there are bunch considered dependencies.

After installing all packages, which is somewhat painful due to the manual and network bandwith requirements, I reboot to check that everything starts fine. I know that I could start the processes manually, but I wanted to check if they started automatically.

Oops, there are some errors, openldap changes (attribute errors due to version changes from 2.1 to 2.2)and missing modules for apache.

The bottomline:
3 hours downtime for email, pf not working while I was recompiling because it did not start since it did not detect wi0 (+1 hour without a firewall). I have to troubleshot multiple services as opposed to an incremental upgrade of the services, which it is supposed to make sense (ala portupgrade?). I think there should be a better way to do upgrades on OpenBSD. I understand that CD sales are part of the revenues for the OpenBSD project, but that does not should stop them to ease the upgrade process.

Well, I have to reinstall jdk-1.4 to make the servies that run on Java available again. Thank god this is for home only! I may be fired if I did this at work ;)

Despite this, two-thirds of all webservers run Linux.

No. Two-thirds of all publicly visible web servers found by netcraft run Apache, but this includes many other operating systems.

Contrary to what you protest, I think you are engaging in significant contortion to attempt to support your arguments.

I do not need to engage in any contortion and have not done so. I have already shown that I cut your sentence down to no less that the minimum to reply and that I could apply my response to your full sentence as it stands in the logic of English grammar. If you strongly disagree with this, as you seem to, using words like "significant contortion", please retort with substance.

OpenBSD provides a multitude of different security mechanisms (active) and efforts (passive). Some of these include many different memory protection mechanisms, some of which work transparently to the executable and some of which are merely gained through compiling with OpenBSD's modified gcc.

Personally, I am not impressed by the touting of privilege separation nor chroot jails, nor protected memory as these are not new ideas developed by the OpenBSD team. Privilege separation is not a new concept (though the common use of the phrase is more recent), it's simply good software design for applications handling sensitive data,

You are side stepping my point. I've been participating in on-line forums for 15 years. If you think you will get far with me, by avoiding answering my challenges through switching to different but related arguments, then think again.

Whether you are impressed with OpenBSD's more elaborate security mechanisms is not what is under question here. Nor is the point that OpenBSD may or may not have developed these ideas. What matters, is that there are many security components to OpenBSD which are far more effective and more useful than the contribution of OpenSSH and the default of most services being off.

You assert, "the security hype being primarily based on (a) the contribution of OpenSSH - which Theo said he didn't want to make for any OS other than OpenBSD! - and (b) simply having all the services turned off on a default installation". This is simply ludicrous. Let me pull this appart...

the security hype being primarily based on

The "security hype" pointed out at OpenBSD's security specific page, shows the sensible stance on defaults, to be down at bullet SIX. Some points before that include the more substantial security components which I also hold above your ridiculous opinion.

(a) the contribution of OpenSSH

The only mention of OpenSSH on that page is regarding vulnerabilities. I don't know anyone who uses OpenBSD primarily because they contribute OpenSSH.

- which Theo said he didn't want to make for any OS other than OpenBSD!

What does a claimed political intention of Theo, towards projects outside of OpenBSD, have to do with the strengths of OpenBSD's security? Who cares if this were true? OpenBSD security is the subject here.

- and (b) simply having all the services turned off on a default installation

This is such a small, yet fundamental feature. It's trivial to provide and comes down to mindset. This is not quality of code or ingenuity of mechanism. This is policy at a most basic level. I agree that this gets hyped about a lot, outside of the OpenBSD project, but usually along with the other more substantial security features. If someone holds this up within the top two reasons to use OpenBSD, then I don't want to hear any more of their bankrupt excuses for rationale.

In fact, the most "secure by default" hype I hear, is when trolls are speaking badly of OpenBSD. They sum OpenBSD security up with, "of course it's secure, everything is switched off". What they fail to understand, is that the "secure by default" is merely an indication of overall project mindset and this phrase embodies that. People who sum OpenBSD security up to mostly that, are either ignorant or have an agenda.

chroot jails date back to

That has nothing at all to do with disklabel, does it? Disklabel is where you create partitions and set their mount points. Fdisk is where you create a slice for your partitions to live in (a DOS partition). Obviously cfdisk isn't going to be there, its not linux. And if you can't follow these simple directions: http://www.openbsd.org/faq/faq4.html#Disks then nobody is really going to care that you can't manage an install.

