Slashdot Mirror

It's modded troll because he's acting like one, all good trolls have a degree of truth in them.

He's trolling because while his statement is true, it's very selective. OpenBSD may not have 3D nVidia support, but as of 4.4 has hardware accelerated GL on Intel and ATI. No mention of either of those in the grandparent post though (and ATI has closed-source drivers on Linux, too).

Maybe then it should be more like undeadly, where an AC also has his IP address listed. Most people (myself included) have dynamic IPs, but it'd generally be a pretty good indicator if someone is trying to artificially amplify his opinion.

Also I know when I post several times on here I'm usually saying more or less the same basic classes of ideas (I guess I'm just that set in my ways), and I probably have a pretty unique idiolect, so you can probably spot me in several threads that way.

Incidentally I have occasionally had the experience here where other ACs pretend to be posting as me... Kind of annoying.

By the way, I'm the same AC that posted "hath not an AC eyes", but a different one from the one David Gerard replied to. :-)

The name should've been ZomBSD.

I agree, it is undeadly...

The BSD style licensed projects get more momentum and make forward progress.

I am having a little trouble figuring out if you are sarcastic or serious.

I have great respect for the BSD kernel projects, they do some things a lot better than Linux. But if you compare the pace of kernel development, by source-code line count, Linux tremendously outpaces BSD kernel development.

What you're left with after that is a lot of Java projects. Which are great for enterprise, right now. But building a stack of new Java code is definitely building today's code for today, not tomorrow's code. Java is the conservative choice of enterprise at the moment.

And then there are community issues, like the Spring bug that showed us that this enterprise-critical code wasn't getting the eyes that an Open Source project with more non-company programmers does.

MS has been getting free labor from BSD for decades and lately appears to be trying to create an opposition between complementary projects in order to trouble the GPL. MS has as much or more to lose from the GPL than from anything else. The rest of us, we gain from the GPL. However, it is important to remember that the license chosen, is part of the game and that to play in any given sandbox, you must agree to the rules, whether ISC or GPL, or else find a different sandbox. So keep that in mind when MS trolls or pawns try to play BSD/ISC vs GPL licensing.

One caveat for non-ascetics is that in this day and age, especially when going up against a competitor known for 'embrace, extend, extinguish' breaking of technology, is that it isn't enough to just give away source code like we could back before MS politicized technology at the end of the 1990's. There now has to be something to keep the software free as a public resource while it evolved, sort of a payment-in-kind, rather than letting bad players not just walk away with free labor, but use it to undermine the developers.

To steer towards the technical aspects, the BSDs are interesting in that there is a lot of cross-pollenation between them. An advance in one usually rather quickly propagates to the others. Any of the four are excellent tools and complement Linux-based projects like Debian, Fedora, Busybox or UClinux. Any can be used in conjunction with just about any Free or Open Source Software including the various GNU-project tools we have come to use and rely upon, such as Apache, Perl or GCC.

The weakest one of the lot, strategically mind you, is FreeBSD. That is in part due to the mistake of allowing binary objects in the base. First, blackbox binaries are a security hole in and of themselves. Second, they make you as fully dependent on the vendor providing the binary as you are on the binary itself. That is a double kick in the nads for anyone that plans ahead. Increasingly businesses and governments are realizing that binary-only anything should not be touched even with the shitty end of a barge pole.

• Technically, aside from the above, FreeBSD has good performance on the x86. e.g. streaming video
• DragonflyBSD is interesting in that it aims for clustered and multi-processor computing. e.g. rendering
• OpenBSD prioritizes standards, encryption and pro-active security. PF and OpenSSH start here. It is also famous for its founder's technical genius which is offset by being too direct and occasionally even exhibiting a Gates-like personality. e.g. network packet filter / router, OpenAFS server
• NetBSD focuses on portability and embedded systems. e.g. automation, data acquisition

YMMV

• bsdtalk various interviews with BSD people
• debaday not really a debianwhore but nice gems to be found there
• fleshbot who doesn't like porns?
• hubertf everyone's favorite NetBSD dev
• papod PA podcast
• tdwtf the daily wtf so you don't feel you are alone in your editor
• thinkgeek must buy everything!
• undeadly not dead yet

http://undeadly.org/cgi?action=article&sid=20080501002505&mode=expanded&count=23

+1 for informative?!

