OpenBSD 3.5 Reviewed

eeg3 writes "NewsForge has a review of OpenBSD 3.5. It encompasses a fair amount of information, more specifically it details security, cryptography, installation, and new features." While not afraid to point out OpenBSD's shortcomings as a desktop OS, it's still a good tour of possibly the most secure OS. NewsForge and Slashdot are both owned by OSDN.

Question

[NanoGator]

Every time there's a story about a vulnerability in something Microsoft related, there's a ton of modded up comments to the tune of "people should use Linux and related stuff to be more secure." But if security's such a BFD, why isn't BSD more popular around here?

Re:Question

[black+mariah]

Because you can't like BSD and spooge all over the GPL at the same time.

Re:Question

[AhBeeDoi]

Cause it's dead?

Re:Question

[Nasarius]

Linux is totally appropriate for a secure desktop system. OpenBSD is for insanely secure servers. The BSDs tend to lack the hardware support of Linux too and other things that just make Linux nicer for desktops.

Re:Question

[NanoGator]

"Linux is totally appropriate for a secure desktop system."

Well I don't know how to write this so it doesn't sound trollish. For that, I apologize in advance.

Is what you're saying that a little less security is okay if it's more usable? If so, why isn't Windows given a little more credit?

Re:Question

Because Linux is actually as secure as OpenBSD. Yep, Linux code is regularly audited by a lot of different companies and organisations (Stanford, IBM, RedHat, SuSE, to name a few).

With the SELinux merged in 2.6, and security infrastructure like PaX shipped with most distros, Linux actually has a more comprehensive security solution than OpenBSD really.

Re:Question

[HaloZero]

Because BSD is dead, obviously.

It might have something to do with the fact that security isn't actually worth being secure unless you have to do it yourself, and as such, with most BSDs being rather secure out-of-the-box, doing it that way is a pussy way out. </SARCASM>

Re:Question

The law of diminishing returns. There's such a big difference between Windows and Linux in terms of security, there is a big point to switching. The difference between OpenBSD and Linux, on the other hand, is fairly minimal.

Re:Question

[Nasarius]

Windows isn't given more credit because it's crap. To put it in perspective, if Windows is a 1 in terms of security, Linux is a 10 and OpenBSD is a 12.
See dh003i's post.

Re:Question

[Creepy+Crawler]

---Is what you're saying that a little less security is okay if it's more usable? If so, why isn't Windows given a little more credit?

Hmmmm, interesting question. Let me present you problems that Ive not found Windows to handle.

1: Allowing graphical interface but NOT allowing 3D graphic card operations used (Simple with X, deny access to DRI)

2: Allowing programs from remote TRUSTED computers to have their graphical output displayed locally. (X was made for this exact purpose)

3: Making user accounts with almost no permission to the local computer (remote mounted directory trees)

4: The ability of an extremly fine grained system security model (NSA patches, now in the 2.6 kernel)

5: Being able to fix terminal (as in bad) errors within your servers woithout having to rely on external help (Domain Admin accts either locked out or scrambled in Win2k3- no known way to harvest other than full reinstall)

6: Does not need a desktop environment to run. Just instead open the Xserver and have onload the program needed for work.

7: Can be done on a Xterminal or bare-bones PC with network connection. I know of no Windows OS that this can be said for.

Im sure there's more... but Oh well ;)

Re:Question

"The BSDs tend to lack the hardware support of Linux too and other things that just make Linux
nicer for desktops."

Let me think of how to put this in a nice way...

BZZZZZZZZT! Try again. BSD usually the hardware before Linux has it, off the top of my head I can think of USB2 and FireWire.

Happy trolling!

Re:Question

> But if security's such a BFD, why isn't BSD more
> popular around here?

Because for many (most?) in the Linux community
it's not about correctness or quality of the OS,
it's about licensing (GPL), bringing down the evil
empire (Microsoft), and revolution (down with Cap-
italism).

Re:Question

[Anonvmous+Coward]

"Windows isn't given more credit because it's crap. To put it in perspective, if Windows is a 1 in terms of security, Linux is a 10 and OpenBSD is a 12.
"

A lot of Linux users out there are kidding themselves. Arugably, Linux is more secure than Windows. However, most of the Windows vulnerabilities we've seen lately were actually vulnerabilitys on apps running on top of Windows, i.e. I.E.. (Yes, I know it's part of the OS, but that's not to say that Mozilla or Opera couldn't have been developed to be dangerous. Hence the 'more' in my secure commment earlier.) Install and run an insecure app on Linux, then you're just about as vulnerable to outside attack. Not as vulnerable given Linux's excellent permissions system, but it's still more than enough to do damage.

My point is not to say that Windows should be held in a better light, but rather to say that more secure is not secure. You still have to install updates, you still have to watch what you run on it, and you still need to back up/protect your data. If you're already doing that, then usability is of greater interest, and for a lot of people, Linux still has catching up to do.