If people who have never used unix before can do it on their first try with no help just by reading the simple directions, then perhaps the simple directions are good enough.

Don't forget to check out the OpenBSD release songs (http://www.openbsd.org/lyrics.html)

(posting here so this'll actually get seen...)

Don't forget to check out the OpenBSD release songs (http://www.openbsd.org/lyrics.html)

(posting here so this'll actually get seen...)

...compare against the testimonies in the OpenBSD website. http://www.openbsd.org/users.html

This is not the same. Red Hat and Debian mostly pull from upstream sources which do not develop together. For most of OpenBSD userland, the upstream is the same as the package maintainer.

I think you need to learn a bit more about the way Red Hat or Debian are integrated and how much they influence and contribute to the "upstream sources". Alan Cox is one example, he's a key kernel developer and he serves Red Hat interests, just as many other Red Hat employees or Debian devs helping out Linus. The same applies to different projects.

By the way: for every Linux distro I've used, the default kernel always lacks something or doesn't work in some way, and I always end up building a custom one. With OpenBSD, the default kernel is much better than any default Linux kernel I've seen.

That's cool, but I hope you concede that your situation it's not common. That the vast majority of Linux users do not need to recompile kernels and, as a matter of fact, kernel recompilation is way more common in BSDland, http://www.freebsd.org/doc/en_US.ISO8859-1/books/h andbook/kernelconfig-custom-kernel.html

As for your last argument, about how many people use Linux: This proves nothing. I can just as easily say, "Look how many people use Microsoft Windows! Obviously, it must be better!"

You missed the point. I never said that Linux was better because more people use it, I said that experts and corporations that really need performance, security, and overall a well written OS choose Linux over OpenBSD and I gave you plenty of examples that you are free to compare against the testimonies in the OpenBSD website. http://www.openbsd.org/users.html

See? I told you. I told all of you. I told you FOUR YEARS AGO but nobody believed me.

Now take a look at the OpenBSD web page. Just try and tell me the fish didn't finally come out of the closet with this release. The raised eyebrow, the pouty lips, the rainbow background. I told you.

Sigh, I hate people.

Linux is very ad-hoc. It just sort of "grew." It was developed in many places by many people, few of them working together with the big context of "the Linux system" in mind.

This is the typical response of a BSD fanboy when comparing his/her BSD with "Linux", not with a Linux distro. Let's do a real comparison. I'll use RedHat Linux and Debian in most examples.

OpenBSD is the opposite. People working on OpenBSD core packages have a specific kernel, userland, config script, etc., etc. in mind. There is a concept of "the OpenBSD system" and it is fairly consistent.

You can say EXACTLY THE SAME about the Linux distros I mentioned. Both RedHat and Debian have their own "generic kernels", core pkgs, etc.

The fact is, OpenBSD just does things the Right Way. People say OpenBSD's big strength is security, but that's slightly missing the point. OpenBSD's strength is correctness. From correctness yields stability, security, and all around ease of use.

Well, let see where's the hype...
Google, one (if not the most) popular search engine in the planet depends on Linux. So does Amazon.com, Earth's largest library, and MerrylLynch, one of the world's leaders in financial investments. In all cases, the stability and performance required are state of the art, and needless to say, these 3 institutions have more things to keep secure and more things to worry about than all institutions using OpenBSD combined. Just take a look at the testimonials in the OpenBSD website: http://www.openbsd.org/users.html

Now it's time to use the 2nd most popular argument of the fanboys: they use linux because of the hype.

Let's assume that three of the most powerful companies on the internet invest millions of dollars in a technology fad. Let's see what the experts are using:

The University of California, Berkeley, the alma mater of the BSDs does not use OpenBSD. Actually, they barely use FreeBSD because most computers use Debian Linux. So does the MIT, which uses mostly Red Hat Linux and Athena, its own distro. Same thing in Stanford and CMU.

