Slashdot Mirror
OpenBSD 3.1 Released
Telent writes "OpenBSD 3.1 is out. I've been using a -current snapshot from April as my desktop, and this is truly an amazing release with lots of new PF tricks, improved driver support, and many other cool things. Get it from the master site at ftp.openbsd.org, or use a mirror when possible. Even the release art kicks butt. Enjoy!"
Congratulations OpenBSD team. Thanks for another great release.
Has anyone looked at the MicroBSD project yet?
It's based upon an OpenBSD-current kernel (so you get PF and all the great OpenBSD stuff), with FreeBSD tools, an hardened installation, custom additions and ports, a stripped-down base, etc.
{{.sig}}
truly an amazing release with lots of new PF tricks
I've been toying with the idea of using OpenBSD on a P75 as a wired-to-wireless network bridge. Essentially, I want to be able to have data go from my desktop machine, to this bridging computer, to a wireless AP, to the machines on the wired network that the AP is hooked up to.
Unfortunately, I've got no experience with IPF or PF, since all of my NAT needs are taken care of by a cheap-o Linksys router.
Anyone have a link for good introductory material on doing something like this?
--saint
3.1 still hasn't been officially announced:
So, check back soon.
b&
All but God can prove this sentence true.
Just go to https://https.openbsd.org/cgi-bin/order for international orders or for European orders https://https.openbsd.org/cgi-bin/order.eu
The new artwork really ROCKS!
Can't fight the Systemagic, Über tragic, Can't fight the Systemagic....
Yes
I run OpenBSD on a 486 with 16 MB RAM, so I would qualify your system as "overkill".
Quoth baywuulf:
OpenBSD will run just fine on this computer. monk.trumpetpower.com is running on basically that same platform, and it's never given me a hint of trouble. Not that it or my DSL would likely survive a slashdotting, but....
My laptop is a Pentium 120 with 72 Mbytes RAM. I run Konqueror and Netscape under Windowmaker on it all the time. Sure, it's not a blazing speed daemon, but it's quite useable. And it's great to take onsite--I've got Apache, a DHCP server, lots more running on a machine I can tuck under my arm. I can max out a 100 Mbit Ethernet link with Apache, which actually makes the laptop a bit more convenient in some cases than a CD for transfering files.
b&
All but God can prove this sentence true.
Quoth Sits:
If you like your uptime, have a look here.
b&
All but God can prove this sentence true.
more than adequate. I ran my home gateway on a p166/48mb ram machine for something like a year and a half (only downtime was due to things like me tripping over the power cable in a drunken stupor ;-)), no problems at all. I don't think the load ever went above 0.3 the whole time. (This was with 2.7, I don't see how 3.1 could be much different.) Heck, you could probably use a 486 if it had enough ram... Honestly, if all you're doing is firewall/gateway duty anything north of 8megs would probably be ok. I got openbsd to run on a 486/33 with (iirc) 6 megs at one point (a fancy struck me to put an irc server in my bathroom)... that was sort of painful, but the machine did run. I ended up reinstalling win98 on the p166 machine and using my old linksys router in it's place (becuase some friends of mine lost their computer in hurricane Allison last year, i figured they needed _a_ machine more than I needed _another_ machine, heh), if not for that then I imagine the little box would still be cheerfully tossing packets around for me. Now, obviously, if you have a bigger network behind the obsd machine than, say, 10 workstations, you're going to need more hw (faster proc, more ram to hold state tables, etc.)... Given that amd k6-2 cpus and super-7 motherboards are practically free these days, a machine to stand in front of a good sized office network probably wouldn't cost more than a hundred bucks if you were willing to scrounge (you only need a couple hundred meg hd unless you want to log things).
News for Geeks in Austin, TX
ISO images are copywrite to Theo de Raadt and are not distributed beyond actual cds. OpenBSD has a different support/developement model, funded through cd sales and donations.
The non US distribution points seem to be solely in Europe and can be found here
troodon.net
I got the released CD through the mail a few days ago. Could be because I live near where the main distributor is based.
This allowed me to spend the weekend upgrading the servers over to 3.1. The process was painless, the pre-compiled packages from ports allowed me to speed a few things up and within seconds I had everything patched against the errata and ready to go.