Is there anything 'new' to this version 5.0?

From what I can see in the announcement, it is merely a security update from version 4.9

The Debian maintainers wrote to Theo personally, while the correct email address for OpenSSH problems, issues and bug reports is "openssh@openssh.com".

The result is that the maintainers of OpenSSH were not properly notified, and a bug was left in the code. For all that it's worth, it seems Theo was on holidays, with no access to a computer.

So, sure, it may sound harsh, but I believe it's for a good cause: OpenSSH developers really want a stable and secure software. Consider the announcement a reminder of the proper procedure to warn them of bugs, not a dig at this or that operating system.

I refer you to this post.

http://undeadly.org/cgi?action=article&sid=20070725193920

Jakob Schlyter (jakob@) wrote to misc@:

        as some of you may have noticed, a new weakness in BIND 9 has
        recently been discovered. using this weakness, an attacker can
        remotely poison the cache of any BIND 9 server. the attacker can do
        this due to a weakness in the transaction ID generation algorithm used.

        when BIND 9 was first imported into OpenBSD, we decided not to use
        the default ID generation algorithm (LFSR, Linear Feedback Shift
        Register) but to use a more proven algorithm (LCG, Linear
        Congruential Generator) instead. thanks to this wise decision, the
        BIND 9 shipped with OpenBSD does not have this weakness.

        the proactive security of OpenBSD strikes again,

                        jakob

        ref: http://www.trusteer.com/docs/bind9dns.html

http://undeadly.org/cgi?action=article&sid=20071030220114&pid=56

All I could find. Note that it is anonymous so take it with a grain of salt.

Responding to my own post, apparently he was fighting a long illness and did not make it. Gathered from comments at undeadly.
See also http://www.wide.ad.jp/news/press/20071031-itojun-e.html

Jeez. The guy was a good guy. Very upset that he is no longer with the community. RIP.

ASUS can strip the GPL out and simply declare the module to be under their new license. What's good for the goose is good for the gander.

2) The license issues are very serious: the BSD licenses allow developers to build on other's work and proprietize it, the GPL insists that it remain available to all customers. That's a big, big deal with the proprietary information and NDA's on new hardware.

This has been a long time coming. If you've ever looked at GCC code, you'll be familiar with the feeling of wanting to claw your eyes out (I had to for an article on the new Objective-C extensions *shudder*). I am somewhat surprised it's PCC not LLVM, but it makes sense. OpenBSD wants a C compiler in the base system, that can compile the base system and produces correct code. Support for C++, Objective-C, Java and Fortran would all be better off in ports. PCC is faster than GCC, smaller than GCC, more portable than GCC, easier to audit than GCC, and already compiles the OpenBSD userspace. I wouldn't be surprised if it replaces GCC in the OpenBSD base system soon. If it does, GCC (or maybe LLVM) will still probably be one of the first things I install from ports, but I'd still regard it as a good idea.

You bring up a valid point, but what seems to be the main problem is that the Linux 'fork' of the code has completely removed the original copyright. This is absolutly not acceptable until 'enough' of the code has changed to warrant a new copyright owner.

The files themselves were dual licensed so it 'should likely' be ok to just use one of the two licenses - but as you say it isn't necessary and should be handled with caution.

In conclusion: the primary matter is copyright not licensing. Theo has made this cloudy since he is such a BSD license supporter, and Moglen is a GPL guy so their flame-worthiness has me in awe. It is easier for the geek media to stir up stories and discussion around the licenses though - where as the copyright issue would likely have to be determined in a German/EU court as the original write up by Theo on undeadly talked about:

"So, really, there's no point in duplicating effort on a BSD lisenced compiler. Correct me if I'm wrong."

From the discussion of TFA:

The licence is just the top of the iceberg

Thanks for a nice post, showing respect and caution. This whole matter has become increasingly cloudy, not to mention no one wants to talk about this in a reasonable fashion - free of bias.