NASA's Jet Propulsion Laboratory uses Linux to build better spacecraft and make accurate calculations, such as the on-board navigational computers of space probes and airborne Scanning Radar Altimeter to study hurricanes. http://www.linuxjournal.com/article/3936. They use it in the Institutional Navigation System Software (INSS) in all flight projects (Galileo, Cassini, Mars, DS1, Stardust, etc.) It contains 4.5 million lines of source code. Guess what? They use RedHat.

The U.S. Army manages personnel records for 1.2 million U.S. Army soldiers, and they access those records reliably and securely anytime, from any place via a Web interface. They use RedHat, not OpenBSD. http://www.redhat.com/solutions/info/casestudies/u sarmy.html

I can go on and on forever, but this is useless. Most of the OpenBSD fans are amateurs reading crypto books, not security professionals.

OpenBSD always supports the current release, and the previous one. This means it now supports versions 3.7 and 3.6

You should note however that the OpenBSD systems are very easily upgraded from the install media. Simply choose the upgrade option and then follow the simple instructions to make other changes.

Remember though that only sequential updates are supported. Example 3.6 -> 3.7, if you're upgrading from 3.5 you'd need to: 3.5 -> 3.6 -> 3.7

Hope that helps you,

Tim

There are some very relevant cases where a custom kerenel is needed. For example: ccd and raidframe require one. Take a look at Section 5.7 of the FAQ - Building a Custom Kernel. It states that a reason to build a custom kernel is for raidframe support, which is too large to include in a stock kernel. The FAQ does say you probably don't need a custom kernel, so to agree with the parent post, don't compile a custom kernel on a production machine unless you need ccd, raidframe, or boca support (or if you're just nuts, which is fine too). Section 5 of the FAQ contains very useful information about building the kernel.

There are some very relevant cases where a custom kerenel is needed. For example: ccd and raidframe require one. Take a look at Section 5.7 of the FAQ - Building a Custom Kernel. It states that a reason to build a custom kernel is for raidframe support, which is too large to include in a stock kernel. The FAQ does say you probably don't need a custom kernel, so to agree with the parent post, don't compile a custom kernel on a production machine unless you need ccd, raidframe, or boca support (or if you're just nuts, which is fine too). Section 5 of the FAQ contains very useful information about building the kernel.

The new song has been out for a while, you can get them all on the lyrics page.

If you like Pink Floyd you'll like this one!

3.7 comes with 1.01. Current version is 1.0.4.

3.7 comes with 1.01. Current version is 1.0.4.

The song is already out... http://www.openbsd.org/lyrics.html

...knowing how long a release is supported is still important to me

Then why didn't you go to the website and read the FAQ's? http://www.openbsd.org/faq/faq5.html#Flavors

The two newest releases are supported and a new "stable" version of the OpenBSD is released every 6 months. So, each release of OpenBSD is supported for one year.

please support the project if you can by buying CDs and t-shirts, ...

I would love to, except Puffy the logo fish is horribly disfigured.

Linux shirts are out, too: Tux is overweight. No, I can't buy a FreeBSD T-shirt either: I live in Texas.

Just to point out the not-obvious-unless-you-know-already situation regarding the official OpenBSD ISO images, it's not the same as it is for most freely available Linux distro ISOs. Theo reserves the copyright on the official ISO to provide a small revenue stream for the project. Anyone is free to FTP, CVS, or bittorrent the entire thing, but they ask you to pay a fee for the convenience of the official CD set.

For more info
http://www.openbsd.org/faq/faq3.html#ISO

It was already released.

DUH!

Link

SMP in OpenBSD is slightly different to normal implementations for security reasons. Generally when one processor is in use, the other suspends itself to avoid race conditions. That way you get the full advantages of SMP, not wearing out a single CPU for instance, without the possibility of race conditions causing some kind of security hole.

The installer might not have shiny graphics, but its actually extremely simple. It fits on a single floppy and can be used remotely. Same goes for upgrading.

Just download the new openBSD song. It's guaranteed to be 5 times more fun than the software!