I would like to point out that this is the first release where ports.tar.gz works without a problem. Normally I am forced to download ports or even src.tar.gz because they refuse to be decompressed.
However, I am not looking forward my 2.9 firewall to 3.1. Since OpenBSD 3.x releases no longer support IPF, I need to have the new FP ruleset in place before I do anything serious on that machine.
This actually doesn't supprise me. Since MS is making an .NET implementation for MacOSX. Going from OSX (FreeBSD derrivative on Mach) to FreeBSD would be fairly trivial.
From OSOpinion: Reaffirming its support for the Macintosh platform and opening a bevy of new options for Apple's corporate direction, Microsoft this week is expected to announce its plans for implementing the .NET platform on the Mac OS.
Quoth SpikyTux:
CD sales are a prime source of income for OpenBSD; you'll never see an official OpenBSD ISO image legally available for download.
Having said that, an ISO image really isn't necessary. You can download a floppy image and use that to do an install directly via FTP. Rather than ~600 Mbytes to transfer for an ISO, you'll only have to grab about 120 Mbytes for a full install.
More details can be found here.
All but God can prove this sentence true.
Independent of whether or not you're trolling, this article needs someone to link to Advocating OpenBSD, and especially to a link off of that page, The Sound And The Fury.
-f
www.blackant.net
I think OpenBSD would be much better off providing ISO images for download. A realize OSS isn't a popularity contest but they could probably get a lot more funding with increased popularity so they wouldn't have to depend on CD sales. FTP download is nice, but most people are accustomed to using ISO images plus there are many occasions where installs are taking place on a system without net access. The major Linux distros wouldn't be nearly as popular if they didn't provide ISO images.
I used to think the same thing, but then I did a little searching on Groups.Google.Com and foud out that it is very easy to make your own ISO. You can get the latest snapshot... All you have to do is download the latest binary files from the OpenBSD FTP snapshot directory... Then use freeware cdrecord to do the change. I use a command like this on my Windows 2000 and Windows XP systems: Download the i386 to c:\OpenBSD\snapshot-05192002\i386\ and run mkisofs. c:\cdrecord\mkisofs -v -r -T -J -V "OpenBSD-i386-31" -b 3.1/i386/cdrom31.fs -c boot.catalog -o c:/OpenBSD/OpenBSD-i386-31-snap.iso -x c:/OpenBSD/OpenBSD-i3 86-31-snap.iso c:/OpenBSD/snapshot-05192002/ Obviously you have to mess with the paths a bit for your syste, but it isn't that hard. Creates a 130MB ISO, burn it with Nero (or something else) and boot. With Nero, make sure you do "full disc" and "finalize" options when burning the options. Again, check groups.google.com and search "openbsd mkisofs".
Absolutely....I run a webserver off of an old Cyrix 133 using OpenBSD. I'm going to add Jakarta to it soon and run servlets off of it. I don't know how well Java runs on the BSDs, but I'm hoping to find out.
If you're not a Liberal in your 20's, then you have no heart.If you're still a Liberal in your 30's you have no brain.
Originally, OpenBSD used a daemon; the fish came from BlowFish.
It happened, however, that people were starting to assume that daemon meant FreeBSD at around the same time as BlowFish became popular, so the openbsd crew decided to use the fish as mascot.
Tarsnap: Online backups for the truly paranoid
It would be nice if an OS would take sendmail out of their default install and try something else more secure and with better config files, such as postfix. For an OS all about "security," you'd think they'd get rid of sendmail. Maybe we can look forward to this in 3.2?
I think you need at least the boot floppy...there may be a way to launch the install disk using an image on the HDD....
If you're not a Liberal in your 20's, then you have no heart.If you're still a Liberal in your 30's you have no brain.