You bring up a valid point, but what seems to be the main problem is that the Linux 'fork' of the code has completely removed the original copyright. This is absolutly not acceptable until 'enough' of the code has changed to warrant a new copyright owner. The files themselves were dual licensed so it 'should likely' be ok to just use one of the two licenses - but as you say it isn't necessary and should be handled with caution.

In conclusion: the primary matter is copyright not licensing. Theo has made this cloudy since he is such a BSD license supporter, and Moglen is a GPL guy so their flame-worthiness has me in awe. It is easier for the geek media to stir up stories and discussion around the licenses though - where as the copyright issue would likely have to be determined in a German/EU court as the original write up by Theo on undeadly talked about:

What's the basis for OP's claim that some in the BSD license side are claiming that the BSD is "viral"? "Viral," in the context of the GPL, means that derivative works of an original, GPL-licensed work, must also be licensed under the GPL.

That's EXACTLY what Theo and others have been arguing is the case with the BSD license - that once something is licensed under the BSD license, all derivative works of that BSD licensed work must also be licensed under the BSD license, even if a dual licensing option is provided. And you don't even need me to quote Theo on this, it's right up there in the title of this story. And here's where this particular meme started to seriously gain ground, with Theo arguing that even code that's dual licensed (as in, the authors have actually said "Alternatively, this software may be distributed under the terms of the GNU General Public License ("GPL") version 2 as published by the Free Software Foundation") still must continue to be licensed under the BSD license.

Here's what Theo has to say about the above instance:

It may seem that the licenses let one _distribute_ it under either license, but this interpretation of the license is false -- it is still illegal to break up, cut up, or modify someone else's legal document, and, it cannot be replaced by another license because it may not be removed. Hence, a dual licensed file always remains dual licensed, every time it is distributed.

Here's a suggestion: Read what Theo is saying. Then understand why people like me are concerned. Quit it with the kneejerk flaming of anyone who has a concern about the way Theo is presenting his argument and Theo's argument itself.

Here you go.

Note the difference in terms of how the Linux and OpenBSD communities handled that case.

1. The Linux community waited until OpenBSD developers were violating copyrights before raising the issue. In this case, the OpenBSD people complained about a diff posted to a mailing list that hadn't even been accepted
2. The Linux community raised the issue with two relevant mailing lists and a small group of other concerned parties. The OpenBSD people had the supposed BSD violation (that wasn't, because the diff hadn't been accepted at that stage) up on undeadly.org within 24 hours.
3. The Linux community made no specific allegations, and offered help with completing the driver. The OpenBSD people have essentially insulted the Linux community throughout this discussion.

1. The OpenBSD community went through hoops to claim that there never was a copyright violation because, like, the guy who put the code in the CVS repository intended, like, to change it and stuff. The Linux community has generally refrained from claiming that, if accepted, the diffs wouldn't violate any copyrights, except to point out that Theo is overreaching in that some of the files can, actually, be relicensed because they're dual licensed (an argument Theo has tried to counter by making the bizarre claim that a dual licensed file with a specific statement saying that the license of the GPL can be used instead of the BSD license must perpetually remain under the BSD license.)
2. The OpenBSD community, and Theo in particular, accused the Linux team of being "Inhuman". The Linux developers have made no such insults against their BSD accusers, despite having more cause to.

Further, to make things even more ridiculous, many on the BSD side claimed at the time of the bcw violation that this was somehow evidence that the BSD license was "superior" because it wasn't viral, and BSD code could be incorporated into Linux without violating any licenses. They're now arguing the exact opposite, some even claiming the BSD license is viral.

This is pretty straightforward. There are no infringing Linux kernels out there.

At the same time, the level of hysteria raised by the OpenBSD community, and the distortion of truth and double standards exhibited by its leadership, not to mention the insults and constant attempts to alienate similar groups, really raise serious questions as to OpenBSD's long term viability. Cooler heads need to prevail, and make a commitment to fork the project should its current leadership continue to spiral out of control.

OpenBSD is a respected operating system that is relied upon by communities and businesses across the world. It deserves, and demands, a stable leadership committed to creating the best operating system they can. The current OpenBSD leadership isn't that. This must change.

here's the article on undeadly and and here's a synopsis from a misc post An excellent (and apparently sarcastic) quote:

According to the OBSD Journal here from the diffs of the driver in question, found in the ath5k_base.h and ath5k_base.c files:

So, as I understand it, the stink is that they're taking drivers that they may distribute under GPL 2 and redistributing under that license. Huh. Ok.