I don't follow it closely enough to know.

It shows. As does your arrogance. I've been using OpenBSD for 6 years and Linux for 8 years. I have been following OpenBSD very closely.

X? I don't think so. gcc? No.

Such strong statements for someone who does not follow it closely enough.

Xfree forked.

x11 - Houses OpenBSD's adaptation of the XFree86-3 software project. xf4 - Houses OpenBSD's adaptation of the XFree86-4 software project.

gcc is worked on within OpenBSD's source tree and part of their work enabled an mvme88k port.

A few choice quotes from here.

FB: Another license war has started and it seems worse than before. Does OpenBSD really want to fork XFree starting from the last 4.4.0-RC2?
ME: Yes.

And I'm one of the guys who works on gcc and binutils on a continuing basis.

Anil took it one step further and introduced an extension attribute to gcc: bounded, that can tie two function parameters, so that you can say, "Here is the buffer and the corresponding size, try to check that it fits."

With a few small changes to gcc, and with declaring that read is such a function, gcc is now able to detect erroneous code, such as:

ME: ProPolice is a gcc extension developed by Hiroaki Etoh, from IBM, based on older concepts such as StackGuard. ProPolice makes several advances compared to StackGuard:

Hiroaki is also an OpenBSD developer, by the way.

Integrating ProPolice in OpenBSD has been hard work. ProPolice has found tons of bugs in various programs that shipped with the system. It's also been the first real-scale test of ProPolice itself. With a lot of hard work from Hiroaki Etoh and Miod Vallat (and Peter Valchev and Christian Weisgerber...). ProPolice itself modifies gcc a wee little bit. But, like most programs of its size, gcc itself is buggy, partly due to its gigantic design that is not quite sane in places. In a typical release of gcc, you don't see the bugs, because the corresponding code paths are never taken. Add ProPolice, and suddenly you're sending gcc through some dark venues that have seen less attention, and all of a sudden you are fixing actual, genuine bugs in gcc.

Not it is not maintained, it is called packaged. That they might have a few patches of their own isn't at all unusual - even if they are leet security fixes.

They have made major changes to Apache and as evidenced here and here, they forked it and are taking care of their own branch. Much as they have done for years before the Apache license change. Bundling some software up into a package might be what some Linux distros do, but not OpenBSD with Apache.

"Bolt Apache on" isn't very descriptive. That could be applied to the OpenBSD process too.

There is no way it can be applied to OpenBSD. They have made major changes over the years to the Apache they provide.

Sorry, no. OpenBSD does not maintain X, they do not maintain Apache. That is an insulting and slighting to the developers who do maintain those packages.

I was not saying OpenBSD developers maintain THE xfree and Apache code bases. It should have been obvious from my English that I was referring to the xfree and Apache which they release as part of their base OS. Thier changes do make it back to parent projects though from time to time.

Linux distros

I don't follow it closely enough to know.

It shows. As does your arrogance. I've been using OpenBSD for 6 years and Linux for 8 years. I have been following OpenBSD very closely.

X? I don't think so. gcc? No.

Such strong statements for someone who does not follow it closely enough.

Xfree forked.

x11 - Houses OpenBSD's adaptation of the XFree86-3 software project. xf4 - Houses OpenBSD's adaptation of the XFree86-4 software project.

gcc is worked on within OpenBSD's source tree and part of their work enabled an mvme88k port.

A few choice quotes from here.

FB: Another license war has started and it seems worse than before. Does OpenBSD really want to fork XFree starting from the last 4.4.0-RC2?
ME: Yes.

And I'm one of the guys who works on gcc and binutils on a continuing basis.

Anil took it one step further and introduced an extension attribute to gcc: bounded, that can tie two function parameters, so that you can say, "Here is the buffer and the corresponding size, try to check that it fits."

With a few small changes to gcc, and with declaring that read is such a function, gcc is now able to detect erroneous code, such as:

ME: ProPolice is a gcc extension developed by Hiroaki Etoh, from IBM, based on older concepts such as StackGuard. ProPolice makes several advances compared to StackGuard:

Hiroaki is also an OpenBSD developer, by the way.