I see it says "Sparc64" anyone test this on a SunBlade yet?
everyone else has pointed out why they are not available but they have no offered you any alternatives, personally i have found the ftp install from a floppy disk to be painless and there are many third parties who offer openbsd iso's.. just because they're not distributed by openbsd.org doesn't mean they don't work and theo's copyright is unenforced afiak (i've never heard of anyone getting sued or otherwise for using an iso)
i have bought several cd distributions and several t-shirts however, so don't blindly leech, i have been running an openbsd server for a couple years and i have to say it's almost *too* stable.. by the it breaks or needs upgrading i've usually forgotten how to go about doing that because it's so good you don' thave to fix shit all the time... its an excellent server, simple and elegant design, i highly reccomend trying it.
as for your isos ask on irc or look around, they probably won't be out immediately, but then if you have th ebandwidth to download the iso's you should be fine w/ an ftp install.. you don't really need the media for anything anyway, ports provides everything and the ftp install is actually faster since once you download the shit it's readily available rather than having to burn a cd and then install it..
you get cool stickers w/ the cd sets however, this alone has provided enough motivation for me in the past, the stickers are invaluable =)
As soon as Mozilla runs natively under OpenBSD, it will be the best OS around
There isn't much like the scent of a fresh harddisk
It's just easier to get an ISO if you've got several machines, or if you just want to keep a backup cd around. I've got DSL, but I always get ISOs of Slackware (my unix of choice) rather than mess around with FTP installations.
OpenBSD is older than your old Pentium, and it can still do everything it used to be able to do. It probably won't run Gnome or KDE, but it's more than enough to be a multi-user login server, mail server, web server, and run X. If you want to do anything involving really large data at the same time, though, you might want to have swap.
Thats the BAD part about BSD releases, alot of people dont have high speed Internet access, and an update ISO is needed. The ports tree alone should be on a seperate cd set, and updated monthly. The ports need audited badly, alot of stuff that wont compile, leaving a bad taste on people new to BSD.
The non-offical OpenBSD ISOs are trustworthy. Cheapbytes offers an ISO for 4.99.
Okay, now it's official. Here's the announcement:
To: announce@openbsd.org
Subject: OpenBSD 3.1 Released!
Date: Sun, 19 May 2002 15:03:44 -0600
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
- OpenBSD 3.1 RELEASED -
May 19, 2002.
It is our pleasure to officially announce the release of OpenBSD
3.1. This year OpenBSD turns 7 years old. In celebration of this
milestone, we invite you to enjoy our 11th release on CD-ROM (and
12th via FTP). We continue to celebrate OpenBSD's record of four
years without a remote hole in the default install. Just like all
of our previous releases, 3.1 provides significant improvements,
including new features, in nearly all areas of the system:
- Improved hardware support (http://www.OpenBSD.org/plat.html)
o Much improved support for UltraSPARC hardware. More models are
supported and X11 works on all supported models.
o Improved 802.11b support, including a host-based access point
mode for Prism chipsets (i.e. wireless bridging). It is now
possible to completely configure a wireless interface using ifconfig.
o The hardware crypto drivers now work on all PCI platforms.
o Major macppc improvements including a brand new pmap module
that cut 'make build' time by over an hour.
o Tekram TRM-S1040 based PCI SCSI controllers are now supported.
o Creative SB Live! cards are now supported.
o HiFn 7811 is now supported by the hifn driver. A long-standing
bug causing PCI aborts has also been fixed in the hifn driver.
o Kernel support for Altivec on the macppc platform.
- Major improvements in the pf packet filter:
o Significant performance improvements due to additional optimizations
based on detailed benchmarks. Filter rule evaluation cost
(which occurs for every packet that isn't passed statefully)
is reduced by about 70%.
o Stateful filtering (including address translation and redirection)
for arbitrary IP protocols other than TCP, UDP and ICMP, for
instance GRE (used for IPsec/PPTP).
o Configurable memory limits (preventing memory exhaustion).
'pfctl -m' can set an upper bound on the number of simultaneous
states or fragments.
o authpf(8), an authenticating gateway user shell, modifies filter
rules when a user logs in, controlling network access at the user
level.
o New 'fastroute', 'route-to' and 'dup-to' options allow pf to
route packets independently of the system routing table. This
can be used to e.g., implement source-based routing or to
duplicate packets to an IDS or logging host.
o Parser improvements allow further reduction of rule set complexity
('no nat', rdr port ranges, and more).
o Rule labels simplify usage of counters for accounting ('pass in
from any to any port www label http_requests').
o The 'no-route' keyword in filter rules matches packets with non-
routable addresses. E.g., 'block in quick from no-route to any'
blocks packets from non-routable source addresses.
o tcpdump(8) expressions can filter pf logs on pf-specific fields.