Admittedly, the GPL clause doesn't show in ath5k.h - but only the original authors of the code can say if that was by intent or just an oversight.

It does seem common courtesy would dictate that any bug-fixes / improvements they make also be fed back to the *BSD teams under a license they can use for their project, but calling this theft? This seems like a tempest in a teapot.

Try, "publicly, he's an asshole and routinely uses ad hominem."

From discussion of the very issue, Slightly more annoyed, Pièce de résistance, FLAME ON!

Pretty funny to then read, further down in the thread:

Theo didn't make the initial post about the BSD violation. Theo could have chosen to respond quite publicly, but instead he chose to respond on the OpenBSD mailing list. He did not go nuclear. He is not openly attacking anyone. He isn't even making a big fuss out of this, users on both sides are. Neither did he claim the Linux developers of being thieves.

Alluding that Linux kernel developers "must have failed gradeschool because you can't read" (paraphrasing only slightly) on a public website isn't "publicly attacking someone"?

The man doesn't know when to keep his mouth shut or how to be civil. It looks like (thankfully) people in the OpenBSD project are telling him to shut the fuck up and let them handle things:

I stopped making public statements in the recent controversy because Eben Moglen started working behind the scenes to 'improve' what Linux people are doing wrong with licensing, and he asked me to give him pause, so his team could work.

Try, "publicly, he's an asshole and routinely uses ad hominem."

From discussion of the very issue, Slightly more annoyed, Pièce de résistance, FLAME ON!

Pretty funny to then read, further down in the thread:

Theo didn't make the initial post about the BSD violation. Theo could have chosen to respond quite publicly, but instead he chose to respond on the OpenBSD mailing list. He did not go nuclear. He is not openly attacking anyone. He isn't even making a big fuss out of this, users on both sides are. Neither did he claim the Linux developers of being thieves.

Alluding that Linux kernel developers "must have failed gradeschool because you can't read" (paraphrasing only slightly) on a public website isn't "publicly attacking someone"?

The man doesn't know when to keep his mouth shut or how to be civil. It looks like (thankfully) people in the OpenBSD project are telling him to shut the fuck up and let them handle things:

I stopped making public statements in the recent controversy because Eben Moglen started working behind the scenes to 'improve' what Linux people are doing wrong with licensing, and he asked me to give him pause, so his team could work.

Try, "publicly, he's an asshole and routinely uses ad hominem."

From discussion of the very issue, Slightly more annoyed, Pièce de résistance, FLAME ON!

Pretty funny to then read, further down in the thread:

Theo didn't make the initial post about the BSD violation. Theo could have chosen to respond quite publicly, but instead he chose to respond on the OpenBSD mailing list. He did not go nuclear. He is not openly attacking anyone. He isn't even making a big fuss out of this, users on both sides are. Neither did he claim the Linux developers of being thieves.

Alluding that Linux kernel developers "must have failed gradeschool because you can't read" (paraphrasing only slightly) on a public website isn't "publicly attacking someone"?

The man doesn't know when to keep his mouth shut or how to be civil. It looks like (thankfully) people in the OpenBSD project are telling him to shut the fuck up and let them handle things:

I stopped making public statements in the recent controversy because Eben Moglen started working behind the scenes to 'improve' what Linux people are doing wrong with licensing, and he asked me to give him pause, so his team could work.

Funnily enough, Theo posted a fairly decent and non-inflamatory respones in the early discussions. This is in stark contrast to the earlier GPL case (mentioned in your post) where his reaction was indefensible.

Really? Because this is what I read from Theo: It boggles the mind. One writes legal text which says "You may not delete this", and their approach is to delete it, and splatter GPL-gizm all over it. "Screw the everyone and theirlaws, we are GNU...". He sounds like an ass to me regardless of who's right or wrong.

>Because Intel can be bothered to give the devs the specs and not get their tits in a knot like ATI.

Riiight.

Just ask Theo de Raadt, he can tell you all about getting specs from Intel.

