Slashdot Mirror

I nominate FreeBSD and OpenBSD.

How can people say BSD is dying when it has a mascot like this?! Linux needs to get its act together if it's going to compete with the kind of hot chicks and gorgeous babes that BSD has to offer!

You just can't take Linux seriously when its fronted by losers like these. Would you buy software from them? I don't think so! You Linux groupies need to find some sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?!

With sexy chicks like the lovely Ceren you could have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Come on, you must admit she is better than an overweight penguin or a gay looking goat! Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Join the campaign for more cute open source babes today!

Maybe he was referring to this.

How can people say BSD is dying when it has a mascot like this?! Linux needs to get its act together if it's going to compete with the kind of hot chicks and gorgeous babes that BSD has to offer!

You just can't take Linux seriously when its fronted by losers like these. Would you buy software from them? I don't think so!You Linux groupies need to find some sexy girls like her! I mean just look at this girl! Doesn't she excite you? I know this little hottie puts me in need of a cold shower! This guy looks like he is about to cream his pants standing next to such a fox. As you can see, no man can resist this sexy little minx. I mean are you telling me you wouldn't like to get your hands on this ass?!

With sexy chicks like the lovely Ceren you will have people queuing up to buy open source products. Could you really refuse to buy a copy of BSD if she told you to? Come on, you must admit she is better than an overweight penguin! Don't you wish you could get one of these? Personally I know I would give my right arm to get this close to such a divine beauty!

Join the campaign for more cute open source babes today!

Then I woke up, so I don't know what the angels were singing.

Would it have been something from this selection?

Not linux

The reality is that no one can produce, however we have tried, a perfectly bugless software.

While it is true that humans make mistakes and therefore anything we create cannot be perfect... OpenBSD comes pretty damn close. :)

may someone has tried to dualboot openbsd 3.4 (current) with windows 2000 (its just a desktop system - no production machine.)
and NTFS? currently Im running w2k (on fat32 which sucks) and OBSD3.3 - and GAG
- due the new (?) NTFS Support it should work if GAG is installed on a w2k boot partion - or am I totally wrong? (I know I should have posted this to misc@openbsd.org - which Ill do in the evening..)

I don't want to start a holy war here, but what is the deal with you BSD fanatics? I've been sitting here at my freelance gig in front of a BSD box (a PIII 800 w/512 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this BSD box, the same operation would take about 2 minutes. If that.

From my old server...

login as: root
root@10.0.0.2's password:
Last login: Thu Oct 16 13:12:27 2003 from 10.0.0.13
OpenBSD 3.2 (GENERIC) #25: Thu Oct 3 19:51:53 MDT 2002

Welcome to OpenBSD: The proactively secure Unix-like operating system.

Please use the sendbug(1) utility to report bugs in the system.
Before reporting a bug, please try to reproduce it with the latest
version of the code. With bug reports, please try to ensure that
enough information to reproduce the problem is enclosed, and if a
known fix for it exists, include that as well.

Terminal type? [xterm]
Don't login as root, use su
oldserver# dmesg|grep cpu0
cpu0: F00F bug workaround installed
cpu0: Intel Pentium/MMX ("GenuineIntel" 586-class) 200 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
oldserver# dd if=/dev/zero of=/home/share/17MB.bin bs=32k count=544
544+0 records in
544+0 records out
17825792 bytes transferred in 1.110 secs (16057261 bytes/sec)
oldserver# ls -la /home/share/*.bin
-rw-r--r-- 1 root nobody 17825792 Oct 16 15:25 /home/share/17MB.bin
oldserver# time cp /home/share/17MB.bin /home/share/music
0.0u 1.3s 0:01.66 81.9% 0+0k 293+1916io 11pf+0w
oldserver# time cp /home/share/17MB.bin /home/share/17MB.bak
0.0u 1.3s 0:05.23 26.0% 0+0k 286+1916io 0pf+0w

That's 1.66 seconds to copy a file exactly 17Mbytes from one disk to another, on an Pentium 200 MMX OpenBSD 3.2 machine.

To more closly match what you are doing, copying the same file to the same disk took 5.23 seconds.

1. You can not play games on it. Yeah, when I want to play games, the first thing I think is OpenBSD!

2. It cannot be used by my grandma. Neither can PIX. Your point?

3. It lacks a GUI of any note. You obviously consider any free Unix that doesn't come installed by default with a GUI as "lacking a GUI". I guess you use Mandrake because that is all you are capable of using.

4. There is no support available for it. http://www.openbsd.org/support.html

5. It is an assortment of fragmented OSes. This is so untrue. The BSD's are whole and complete units in themselves. You wanna talk fragmentation, look at Linux.

