Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD 3.5 Reviewed

Posted by CowboyNeal on from the products-of-canada dept.

eeg3 writes "NewsForge has a review of OpenBSD 3.5. It encompasses a fair amount of information, more specifically it details security, cryptography, installation, and new features." While not afraid to point out OpenBSD's shortcomings as a desktop OS, it's still a good tour of possibly the most secure OS. NewsForge and Slashdot are both owned by OSDN.

10 of 81 comments (clear)

  1. Re:Question by Nasarius · · Score: 4, Insightful

    Linux is totally appropriate for a secure desktop system. OpenBSD is for insanely secure servers. The BSDs tend to lack the hardware support of Linux too and other things that just make Linux nicer for desktops.

    --
    LOAD "SIG",8,1
  2. Re:Question by NanoGator · · Score: 2, Insightful

    "Linux is totally appropriate for a secure desktop system."

    Well I don't know how to write this so it doesn't sound trollish. For that, I apologize in advance.

    Is what you're saying that a little less security is okay if it's more usable? If so, why isn't Windows given a little more credit?

    --
    "Derp de derp."
  3. different solutions for different problems by dh003i · · Score: 5, Insightful

    If you are running a server, and security is extremely important, there is nothing better than OpenBSD. Period, end of discussion. Banks and financial institutions should not be using Windows, Linux, or even FreeBSD servers: they should be using OpenBSD servers. Likewise for any website online trafficking in sensitive financial information and private information.

    For websites that don't deal in such sensitive information, OS' that are less secure are acceptable, such as FreeBSD and various Linux' suitable for servers (Slackware, Debian, Gentoo).

    For Desktop users, security isn't as paramount. However, it is still important, especially if you store any sensitive information on your computer. Some people store their private financial information on their computers. This is why Windows creates problems. Other Windows security problems are just obvious: the plethora of virus', exploits, worms, etc etc etc. These are areas where Linux is better (if not misconfigured so as to be insecure). The reason for Linux and not OpenBSD is because computer's are not an end in themselves. They exist to do certain functions; many of the daily things which people want to do on their computers just aren't possible to do on OpenBSD, or are a real pain, but are possible to do in Linux.

    Stating people should use Windows, MacOS, Linux, or xBSD is over-general. Do you know precisely what every users' needs/desires are? No. Then how can you possibly say what OS they should use? The answer is you can't.

    Of course, I haven't really responded to your question "if security's such a BFD, why isn't BSD more popular around here?" The answer is that security isn't considered paramount, above all else. If you wanted to be completely secure with your computer, you could unplug it from the internet and never plug it back in, and lock it up in a vault-room, with finger-print protection. People here probably consider other things important as well...

    --
    social sciences can never use experience to verify their statemen
    1. Re:different solutions for different problems by Anonymous Coward · · Score: 1, Insightful

      Too bad those aren't in any modern distros, and are limited about what they protect. Instead of fixing apps that cause problems with their security measures, they simply disable them. Hell, PaX breaks damn near any useful app you would want to run, so wtf is the point of it?

  4. Re:Question by Nasarius · · Score: 2, Insightful

    Windows isn't given more credit because it's crap. To put it in perspective, if Windows is a 1 in terms of security, Linux is a 10 and OpenBSD is a 12.
    See dh003i's post.

    --
    LOAD "SIG",8,1
  5. Re:Question by Anonvmous+Coward · · Score: 4, Insightful

    "Windows isn't given more credit because it's crap. To put it in perspective, if Windows is a 1 in terms of security, Linux is a 10 and OpenBSD is a 12.
    "

    A lot of Linux users out there are kidding themselves. Arugably, Linux is more secure than Windows. However, most of the Windows vulnerabilities we've seen lately were actually vulnerabilitys on apps running on top of Windows, i.e. I.E.. (Yes, I know it's part of the OS, but that's not to say that Mozilla or Opera couldn't have been developed to be dangerous. Hence the 'more' in my secure commment earlier.) Install and run an insecure app on Linux, then you're just about as vulnerable to outside attack. Not as vulnerable given Linux's excellent permissions system, but it's still more than enough to do damage.

    My point is not to say that Windows should be held in a better light, but rather to say that more secure is not secure. You still have to install updates, you still have to watch what you run on it, and you still need to back up/protect your data. If you're already doing that, then usability is of greater interest, and for a lot of people, Linux still has catching up to do.

    Ng's got a point. The security reason for people to switch to Microsoft is not the 1 vs. 10 reason it's made out to be here. (at least when talking about personal use, I wouldn't say the same if we were talking about deploying corporate workstations.)

  6. Re:Question by curious.corn · · Score: 2, Insightful

    UNIX security model is much more easy to grasp and implement than whatever MS kludged together in the various pro versions of their environment. There's no such thing as chroot/jail in windows isn't it? I'm perfectly aware that an XP registry is rife with cryptic and mulply overridden account policy keys that only a specialized enterprise admin might make something out of it (that's probably why SPs often FSCK up deployed servers...). When a security hole exposes a 'nobody' or 'www' jailed server I can patch it in no time being 100% shure the only service involved is the one I'm working on; sometimes I go to the point of duplicating shared libs (openssl) for the various servers... Windows is unsafe because of sloppy code and also because it has a byzantine security model.

    --
    Mi domando chi à il mandante di tutte le cazzate che faccio - Altan
  7. Re:Question by Anonymous Coward · · Score: 2, Insightful

    Yes, you can have a very simplistic deployment that uses a Jail to serve pron pics, and Linux/BSD works very well at that.

    However, in enterprise deployments, the "byzantine security model" blows away the Unix equivalents, in terms of pure, needed, functionality.

    We're talking about a crowd that still uses NFS, which hasn't even the concept of passwords! It's like super-intelligent space aliens attempting to communicate with cavemen. No wonder they can't understand and think their "Good-um Head-Smash Bone" is superior to a finely tuned alien weapon. Someday, you'll evolve, and until then keep spewing your fud.

  8. Re:Most Secure OS? by swamp+boy · · Score: 3, Insightful

    Could you provide examples of "real operating systems designed to be secure from the ground up"? I'd like to know.

  9. Re:Most Secure OS? by Anonymous Coward · · Score: 2, Insightful

    How can you call something "the most secure OS" when there is still a concept of a root user that has access to the entire system?

    How can you secure, and be sure something is secure if the system can deny you from making sure it is so? Isn't that sort of a catch 22?