E.g. 'tcpdump -i pflog0 action block' prints only blocked packets.
o Additional ioctls for adding and removing state entries (used by
proxies, authpf(8) and pfctl(8)).
- Ever-improving security (http://www.OpenBSD.org/security.html)
o More fixes for potential signal handler races. Work is ongoing in
this area to fix the signal handlers in all programs, not just
privileged ones.
o sshd now supports a privilege separation mode where all incoming
network traffic takes place in an unprivileged process.
o A number of memory leaks that could lead to denial of service
attacks have been plugged.
o Several other security issues fixed throughout the system, many
of which were identified by members of the OpenBSD team themselves.
Please see http://www.OpenBSD.org/errata30.html for more details
on what was fixed.
- New subsystems included with 3.1
o A version of the venerable spell program is now included.
o Generic macros for manipulating splay trees and red-black trees.
o Support for extended attributes in the filesystem.
- Many other bugs fixed (http://www.OpenBSD.org/plus30.html)
- The "ports" tree is greatly improved (http://www.OpenBSD.org/ports.html)
o The 3.1 CD-ROMs ship with many more pre-built packages for the
common architectures. The FTP site contains hundreds more
packages (for the important architectures) which we could not
fit onto the CD-ROMs.
- Many subsystems improved and updated since the last release:
o A long-standing bug in the i386 MBR that caused a hang on boot
with some machines has been fixed.
o Better sizing of kernel buffers, based on amount physical memory.
o Other memory-related limits are tunable without recompiling a
lernel via config -e.
o Improved behavior of the virtual memory system in low-memory
situations.
o ALTQ is supported by more ethernet drivers and now works on
bridged interfaces.
o Loadable kernel modules are now supported on ELF platforms.
o The 2 gigabyte file size limit has been removed from mmap(2),
vnd(4), savecore(8), dump(8), restore(8), and rcp(1).
o XFree86 updated to 4.2.0.
o sendmail updated to 8.12.2.
o Latest KAME IPv6
o KTH Heimdal-0.4e
o OpenSSH 3.2
If you'd like to see a list of what has changed between OpenBSD 3.0
and 3.1, look at
http://www.OpenBSD.org/plus31.html
Even though the list is a summary of the most important changes
made to OpenBSD, it still is a very very long list.
This is our twelfth OpenBSD release, and the eleventh release which
is available on CD-ROM. Our releases have been spaced six months
apart, and we plan to continue this timing.
- SECURITY AND ERRATA
We provide patches for known security threats and other important
issues discovered after each CD release. As usual, between the
creation of the OpenBSD 3.1 FTP/CD-ROM binaries and the actual 3.1
release date, our team found and fixed some new reliability problems
(note: most are minor, and in subsystems that are not enabled by
default). Our continued research into security means we will find
new security problems and we always provide patches as soon as
possible. Therefore, we advise regular visits to
http://www.OpenBSD.org/security.html
and
http://www.OpenBSD.org/errata.html
Security patch announcements are sent to the security-announce@OpenBSD.org
mailing list. For information on OpenBSD mailing lists, please see:
http://www.OpenBSD.org/mail.html
- CD-ROM SALES
OpenBSD 3.1 is also available on CD-ROM. The 3-CD set costs $40USD
(EUR 45) and is available via mail order and from a number of
contacts around the world. The set includes a colorful booklet
which carefully explains the installation of OpenBSD. A new set
of cute little stickers are also included (sorry, but our FTP mirror
sites do not support STP, the Sticker Transfer Protocol). As an
added bonus, the second CD contains an exclusive audio track by Ty
Semaka, http://www.thedevils.com/.
Profits from CD sales are the primary income source for the OpenBSD
project in essence selling these CD-ROM units ensures that OpenBSD
will continue to make another release six months from now.