6. It cannot be run on the x86 platform. Idiot. This is the worst troll I have ever seen. http://www.openbsd.org/plat.html

7. You have to compile everything and know C. http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_a dd&sektion=1&format=html

8. Support for the latest hardware is always poor. BSD's often supports certain hardware before Linux does (crypto, USB, etc) and once something is supported, the support often tends to be much better (WiFi).

9. It is incompatiable with GNU/Linux. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. (from the OpenBSD front page)

10.It is dying. Yeah, right. Do you think that if you keep saying something, it will happen? The only thing that will happen, is that most people will ignore you and a few will take the time to ridicule you.

I don't want to start a holy war here, but what is the deal with you BSD fanatics? I've been sitting here at my freelance gig in front of a BSD box (a PIII 800 w/512 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this BSD box, the same operation would take about 2 minutes. If that.

From my old server...

login as: root
root@10.0.0.2's password:
Last login: Thu Oct 16 13:12:27 2003 from 10.0.0.13
OpenBSD 3.2 (GENERIC) #25: Thu Oct 3 19:51:53 MDT 2002

Welcome to OpenBSD: The proactively secure Unix-like operating system.

Please use the sendbug(1) utility to report bugs in the system.
Before reporting a bug, please try to reproduce it with the latest
version of the code. With bug reports, please try to ensure that
enough information to reproduce the problem is enclosed, and if a
known fix for it exists, include that as well.

Terminal type? [xterm]
Don't login as root, use su
oldserver# dmesg|grep cpu0
cpu0: F00F bug workaround installed
cpu0: Intel Pentium/MMX ("GenuineIntel" 586-class) 200 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
oldserver# dd if=/dev/zero of=/home/share/17MB.bin bs=32k count=544
544+0 records in
544+0 records out
17825792 bytes transferred in 1.110 secs (16057261 bytes/sec)
oldserver# ls -la /home/share/*.bin
-rw-r--r-- 1 root nobody 17825792 Oct 16 15:25 /home/share/17MB.bin
oldserver# time cp /home/share/17MB.bin /home/share/music
0.0u 1.3s 0:01.66 81.9% 0+0k 293+1916io 11pf+0w
oldserver# time cp /home/share/17MB.bin /home/share/17MB.bak
0.0u 1.3s 0:05.23 26.0% 0+0k 286+1916io 0pf+0w

That's 1.66 seconds to copy a file exactly 17Mbytes from one disk to another, on an Pentium 200 MMX OpenBSD 3.2 machine.

To more closly match what you are doing, copying the same file to the same disk took 5.23 seconds.

1. You can not play games on it. Yeah, when I want to play games, the first thing I think is OpenBSD!

2. It cannot be used by my grandma. Neither can PIX. Your point?

3. It lacks a GUI of any note. You obviously consider any free Unix that doesn't come installed by default with a GUI as "lacking a GUI". I guess you use Mandrake because that is all you are capable of using.

4. There is no support available for it. http://www.openbsd.org/support.html

5. It is an assortment of fragmented OSes. This is so untrue. The BSD's are whole and complete units in themselves. You wanna talk fragmentation, look at Linux.

6. It cannot be run on the x86 platform. Idiot. This is the worst troll I have ever seen. http://www.openbsd.org/plat.html

7. You have to compile everything and know C. http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_a dd&sektion=1&format=html

8. Support for the latest hardware is always poor. BSD's often supports certain hardware before Linux does (crypto, USB, etc) and once something is supported, the support often tends to be much better (WiFi).

9. It is incompatiable with GNU/Linux. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. (from the OpenBSD front page)

10.It is dying. Yeah, right. Do you think that if you keep saying something, it will happen? The only thing that will happen, is that most people will ignore you and a few will take the time to ridicule you.

I don't want to start a holy war here, but what is the deal with you BSD fanatics? I've been sitting here at my freelance gig in front of a BSD box (a PIII 800 w/512 Megs of RAM) for about 20 minutes now while it attempts to copy a 17 Meg file from one folder on the hard drive to another folder. 20 minutes. At home, on my Pentium Pro 200 running NT 4, which by all standards should be a lot slower than this BSD box, the same operation would take about 2 minutes. If that.

From my old server...

login as: root
root@10.0.0.2's password:
Last login: Thu Oct 16 13:12:27 2003 from 10.0.0.13
OpenBSD 3.2 (GENERIC) #25: Thu Oct 3 19:51:53 MDT 2002

Welcome to OpenBSD: The proactively secure Unix-like operating system.

Please use the sendbug(1) utility to report bugs in the system.
Before reporting a bug, please try to reproduce it with the latest
version of the code. With bug reports, please try to ensure that
enough information to reproduce the problem is enclosed, and if a
known fix for it exists, include that as well.