Ng's got a point. The security reason for people to switch to Microsoft is not the 1 vs. 10 reason it's made out to be here. (at least when talking about personal use, I wouldn't say the same if we were talking about deploying corporate workstations.)

Re:Question

He's a foe of a friend, and crude to boot, but somebody mod this man insightful he has hit the nail on the proverbial head.

Re:Question

[Rick+the+Red]

Cause it's dead?

No, 3.3 and earlier are dead. 3.4 and 3.5 are doing fine, so it's only mostly dead.

Re:Question

[curious.corn]

UNIX security model is much more easy to grasp and implement than whatever MS kludged together in the various pro versions of their environment. There's no such thing as chroot/jail in windows isn't it? I'm perfectly aware that an XP registry is rife with cryptic and mulply overridden account policy keys that only a specialized enterprise admin might make something out of it (that's probably why SPs often FSCK up deployed servers...). When a security hole exposes a 'nobody' or 'www' jailed server I can patch it in no time being 100% shure the only service involved is the one I'm working on; sometimes I go to the point of duplicating shared libs (openssl) for the various servers... Windows is unsafe because of sloppy code and also because it has a byzantine security model.

Re:Question

Yes, you can have a very simplistic deployment that uses a Jail to serve pron pics, and Linux/BSD works very well at that.

However, in enterprise deployments, the "byzantine security model" blows away the Unix equivalents, in terms of pure, needed, functionality.

We're talking about a crowd that still uses NFS, which hasn't even the concept of passwords! It's like super-intelligent space aliens attempting to communicate with cavemen. No wonder they can't understand and think their "Good-um Head-Smash Bone" is superior to a finely tuned alien weapon. Someday, you'll evolve, and until then keep spewing your fud.

Re:Question

[Matthias+Wiesmann]

1: Allowing graphical interface but NOT allowing 3D graphic card operations used (Simple with X, deny access to DRI)

Could you explain why you would like to do this? I mean what security gain you get by doing this? I cannot imagine a scenario were a person should be allowed use of the display, but should not use high-speed 3D operations, or where using those operations would be damageable to the system.

Re:Question

[curious.corn]

If you're talking workgroup management I agree with you. NFS isn't a viable solution and until recently cifs:// was pretty difficult to implement correcly. Mind you, it works splendidly on an ldap backend, and supports mutual certificate authentication (on server AND on client)... What I was talking about isn't pr0n servers you little flamebait smuck but enterprise web frontends... (and BTW, I've yet to see a properly and reliably funcional corporate desktop installation...)

Re:Question

Remember, Microsoft has argued until they were blue in the fact that Internet Explorer was indeed a core part of the OS and couldn't be separated. We're not talking "an app that comes with the system", but a real part of the OS (or so MS says).

Also, IE is used for more than when you click on the IE icon. IE gets called whenever the OS needs to render anything in HTML, and, under a default install of older versions, even things like JPEG images.

Of course, while many of the recent bugs have been in IE, don't forget the bugs in critical services (without which the "OS" is unusable) like the RPC bug that brought us slammer.

Re:Question

I think he may mean it to stop gamers, not crackers.

Re:Question

[Creepy+Crawler]

Exactly. I dont people playing Quake or Unreal Tournament during working hours..

That allows your workers to use XWindows with 3D accelerated hardware without letting the worker have acces to it.

After all, to keep productivity good, I'd allow on Fridays (afternoon) a good lan tournament on a game.

Re:Question

[Matthias+Wiesmann]

Exactly. I dont people playing Quake or Unreal Tournament during working hours..

Ok, I can agree to the general idea, yet you will only block one category of games, this will not prevent anybody of playing solitaire, bubble trouble, or any of those silly flash games, so this is a complicated measure for a very limited effect.

Also I wonder if you cannot get a similar result on windows by disallowing access to direct X?

Re:Question

Can that actually be done? I have never seen any controlls in the panel that refer to turning DX off.

Not trolling or anything, just curious.

Re:Question

[Matthias+Wiesmann]

Can that actually be done? I have never seen any controlls in the panel that refer to turning DX off.

I dont think there is a control panel to disable DX on windows, but then again, I never saw a control panel in Gnome to disable 3D operations in the X server.

I would be astonished if you could not cripple DX by changing the permissions of the DLLs and thus prevent the execution of games. For me this is the same kind of operations than disabling DRI in the X11 server.

All in all, I'm simply no convinced that the whole 'we can cripple the X server' is really a strong point of Unix vs Windows.

Re:Question

[a1englishman]

So you don't trust your employees?
Do they complete their tasks in good time?
Do you get acceptable results?
If your employees are driven to playing games, have you taken time to examine whether you have an engaging environment, and make your employees' input welcome?
Seems like the problem comes from higher up.

Re:Question

The Administrator can run "DXDIAG" and disable Direct3D. You can also do it from some vendor display controls. Don't know how you'd disable OpenGL - maybe just ACL the DLL.

