Slashdot Mirror
OpenBSD: 4 Years Exploit Free
Teknoenie writes: "Upon a recent visit to the OpenBSD website http://www.openbsd.org i noticed a nifty change. 4 years without a remote exploit in default install. I have to dish out a big congrats to the OpenBSD team. Great job guys." It seems good to mention as well that now's a good time to order OpenBSD 2.9 if you're so inclined, since it's scheduled to ship in three weeks.
No, you get a decent workable machine with no extraneous crud in it.
That's the key, You pick what's right for you, rather than the RedHat "Kitchen Sink" approach.
It can run the vast majority of Linux, FreeBSD, NetBSD, and SVR4 binaries. OpenBSD just rocks.
grubbyTrolling is a art,
First of all, really few need to have a disc
that is bootable on a sparc, that contains a
mac68k-kernel and have precompiled stuff for
pmax'es. Most people need the x86 files, and
those files are *easily* ftp:d from the main
ftp server, put on any cd9660 and then used from
the floppy install. There is no *real* need to
have the original ISO's if you want to grab
obsd-for-your-pc for free. Secondly, as many
will point out, it would be nice if you helped
the project out with few few bucks that a real
cd will cost you. Still, if you want to leech
openbsd for your single platform, you'd be silly
to download all other platforms. Noone ever
downloads debian for m68k on their pc's just
to have "the latest", do they? =)
-- I'm as unique as everyone else.
It's like walking around in the street with a sign on your back saying "I havn't stolen anything in 4 years" or "I havn't shot a dog in 4 years".. so what? You're not supposed to. If you did (that's you Microsoft/Sun/Redhat/etc) you should feel guilty about it and never do it again, but I hardly see why someone who does the right thing should feel like they are something special.
How we know is more important than what we know.
linuxhelp.net has them. If you like it order one and support the effort, I do.
IMO OpenBSD defines what security should be in all operating systems. Its OS is highly scrutinized prior to any version being released, and the team reacts quickly at the slightest whiff about a security issue.
After hanging out in #openbsd (/nick rwxr--r-- && sil) on the efnet for the past year or so, I've determined that most of the "hardcore" developers are extremely dedicated to making Open as secure as possible for the love of security strictly. I've met no troll developers looking to brag about getting OpenBSD to the level it is now.
Sadly however, many people tend to think that OpenBSD is a one man show (Theo) and turn their distaste for one person into an OpenBSD bashing session. Its ironic many will try to bash the OS for that "one" person, and fill a forum or email thread with useless words never once focusing on the fact that OpenBSD is unrootable on a default installation something which no other OS can claim.
greets to all the guys who work on the OS at their leisure their work is appreciated.
rwxr--r--
Want Root?
I'm not sure about this, but I think what they mean is that there have been no vulnerabilities discovered before they were fixed -- that is to say, I think that root exploit you are talking about was fixed during routine code auditing before anyone realized that it could be exploited.
But I don't keep up to date on OpenBSD stuff so I may be totally wrong here.
Tarsnap: Online backups for the truly paranoid
It would obviously not be as controversial, but I think that's a female fish...
More than two decades without a remote exploit in default install.
;).
:)
Similarly for MS-DOS
Link.
Maybe it wouldn't be politically correct, but would it be legal to re-distribute OpenBSD ISO's? For free? (I.e. one buys the disc and rips it and puts it on ftp)
If so, why isn't anyone doing? (Political thing?)
Daniel
red hat linux - now three and a half days without an exploit!
--saint----
Trolls throughout history:
Trolls throughout history:
Jonathan Swift
And it takes a lot of work to make OpenBSD useful
:)
Yeah, you know... cd'ing to the ports section of the application you want and typing 'make install clean'. Phew. Hard work.
which in turn makes it more vulnerable
Uhm, third-party apps don't make OpenBSD itself more vulnerable. Its not like if you install wuftpd on an OpenBSD box, the internal crypto subsystem would stop working, or it would suddenly drop your kern.securelevel to -1. Its the job of the admin to check out any services they are running for known exploits, perhaps grep the code for insecure functions, and do some active penetration tests (standard overflows, format strings, etc).
And don't tell me I don't know what I am talking about
You don't know what you are talking about.
I am a consultant who has installed OpenBSD on over 40 machines in 14 clients of the years
Great, I have installed OpenBSD on over 200 boxen and converted more than 25 people who used to use other BSD's and other Unicies (Solaris, UnixWare).
I don't see it doing more than the most basic Internet-facing stuff
Ho ho ho... I don't know where to begin with this comment. For one, I don't understand how you see this stuff as basic. Have you ever looked at the core code in OpenBSD? I bet you've never written IPSEC code, or a mail server. Whatever you're doing, it's obviously wrong, because you can do anything on an OpenBSD box that you can do with a Linux box, with the exception of stuff like video games, but don't blame that on OpenBSD... blame that on video card companies and gaming companies for not porting their software to BSD.
because the attitude of many of the chief OpenBSD developers turns off others who might work on the project
I've talked with Theo on many occasions, whether it be a question about OpenBSD, or about drivers or donations, and he has been more than helpful, and has even included smiley faces in his email. Maybe youre the one coming off as an asshole?
---------------
... There are only no exploits in the default install. There have been a number of OpenBSD exploits.
Do you like German cars?