Coverage on Undeadly.

To answer some anti-OpenBSD bias from the summary above: systrace is really Niels Provos toy, OpenBSD just includes it in the base install just as NetBSD does; regarding sudo, it has been addressed in a comment above (not vulnerable in the actual released version); and by saying that NetBSD has disabled systrace that implies that OpenBSD has it still enabled. Except that it is a tool that isn't used by the default install at all - you have to enable and configure it yourself. And as the Undeadly post states: Since 2002, the systrace(1) man page included a warning in the BUGS section about the possibility of escaping the policy enforcement because of the behavior of certain system calls..

Personally I have never liked the idea of systrace - leaves way to much to to me as a system administrator to fuck up.

"Here's one good reason the OpenBSD project will NEVER consider using stock subversion. While subversion's license is BSDish, Subversion depends on the Apache portable runtime, which has the same unacceptable license as Apache 2." -- from this post at undeadly.org.

"Here's one good reason the OpenBSD project will NEVER consider using stock subversion. While subversion's license is BSDish, Subversion depends on the Apache portable runtime, which has the same unacceptable license as Apache 2." -- from this post at undeadly.org.

Just read up a little bit about OpenBSD, and you'll notice they are not afraid of complexity. Examples that come to mind are pf, OpenBGPD, W^X, etc.

Besides, choosing a stable and secure algorithm is not a bad idea. See this post for a valid example.

Finally, I can't help but notice that Subversion is available as an OpenBSD package, so quit your yakking already.

Sheesh, anti-OpenBSD trolls these days.

Theo, good for you. We don't use FTP servers on NAS, nor do we use such on RAID + full disk encryption setups as FTP defeats their purpose. We only use SMB/NFS on a NAS.

Its funny how the OpenBSD zealots are always ACs. Why don't you go play in your own garden? Now, I give you a point for having implemented PKCS#5 PBKDF2 since OpenBSD 4.0 (quite late but still), but you still miss obvious features such as not limited to: LRW, key management, emergency destroy, changing password without encryption. Besides, the performance of this setup is shit. You can tell by the fact that the write performance is 16 MB/sec, whereas the read performance is merely 25 MB/sec. The fact the author is possitive about such is striking. Note, how it does matter whether this is benchmarked w/bonnie++ on the box, or via say Samba, or some other method. Still, they both should be much higher even with the overhead of full disk encryption.

Not true at all. BSD people are the ones who whine and complain about corporations not paying them for their work, even though those corporations are doing everything they are obliged to do under the license you claim inspires no "dogma".

Graylisting is worthless? Umm, no.

It's certainly not perfect, but it reduces the load on my spam-filter. A *lot*. More than 90+% of smtp connections don't make it through spamd here. I hardly call that worthless.

Last year it was more like 99+%. Here's some stats from someone else last year: http://undeadly.org/cgi?action=article&sid=2006021 7105149

nbd is not responsible for doing this public. Noone else but me is. This was my decision. I agree that most people I talked to agreed to that decision, but if I had another opinion and didn't like to go public, it wouldn't have happened. And I still think it was right.

OK then. I still think the result of all this is a disaster, but we'll see what happens.

Please, next time, try not to feed the trolls.

I had a hard time doing this, as the troll was the main openbsd guy...

Yes, he can be hard to deal with, as can a lot of people in the Linux community. But note that in neither case this means the whole community is hard to deal with.

I thought I'd throw you guys some peace pointers to valuable comments from the OpenBSD side of things I found on undeadly.

Note that these comments are not flames, and they were modded up! There is common ground.

nbd is not responsible for doing this public. Noone else but me is. This was my decision. I agree that most people I talked to agreed to that decision, but if I had another opinion and didn't like to go public, it wouldn't have happened. And I still think it was right.

OK then. I still think the result of all this is a disaster, but we'll see what happens.

Please, next time, try not to feed the trolls.

I had a hard time doing this, as the troll was the main openbsd guy...

Yes, he can be hard to deal with, as can a lot of people in the Linux community. But note that in neither case this means the whole community is hard to deal with.

I thought I'd throw you guys some peace pointers to valuable comments from the OpenBSD side of things I found on undeadly.