Integrating ProPolice in OpenBSD has been hard work. ProPolice has found tons of bugs in various programs that shipped with the system. It's also been the first real-scale test of ProPolice itself. With a lot of hard work from Hiroaki Etoh and Miod Vallat (and Peter Valchev and Christian Weisgerber...). ProPolice itself modifies gcc a wee little bit. But, like most programs of its size, gcc itself is buggy, partly due to its gigantic design that is not quite sane in places. In a typical release of gcc, you don't see the bugs, because the corresponding code paths are never taken. Add ProPolice, and suddenly you're sending gcc through some dark venues that have seen less attention, and all of a sudden you are fixing actual, genuine bugs in gcc.

Not it is not maintained, it is called packaged. That they might have a few patches of their own isn't at all unusual - even if they are leet security fixes.

They have made major changes to Apache and as evidenced here and here, they forked it and are taking care of their own branch. Much as they have done for years before the Apache license change. Bundling some software up into a package might be what some Linux distros do, but not OpenBSD with Apache.

"Bolt Apache on" isn't very descriptive. That could be applied to the OpenBSD process too.

There is no way it can be applied to OpenBSD. They have made major changes over the years to the Apache they provide.

Sorry, no. OpenBSD does not maintain X, they do not maintain Apache. That is an insulting and slighting to the developers who do maintain those packages.

I was not saying OpenBSD developers maintain THE xfree and Apache code bases. It should have been obvious from my English that I was referring to the xfree and Apache which they release as part of their base OS. Thier changes do make it back to parent projects though from time to time.

Linux distros

Again, the BIG development for OpenBSD 3.8 would be a rework of the ports/package system. It will include the pkgsrc to avoid downtime due to the following recomendations:

"Before upgrading, some users choose to remove all packages, and installing new versions after upgrade. If your platform is one of those that switched to gcc3 (macppc, i386), you SHOULD probably do this.

To quickly remove all packages from your system:

pkg_delete -q /var/db/pkg/*

After the upgrade, install the new versions of these applications."

Can you imagine doing this every time you upgrade to a new version? Do that on your desktop OS every 6 months and you will understand how painful this is.

References:
http://www.pkgsrc.org/
http://openbsd.org/faq/upgrade37.html

If you like OpenBSD or OpenSSH, now might be a good time to donate a little bit to the project. Donations help pay for stuff like this hackathon. Considering buying a CD, t-shirt, or just giving some cash. This can be done at the orders page. They also accept hardware donations.

If you like OpenBSD or OpenSSH, now might be a good time to donate a little bit to the project. Donations help pay for stuff like this hackathon. Considering buying a CD, t-shirt, or just giving some cash. This can be done at the orders page. They also accept hardware donations.

Theo Raadt couldn't see it either, until Team Teso released an exploit for a remote root hole in OpenBSD caused by an untested single-line patch.

I'm siding with bluGill on this point, the AC is the dumbass on this trhread.

Java as a language is not so bad. However, its portability is a joke.

Java is available and stable on Linux i386, Windows, Solaris and Mac.

But what about all the other platforms. I run OpenBSD/amd64. No working JVM for any of the 17 other architectures.

I can use KOffice and Abiword just fine, but not OpenOffice 2.

"Programming instructions" for machines that power much of Internet already available.

In other news, the source code for a different router/firewall technology was posted on the net: http://www.openbsd.org/cgi-bin/cvsweb/

Click here or here or even here

Either run your mailserver on openbsd so you can use spamd right on the mailserver, or find an old pentium laying around, install openbsd on that and stick it in front of your mail server.

Openbsd's spamd tarpits blacklisted machines, which is nice and all. But the real benefit is its greylisting before anything even hits your MTA. All by itself, spamd almost eliminated all my spam and viruses, just because of greylisting, without adding any noticable load to the server at all. Then clamav and whatever spam filter you like can deal with whatever actually gets to the MTA, which will cut the load down tremendously.

I'm expected to do better than that with command line tools, and it's not that hard.

The error codes used might work in strerror(3), but it can't be that hard to add a similar function to handle Apple codes.