The OpenBSD 3.1 CD-ROMs are bootable on the following six platforms:
o i386
o alpha
o sparc
o sparc64 (UltraSPARC)
o macppc
o hp300*
* The m68k-based platforms, including hp300, are located on a fourth
CD that is not included in the official CD-ROM package. You can
download the ISO image for the fourth CD as described below.
(Other platforms must boot from floppy, network, or other method).
For more information on ordering CD-ROMs, see:
http://www.OpenBSD.org/orders.html
The above web page lists a number of places where OpenBSD CD-ROMs
can be purchased from. For our default mail order, go directly to:
https://https.OpenBSD.org/cgi-bin/order
or, for European orders:
https://https.OpenBSD.org/cgi-bin/order.eu
All of our developers strongly urge you to buy a CD-ROM and support
our future efforts. As well, donations to the project are highly
appreciated, as described in more detail at:
http://www.OpenBSD.org/goals.html#funding
Due to space restrictions and our desire not to raise the cost of
the CD-ROM, the Motorola 68k-based platforms are located on a
fourth CD that is not included in the official CD-ROM package.
An ISO image for this CD may be downloaded from:
ftp://ftp.openbsd.org/pub/OpenBSD-ISO/3.1-CD4.iso
This CD contains the amiga, hp300, mac68k and mvme68k install sets
as well as the m68k packages. The CD is bootable on the hp300.
Note that not all ftp mirrors will carry the CD image.
- T-SHIRT SALES
The project continues to expand its funding base by selling t-shirts
and polo shirts. And our users like them too. We have a variety
of shirts available, with the new and old designs, from our web
ordering system at:
https://https.OpenBSD.org/cgi-bin/order
The new 3.1 t-shirt is not available at this time but will be
available shortly.
- FTP INSTALLS -
If you choose not to buy an OpenBSD CD-ROM, OpenBSD can be easily
installed via FTP. Typically you need a single small piece of boot
media (e.g., a boot floppy) and then the rest of the files can be
installed from a number of locations, including directly off the
Internet. Follow this simple set of instructions to ensure that
you find all of the documentation you will need while performing
an install via FTP. With the CD-ROMs, the necessary documentation
is easier to find.
1) Read either of the following two files for a list of ftp
mirrors which provide OpenBSD, then choose one near you:
http://www.OpenBSD.org/ftp.html
ftp://ftp.OpenBSD.org/pub/OpenBSD/3.1/ftplist
2) Connect to that ftp mirror site and go into the directory
pub/OpenBSD/3.1/ which contains these files and directories.
This is a list of what you will see:
Changelogs/ alpha/ macppc/ sparc64/
HARDWARE amiga/ mvme68k/ src.tar.gz
PACKAGES ftplist packages/ srcsys.tar.gz
PORTS hp300/ ports.tar.gz tools/
README i386/ root.mail vax/
XF4.tar.gz mac68k/ sparc/
It is quite likely that you will want at LEAST the following
files which apply to all the architectures OpenBSD supports.
README - generic README
HARDWARE - list of hardware we support
PORTS - description of our "ports" tree
PACKAGES - description of pre-compiled packages
root.mail - a copy of root's mail at initial login.
(This is really worthwhile reading).
3) Read the README file. It is short, and a quick read will make
sure you understand what else you need to fetch.
4) Next, go into the directory that applies to your architecture,
for example, i386. This is a list of what you will see:
CKSUM INSTALL.os2br comp31.tgz man31.tgz
INSTALL.ata INSTALL.pt etc31.tgz misc31.tgz
INSTALL.chs MD5 floppy31.fs xbase31.tgz
INSTALL.dbr base31.tgz floppyB31.fs xfont31.tgz
INSTALL.i386 bsd floppyC31.fs xserv31.tgz
INSTALL.linux bsd.rd game31.tgz xshare31.tgz
INSTALL.mbr cdrom31.fs index.txt
If you are new to OpenBSD, fetch _at least_ the file INSTALL.i386
and the appropriate floppy*.fs file. Consult the INSTALL.i386
file if you don't know which of the floppy images you need (or
simply fetch all of them).
5) If you are an expert, follow the instructions in the file called
README; otherwise, use the more complete instructions in the
file called INSTALL.i386. INSTALL.i386 may tell you that you
need to fetch other files.