Terminal type? [xterm]
Don't login as root, use su
oldserver# dmesg|grep cpu0
cpu0: F00F bug workaround installed
cpu0: Intel Pentium/MMX ("GenuineIntel" 586-class) 200 MHz
cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,MMX
oldserver# dd if=/dev/zero of=/home/share/17MB.bin bs=32k count=544
544+0 records in
544+0 records out
17825792 bytes transferred in 1.110 secs (16057261 bytes/sec)
oldserver# ls -la /home/share/*.bin
-rw-r--r-- 1 root nobody 17825792 Oct 16 15:25 /home/share/17MB.bin
oldserver# time cp /home/share/17MB.bin /home/share/music
0.0u 1.3s 0:01.66 81.9% 0+0k 293+1916io 11pf+0w
oldserver# time cp /home/share/17MB.bin /home/share/17MB.bak
0.0u 1.3s 0:05.23 26.0% 0+0k 286+1916io 0pf+0w

That's 1.66 seconds to copy a file exactly 17Mbytes from one disk to another, on an Pentium 200 MMX OpenBSD 3.2 machine.

To more closly match what you are doing, copying the same file to the same disk took 5.23 seconds.

1. You can not play games on it. Yeah, when I want to play games, the first thing I think is OpenBSD!

2. It cannot be used by my grandma. Neither can PIX. Your point?

3. It lacks a GUI of any note. You obviously consider any free Unix that doesn't come installed by default with a GUI as "lacking a GUI". I guess you use Mandrake because that is all you are capable of using.

4. There is no support available for it. http://www.openbsd.org/support.html

5. It is an assortment of fragmented OSes. This is so untrue. The BSD's are whole and complete units in themselves. You wanna talk fragmentation, look at Linux.

6. It cannot be run on the x86 platform. Idiot. This is the worst troll I have ever seen. http://www.openbsd.org/plat.html

7. You have to compile everything and know C. http://www.openbsd.org/cgi-bin/man.cgi?query=pkg_a dd&sektion=1&format=html

8. Support for the latest hardware is always poor. BSD's often supports certain hardware before Linux does (crypto, USB, etc) and once something is supported, the support often tends to be much better (WiFi).

9. It is incompatiable with GNU/Linux. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. (from the OpenBSD front page)

10.It is dying. Yeah, right. Do you think that if you keep saying something, it will happen? The only thing that will happen, is that most people will ignore you and a few will take the time to ridicule you.

The 3.1 song was the best. This one is weird - but nice lyrics.

Lots of changes in the release: looks like a large code audit, ProPolice in the kernel, libraries loaded at random addresses, W^X for i386. Looks good. Haven't used with OpenBSD since 2.8 (went to FreeBSD), but this I might try this one.

it seems that one time passwords could help you out here.

It doesn't encrypt passwords for cleartext protocols but if the password is used only once it's not a great risk.

I used it on OpenBSD (ftp server) and it worked great.

OpenBSD S/Key FAQ section

What then of your personal data? Would you still say with your best NYC accent that the victim got what they deserved for giving personal data to a business that willfully and knowingly used insecure technology which cannot be improved for years to come? Especially when more secure options are known and well-documented?

OpenBsd could probably summed up more accurately as emphasising stability and security. Not so sure about ease of use.

> Nor does it reflect the Unix based OS that you get with the Mac.

UNIX UNIX UNIX

It might be the fastest and it might be UNIX, but it still has the gayest, most unintuitive, most non-keyboard-centric user interface ever designed. Oh, that and the fact that there is no longer a start/apple menu so all you applications are crammed onto a long bar at the bottom with no text description.

Hmm,
Linux or BSD for PPC?

Why, that's crazy enough to work.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Support the OpenBSD developers by getting a 3.4 CD $40 or for Europe EUR 45

There is a new Tshirt: 3 .4 Tshirt $20 or for Europe EUR 20

The new 3.4 poster is very nice too, get it for $10 US or EUR 14 in Europe

If you prefer OpenSSH, have a look at this new Tshirt OpenSSH 2 $20 or for Europe EUR 20

thank you.

Show your support for the project by pre-ordering your OpenBSD 3.4 CDs today!

The release is set for November 1st.

Show your support for the project by pre-ordering your OpenBSD 3.4 CDs today!

The release is set for November 1st.

I suppose that my song will now become less and less popular, eventually sliding into obscurity...

And they missed some of the best parts..

2: True INIT runlevels with windows reg-startips inserted as init scripts

But the real question is: Will the next Windows CD come with mp3s and stickers?

It seems that even a central controlling body will use systems like http and email for they're own profit.
Giving up email to others is not the answer! At least now we can do as we want, we don't want VeriSign2 bouncing our emails wherever they please.
Here's a step in the right direction:OpenBSD and spamd

Only one remote hole in the default install, in more than 7 years!

Oops!

Given that the default install has lsh turned on, will they change it to "two remote holes" ?

How much do you want to bet they'll just sweep it under the carpet and hope people forget? If you follow misc@ carefully you have probably seen it done before. Lets make some noise and force Theo to finally update that!