Note that these comments are not flames, and they were modded up! There is common ground.

nbd is not responsible for doing this public. Noone else but me is. This was my decision. I agree that most people I talked to agreed to that decision, but if I had another opinion and didn't like to go public, it wouldn't have happened. And I still think it was right.

OK then. I still think the result of all this is a disaster, but we'll see what happens.

Please, next time, try not to feed the trolls.

I had a hard time doing this, as the troll was the main openbsd guy...

Yes, he can be hard to deal with, as can a lot of people in the Linux community. But note that in neither case this means the whole community is hard to deal with.

I thought I'd throw you guys some peace pointers to valuable comments from the OpenBSD side of things I found on undeadly.

Note that these comments are not flames, and they were modded up! There is common ground.

From: Michael Buesch <mb>
Subject: Microsoft bcw: Possible GPL license violation issues
Newsgroups: gmane.linux.kernel.wireless.general,
  gmane.linux.drivers.bcm54xx.devel
To: Marcus Glocker <mglocker>,
        Jon Simola <jsimola>,
        Theo de Raadt <deraadt>,
        Stefano Brivio <stefano.brivio>,
        Martin Langer <martin>,
        Danny van Dyk <kugelfang>,
        Andreas Jaggi <andreas.jaggi>,
        Larry Finger <larry.finger>,
        Quaker.Fang
Cc: Johannes Berg <johannes>,
        Joseph Jezak <josejx>,
        John Linville <linville>,
        Greg kh <greg>,
        bcm43xx <list>,
        linux-wireless <list>,
        license-violation <list>
Date: Wed, 4 Apr 2007 22:08:13 +0200
User-Agent: Outlook Express
 
I, Michael Buesch, am one of the maintainers of the GPL'd Linux
wireless LAN driver for the Broadcom chip (bcm43xx).
The Copyright holders of bcm43xx (which includes me) want to talk
to you, developers of Microsoft Windows, about possible GPL license and therefore
Copyright violations in your bcw driver.

From: Michael Buesch <mb>
Subject: OpenBSD bcw: Possible MS Windows license violation issues
Newsgroups: windows.kernel.wireless.general,
  windows.drivers.bcm54xx.devel
To: Marcus Glocker <mglocker>,
        Jon Simola <jsimola>,
        Theo de Raadt <deraadt>,
        Stefano Brivio <stefano.brivio>,
        Martin Langer <martin>,
        Danny van Dyk <kugelfang>,
        Andreas Jaggi <andreas.jaggi>,
        Larry Finger <larry.finger>,
        Quaker.Fang
Cc: Johannes Berg <johannes>,
        Joseph Jezak <josejx>,
        John Linville <linville>,
        Greg kh <greg>,
        bcm43xx <list>,
        windows-wireless <list>,
        license-violation <list>
Date: Wed, 4 Apr 2007 22:08:13 +0200
User-Agent: KMail/1.9.5
 
I, Michael Buesch, am one of the Managers of the Microsoft Windows
wireless LAN driver team for the Broadcom chip (bcm43xx).
The Copyright holder of bcm43xx (Microsoft) wants to talk
to you, OpenBSD bcw developers, about possible Microsoft Windows license and therefore
Copyright violations in your bcw driver.

I made the following comments at the OpenBSD Journal, but I think they are valid and should be heard amongst the Linux zealotry.

• Nobody disputes that GPL code was committed to OpenBSD CVS.
• Nobody disputes that this was in violation of your license.
• Nobody disputes that the bcm43xx code was a cleanroom implementation that took a long time to complete.
• Nobody disputes that Michael Buesch was one of the authors of said code.

None of these facts are relevant to the discussion. The sole issue is that Michael Buesch made a public spectacle out of Marcus' mistake. It should have been addressed privately between developers, and then broadcast publicly if discussions were unsuccessful. Regardless of whether you believe Marcus' actions were a mistake or a theft, you must give someone with his track record the benefit of the doubt. By embarrassing him publicly, Michael destroyed Marcus' motivation to work in bcw(4) and benefit the non-GPL user communities.