6) Just in case, take a peek at:
http://www.OpenBSD.org/errata.html
This is the page where we talk about the mistakes we made while
creating the 3.1 release, or the significant bugs we fixed
post-release which we think our users should have fixes for.
Patches and workarounds are clearly described there.
Note: If you end up needing to write a raw floppy using Windows,
you can use "fdimage.exe" located in the pub/OpenBSD/3.1/tools
directory to do so.
- XFree86 FOR MOST ARCHITECTURES -
XFree86 has been integrated more closely into the system. This
release contains XFree86 4.2.0. Most of our architectures ship
with XFree86, including sparc, sparc64 and macppc. During installation,
you can install XFree86 quite easily. Be sure to try out xdm(1)
and see how we have customized it for OpenBSD.
On the i386 platform a few older X servers are included from XFree86
3.3.6. These can be used for cards that are not supported by XFree86
4.2.0 or where XFree86 4.2.0 support is buggy. Please read the
/usr/X11R6/README file for post-installation information.
- PORTS TREE -
The OpenBSD ports tree contains automated instructions for building
third party software. The software has been verified to build and
run on the various OpenBSD architectures. The 3.1 ports collection,
including many of the distribution files, is included on the 3-CD
set. Please see PORTS file for more information.
Note: some of the most popular ports, e.g., the Apache web server
and several X applications, come standard with OpenBSD. Also, many
popular ports have been pre-compiled for those who do not desire
to build their own binaries (see PACKAGES, below).
- BINARY PACKAGES WE PROVIDE -
A large number of binary packages are provided. Please see PACKAGES
file (ftp://ftp.OpenBSD.org/pub/OpenBSD/PACKAGES) for more details.
- SYSTEM SOURCE CODE -
The CD-ROMs contain source code for all the subsystems explained
above, and the README (ftp://ftp.OpenBSD.org/pub/OpenBSD/README)
file explains how to deal with these source files. For those who
are doing an FTP install, the source code for all four subsystems
can be found in the pub/OpenBSD/3.1/ directory:
XF4.tar.gz ports.tar.gz src.tar.gz srcsys.tar.gz
- THANKS -
OpenBSD 3.1 includes artwork and CD artistic layout by Ty Semaka,
who also is featured in an audio track on the OpenBSD 3.1 CD set.
Ports tree and package building by Christian Weisgerber, David Lebel,
Marc Espie, Peter Valchev and Miod Vallat.
System builds by Theo de Raadt, Niklas Hallqvist, Todd Fries and Bob Beck.
ISO-9660 filesystem layout by Theo de Raadt.
We would like to thank all of the people who sent in bug reports, bug
fixes, donation cheques, and hardware that we use. We would also like
to thank those who pre-ordered the 3.1 CD-ROM or bought our previous
CD-ROMs. Those who did not support us financially have still helped
us with our goal of improving the quality of the software.
Our developers are:
Aaron Campbell, Angelos D. Keromytis, Anil Madhavapeddy, Artur Grabowski,
Ben Lindstrom, Bob Beck, Brad Smith, Brandon Creighton, Brian Caswell,
Brian Somers, Bruno Rohee, Camiel Dobbelaar, Chris Cappuccio,
Christian Weisgerber, Constantine Sapuntzakis, Dale Rahn, Damien Miller,
Dan Harnett, Daniel Hartmeier, David B Terrell, David Lebel,
David Leonard, Dug Song, Eric Jackson, Federico G. Schwindt,
Grigoriy Orlov, Hakan Olsson, Hans Insulander, Heikki Korpela,
Horacio Menezo Ganau, Hugh Graham, Ian Darwin, Jakob Schlyter,
Jan-Uwe Finck, Jason Ish, Jason Peel, Jason Wright, Jean-Baptiste Marchand,
Jean-Jacques Bernard-Gundol, Jim Rees, Joshua Stein,
Jun-ichiro itojun Hagino, Kenjiro Cho, Kenneth R Westerback,
Kevin Lo, Kevin Steves, Kjell Wooding, Louis Bertrand, Marc Espie,
Marco S Hyman, Mark Grimes, Markus Friedl, Mats O Jansson, Matt Behrens,
Matt Smart, Matthew Jacob, Matthieu Herrb, Michael Shalayeff,
Michael T. Stolarchuk, Mike Frantzen, Mike Pechkin, Miod Vallat
Nathan Binkert, Nick Holland, Niels Provos, Niklas Hallqvist,
Oleg Safiullin, Paul Janzen, Peter Galbavy, Peter Stromberg,
Peter Valchev, Reinhard J. Sammer, Shell Hin-lik Hung, Steve Murphree,
Thierry Deval, Theo de Raadt, Thorsten Lockert, Tobias Weingartner,
Todd C. Miller, Todd T. Fries, Wim Vandeputte.