Which will send the currently running ssh daemon the hangup signal, instructing it to re-read its configuration.

Since processes decide themselves what they should do with a hangup signal, in this case I am wrong...

http://www.openbsd.org/cgi-bin/man.cgi?query=sshd

Your attitude still needs some adjustment though.

Although that has happened a few times in the past, the reason Debian released a second fix to OpenSSH was not because there was anything wrong with their first fix, but rather because the OpenSSH team discovered another vulnerability. You'll see this if you visit OpenBSD's notice regarding the problem or read changelog.Debian.gz in /usr/share/doc/ssh. You'll also notice that OpenBSD immediately released OpenSSH 3.7.1, right after 3.7.0 was released. This new version fixes those additional problems.

Only one remote hole in the default install, in more than 7 years! [openbsd.org]

Oops!

Given that the default install has ssh turned on, will they change it to "two remote holes" ?

How much do you want to bet they'll just sweep it under the carpet and hope people forget? If you follow misc@ carefully you have probably seen it done before. Lets make some noise and force Theo to finally update that!

It should be noted that RedHat does believe this is remotely exploitable, including remote code execution. So Linux boxes are quite possibly far more vulnerable than BSD boxes, but in either case, its a risk either way. I'm finishing up my fifth and sixth upgrades.

If using binaries/source from non-vendors weirds you out, you can also grab the RPMs for RH9, or the SRPMs for other releases (and presumeably other distros like SuSE, Mandrake, et al. as well) directly from the OpenBSD guys. The only US mirror which had them (as of this morning when I heard about the announcement) was ftp://ftp3.usa.openbsd.org/pub/OpenBSD/OpenSSH/por table/rpm/. I didn't look through the international mirrors, but I got pretty good speeds from across the country.

-B

If you are trying to compile on OpenBSD 3.3 or older (e.g just about every OpenBSD box out there), note that before doing the build you need to:

1.) Unpack the OpenSSH 3.7 source
2.) Apply a patch available here

If you don't apply the patch, "make" will fail. See the instructions here.

Is Canada also a good place for developing and distributing Free Software without any need to worry about US software patents?

Maybe - it seems to work well for Theo. :o)

Check out OpenBSD. It's free/open source and has been developed from Canada for a long time.

Another interesting item is that Canada does not forbid its citizens from having/using strong crypto. Also, the RSA patent was not applicable to Canada...

Therefore, for many years, OpenBSD was the only BSD that came with extra-strong crypto (Blowfish, RSA, etc) "out of the box".

But don't take my word for it: check it our for yourself.

AFAIK, there are also many [Linux|BSD] User Groups in Canada.

So yes, it's a good place for free software as well. [Posting anonymously as I have already moderated in this discussion].

Thanks for the warning. I'll install right now since that sounds completely secure and stable. And I'm sure lsh doesn't come with its own set of problems to be exploited in the future.

OpenSSH has been very good to me, so I'm just going to patch it all up to 3.7pl1 and move on, just like I do with MS stuff and any other software made by us slightly evolved apes. I don't need to go and load some buggier crap on my network and learn how to apply bandaids over a new system just because it is the spotlighted darling of the moment for GNU.

Don't forget that compiling your own OpenSSH ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable /openssh-3.7p1.tar.gz needs the updated OpenSSL http://www.openssl.org/source/openssl-0.9.7b.tar.g z

PermitRootLogin is enabled so you can login after a remote install, but the install guide tells you disabling it is one of the first thing you should do after you successfully boot and make a normal user account.

I have to wonder if UsePrivilegeSeparation was enabled. (see the manpage)

One message in the thread indicates it is but this isn't first-hand knowledge. If PrivSep was enabled then is OpenBSD immune to this attack due to other parts of the OS being hardened (much like the zlib hole a few months back)? Also are these default installations or are they "tweaked"? As an aside, PermitRootLogin defaults to enabled, something I always disable as I have no need for it.

Even if this does count as a new remote hole in OpenBSD, it's still a phenomenal track record they can be proud of.

Only one remote hole in the default install, in more than 7 years!

Oops!

Given that the default install has ssh turned on, will they change it to "two remote holes" ?

How much do you want to bet they'll just sweep it under the carpet and hope people forget? If you follow misc@ carefully you have probably seen it done before. Lets make some noise and force Theo to finally update that!

if IEEE just redirected their new site here

The Darren/Theo head butting resulted in this classic posting

psxndc

Consider OpenBSD as well. No good for those big multi-processor boxes though.

If you're looking for a server BSD...might want to look closely at OpenBSD

OpenBSD offers an antiterrorism environment.

how is this a troll? does someone not understand sed?

he is correctly pointing out that it is OpenBSD (not FreeBSD) who claims one remote root exploit in 7 years.