Even Jeff Garzik, one of the bcm43xx developers, admitted that Michael's actions were wrong. It's unfortunate that Michael Beusch is more concerned about defending his actions than correcting the injustice.

+1 hole http://www.undeadly.org/cgi?action=article&sid=200 70314040700 ... too obvious.

Put spamd with greylisting in front of SpamAssassin to take the load off.
See http://undeadly.org/cgi?action=article&sid=2006110 8134508 for details on how to do this as a transparent bridge.

And in other news:

Intel: Only "Open" for Business
http://undeadly.org/cgi?action=article&sid=2006093 0232710

Theo is complaining that he can't get any of this new open documentation...

No what I am saying is that Theo in the past has said that binary blog firmware was just fine and dandy as long as the device is documented.
What I am saying is this device is no different than a the motherboard that That theo himself selected for his own system.
What I am saying is that it is just a way for him to keep his name in front of people.
I suggest that read this.
http://undeadly.org/cgi?action=article&sid=2006093 0232710

"In this particular case, we would like more documentation for the Intel wireless chips. Damien [Bergamini] has already written drivers that make the devices work quite well... but there are still bugs, since all of this is based on reverse engineering efforts. The drivers could be better. Intel stands in the way of your devices working as well as they should."
Mavell has given all the information that is needed to write drivers.

"We would also like Intel to GRANT us distribution rights for the binary firmwares of their 3 wireless chipsets. Quite frankly we don't care what their reasons are, because their reasons must be lies according to the slides Intel presented at a conference.

"Intel also must grant these rights freely (we will not sign away our users rights, and we will not sign away our own rights -- that is what some of the Linux vendors do when they ship Intel firmwares). Intel must do this firmware grant in the same way that Adaptec, Atmel, Broadcom, Cirrus Logic, Cyclades, QLogic, Ralink, and LSI and lots of other companies have granted distribution firmware to be used by others. We do not believe that Intel is not special enough that they can take people's money and their rights. "

So marvell is doing what Theo asked Intel to do! But is that good enough?
Not when he can get his name on the front page of Slashdot by flaming a project that frankly he isn't even involved in.

The article here seems to suggest that Intel firmware has had some serious (aka Critical) issues.

Please correct me if I am wrong but it seems that documentation for Marvell's 88W8388's is not publically available without signing an NDA?

If this is the case why did a project that seems to pride itself of openess agree to deal with such a company? Drivers written under NDA tend to be full of magic numbers, near impossible for others to properly maintain andtotally against the spirit of open projects.

• Disable loadable modules on your servers.
• Jail your network services.
• Put the jail on a filesystem mounted with the "nodev" mount option so that /dev/kmem type stuff can't be used.

I am not a lawyer but...

Both GNU and OpenBSD take issues with the Apache 2.0 License:

http://apache.slashdot.org/article.pl?sid=04/06/07 /1621254 (Weak!)
http://www.gnu.org/philosophy/license-list.html#GP LIncompatibleLicenses
http://undeadly.org/cgi?action=article&sid=2004060 7133603&mode=expanded

Anyone want to explain the contention better?

My EUR .02: Dual license it perhaps like Pike (GPL/MPL)

MD

There is some reading available here: Anonym.OS: an OpenBSD Live CD for Anonymity? and here: Building an OpenBSD Live CD. I'm not sure the second one is your cup of tea but there may be value in the discussion. The first one is probably a better bet. However, I'm not sure how much modification has gone in and I have no idea whether it's up to date.

There is some reading available here: Anonym.OS: an OpenBSD Live CD for Anonymity? and here: Building an OpenBSD Live CD. I'm not sure the second one is your cup of tea but there may be value in the discussion. The first one is probably a better bet. However, I'm not sure how much modification has gone in and I have no idea whether it's up to date.

isn't it logical to start on the most popular platform and if it pans out, expand?

brag or no brag, they put their money/code where their mouth is (code/SoC/OpenBSD)

Google is the kid in high school who is smart (but not exceptionally so), works *very* hard to maintain 4.0 GPA and also sucks up to his teachers all the time. However, he gets very secretive and passive-aggressive when you point out his imperfections.

Google has also donated $10,000 to OpenBSD/OpenSSH. Looks like it's going to be a summer of code all around.