All but God can prove this sentence true.
Because, as a working programmer, they are activley supporting a company which is committed to putting me out of work by pushing various legal and illegal tactics to make it hard for non-MS companies to survive. I do give a flying fuck about that, even if BSD programmers don't.
The GPL makes it difficult for programmers to make money from their code but BSD makes it impossible, in the long run, for any programmer to make money unless they have the gracious permission of people like Gates who have plenty of cash to buy government policy and national markets.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
At least they'd have to live in fear of a disgruntled employee blowing the whistle. It's not much but it is something.
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
So basically it runs quite well on OpenBSD, but you have to install the whole Linux base system (bad, bad thing if you have a small disk), as well as to enable Linux-compat in the kernel.
Programming can be fun again. Film at 11.
Why would an "update ISO" be any better than upgrading via CVSup and friends? (For upgrading several boxen, either set up a local CVSup server, or man release) Most people who buy more than one OpenBSD CD set in their lifes do so to support the project, not to actually use them for an upgrade.
Programming can be fun again. Film at 11.
Do any of you know if the OpenBSD people have plans to replace blowfish with twofish in the kernel? What about Serpent and AES? Of all the people, I'm surprised that the OpenBSD people would be satisfied with "eh.. blowfish is good enough, why upgrade?".
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.
Programming can be fun again. Film at 11.
Does anyone know if an encrypted filesystem is availble for OpenBSD ? Seems like it still isn't. Except for the hacks like CFS... Is there an encrypted filesystem which is ready for *real* use out there ?
I was talking about the average user, if you have serval boxes, youre most likely to have high speed Internet.
Yes, but they give you instructions for making your own iso.. I just made my 3.1 iso. Very simple.
Common sense is not so common.
Anyone know who does the music for the OpenBSD releases?
"`Ford, you're turning into a penguin. Stop it.'" -THHGTTG
I'll repeat it again for the hard of thinking: the BSD license means helping people who are totally opposed to the bulk of programmers being able to make a living. It's not the intent of the BSD license but it is the effect.
Its like making bullets and giving them away for free to a room full of people only one of whom (MS) has a gun (monopoly). It's pretty obvious whose going to get shot.
Think once, think twice, think "don't help the bastard that's trying to kill you".
TWW
"Encyclopedia" is to "Wikipedia" what "Library" is to "Some people at a bus stop"
We finally got 512Kbps and 8 static IP's at work, and my first attempt at putting a RH71 box on the public Internet was rooted within 18 hours. This calls for OpenBSD. Rootkit that, kiddo. Forthuately I found it 4 hours after the syslog was restarted (SUn 4AM), there was absolutely nothing on it that isn't in the stock distro, and it was out in the DMZ connected to nothing in the firewall, so hahaha.
If I had more time, I'd have left it there and turn it into a honeypot, put some interesting fake info up and lure them in further, giving no clue that I know they're there.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
IAAC (I Am A Cryptographer).
:)
First, please note what the subject says: Twofish, Serpent and AES/Rijndael aren't as trusted. That's not at all the same as saying they're not trusted.
They are all excellent ciphers as near as anyone in the field can tell, but they are all very new. Many people in the field (myself included) are deeply skeptical of all new algorithms. Blowfish, by comparison, is about ten years old and has no significant cryptanalytic attacks against it. This makes Blowfish preferred over AES in the eyes of many cryptographers. (This is also why so many of us drool over 3DES. While it's hideously slow and inefficient, 3DES has been turning brilliant cryptanalysts into alcoholic, burned-out wrecks for 25+ years. That's amazing.)
Second, I am not aware of any cryptographer who recommends Serpent or Twofish over AES. When Rijndael won the AES selection, every cryppie in the world who wanted to make a name for himself started to throw himself at it. Hence, Serpent and Twofish have been exposed to much less cryptanalysis than AES/Rijndael. Serpent and Twofish aren't bad ciphers, but given the existence of AES, every responsible cryptographer I know strongly recommends AES over Twofish and Serpent.
Third, if I recall correctly, the OpenBSD people like Blowfish because Blowfish is about as agile as a brick. Attempting to break Blowfish by brute force is a really painful thing to think about, because setting up a new key is computationally expensive. By comparison, AES is a very agile cipher.
Fourth, it's true that AES is a blazingly fast cipher. But Blowfish is no slouch in this department, either.
So what you wind up with is Blowfish (a) is key-clumsy, which OpenBSD wants, (b) has survived almost a decade of rigorous cryptanalysis, (c) is quite fast.
OpenBSD wouldn't get any real benefit from switching to Blowfish. Why should they change?
One more crippling bombshell hit the already beleaguered *BSD Troll community when IDC confirmed that the "*BSD is dying" market share has dropped yet again, now down to less than a fraction of 1 percent of all slashdot readers. Coming on the heels of a recent slashdot post which plainly states that the "*BSD is dying" troll has lost more market share, this news serves to reinforce what we've known all along. The "*BSD is dying" troll is collapsing in complete disarray, as fittingly exemplified by failing dead last in the recent Troll Admin comprehensive trolling test.
You don't need to be a Kreskin to predict the "*BSD is dying" troll's future. The hand writing is on the wall: There may be no future at all for the "*BSD is dying" troll because the "*BSD is dying" troll is dying. Things are looking very bad for "*BSD is dying" troll. As many of us are already aware, the "*BSD is dying" troll continues to lose market share; red ink flows like a river of blood.
Let's keep to the facts and look at the numbers.
Troll leader Anonymous Coward states that there are 7000 users of "BSD is dying troll". How many users of "Red Hat is dying" are there? Let's see. The number of "BSD is dying" versus "Red Hat is dying" posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 "Red Hat is dying" trolls. "Mandrake is dying" troll on Usenet are about half of the volume of "Red Hat is dying" trolls. Therefore there are about 700 users of "Mandrake is dying" troll. A recent article put "Debian is dying" troll at about 80 percent of the Linux market. Therefore there are (7000+1400+700)*4 = 36400 "Debian is dying" trolls. This is consistent with the number of "Debian is dying" Usenet posts.
Due to the troubles of www.hotgrits.org, abysmal sales and so on, "Debian is dying" troll went out of business and was taken over by "Mandrake is dying" troll who sell another troubled troll.
Major marketing surveys show that the "*BSD is dying" troll has steadily declined in market share. "*BSD is dying" troll is very sick and its long term survival prospects are very dim. If the troll is to survive at all it will be among troll hobbyists and dilettantes. The "*BSD is dying" troll continue to falter. Nothing short of a miracle could save it at this point in time. For all intents and purposes, the "*BSD is dying" troll is dead.
How can you tell someone else that csh will be a painful experience? You might find it a painful experience; I know I find it a painful experience. But Billions and Billions (tm) of people in the world use csh every day, and don't seem to be suffering any ill effects. The first time you run adduser it will ask you what you want the default shell to be; just make sure you install the shell you want before first running adduser.
This leaves me puzzled. What dependency issues? For instance, my shell of choice is bash, and I know I'll need to add it after installing. So in my login environment, I set up the env. variable PKG_PATH to ftp://ftp2.usa.openbsd.org/pub/OpenBSD/3.1/packag# pkg_add ${PKG_PATH}/bash-2.05.tgz
Voila!! Bash is installed. This handles dependencies automatically; if package foo depends on package bar which depends on package foobar, running pkg_add -v ${PKG_PATH}/foo.tgz will automatically install foobar first, then bar, then install foo.
Unlimited growth == Cancer.