This problem is usually solved by giving office machines really crappy video cards

Re:Question

[Creepy+Crawler]

Very valid questions.. But Im a consultant.

I service mainly Small Business Owners with IT advice, equipment, installation, and integration of said equipment.

When a business owner says they're having a problem with a User on a Linux desktop playing 3d games on work computers, I respond with the correct way to deal with it. I do not lecture how good/bad the owner is handling business, or other "moral" concerns.

And yes, it doesnt stop Flash games, or other nuisance games.. Just stopping 3d based hardware acceleration stops a large class of games. But that part is just that.. A PART in stopping game playing.

And if I had a business with more than 2 people (I have a hired worker-on call mostly), as long as the said work is done, I'd not have a problem letting a salaried worker either play games or go home. As long as they're not breaking any laws (no matter how asanine some are) I really dont mind.

Case in point. Im pretty leinant. Some small buisiness owners I do work for arent.

Re:Question

[Creepy+Crawler]

Ive tried to disable/criple DirectX.

My best attempt sent Windows (2000) into a repetitive blue-screen, desktop, bluescreen, desktop... Circulating error. Reboots didnt work. Changing accounts to admin didnt work either.

My early disgnosis is that removing/disabling DirectX from Windows is nigh impossible. It could be possible, but I see no real way of doing it. DX seems to be tightly interwound with the Kernel.

---All in all, I'm simply no convinced that the whole 'we can cripple the X server' is really a strong point of Unix vs Windows.

Perhaps not strong, but a good point of employer control of the desktop. If the employee doesnt have a valid reason to use 3D features within the graphics card, why should they have the rights? This principle is one of security's Least common permissions. Easy to grant, hard to revoke after the fact.

Re:Question

Not solved very well, the worst video card I can buy is a Raedon 7k with 16 MB on it.

Re:Question

[Foolhardy]

1. Move the video acceleration level to zero. (Display->Settings->Advanced->Troubleshoo t) This will implicitly disable direct draw and direct3d.
Or, use dxdiag.exe to disable them more directly. Only local admins can change those settings.

2. Connecting to a single window remotely isn't natively supported but Citrix supports it. There is some kind of deal between MS and Citrix to prevent MS from including it standard.
Oh and what happens when the X server dies unexpectedly, takes your server (X client) app along with it and causes corruption?

3.Use the Guest account; or a user account that is only a member of the Guests group. You can also change the shell to something executed remotely if you want. In a domain, the group Domain Guests is a member of the Guests group on local computers.

4. NT has always had a fine grained ACL security system. Files and directories have 17 permission types as opposed to the UNIX standard 3. Every object (from section to thread to mutex) has a seperate ACL.
Perhaps you could be more specific?

5. I can't tell what the problem is from here based on the information (lack thereof) you provided.
If someone (external or not) can fix it, then it's not the OS's fault but the ignorant party's fault.

6. You don't need a desktop environment. See the group policy User Interface.

7. See Terminal Services.

Re:Question

[Foolhardy]

UNIX security model is much more easy to grasp and implement than whatever MS kludged together in the various pro versions of their environment.

I don't find the NT security model to be hard to understand; what don't you understand? It hasn't changed much since the first version.

There's no such thing as chroot/jail in windows isn't it?

Yes, they are called sessions. Each session has a set of symbolic links in the Object Manager that connect devices to a session's namespace. The Object Manager is like Linux's VFS. Change/delete those links and win32 can't get to the devices they point to. For example, if you changed the C:->\Device\HarddiskVolume1 link to point to \Device\HarddiskVolume1\MyDir, processes in that session cannot access files outside of \MyDir.

I'm perfectly aware that an XP registry is rife with cryptic and mulply overridden account policy keys that only a specialized enterprise admin might make something out of it (that's probably why SPs often FSCK up deployed servers...).

Are you saying that group policies are cryptic, despite the paragraphs per entry in the description tab? Here is how policy overriding works. Group policies applied from the domain always replace local settings; they would be useless without this. Computer policies override user policies in a single GPO object when a conflict exists. When you connect GPO objects to an orginizational object you get to pick what order the GPOs are applied in. When in doubt, lookup the "Effective Policy" in Local Security Policy. Policies overwrite each other; redundant entries are not created.
Personally, I haven't had any problems with service packs.

When a security hole exposes a 'nobody' or 'www' jailed server I can patch it in no time being 100% shure the only service involved is the one I'm working on; sometimes I go to the point of duplicating shared libs (openssl) for the various servers... Windows is unsafe because of sloppy code and also because it has a byzantine security model.

If I had an unprivledged local service breached on a NT machine, the only thing I would worry about is local exploits, same as on a UNIX. You can duplicate libraries if you want, but that's a bit pointless.
The security model is just different, not bad.

Re:Question

[Foolhardy]

DirectX is implemented in win32k.sys. This file also implements the win32 subsystem, GDI and the window manager (USER). You can't remove DirectX because GDI uses it to do drawing and map device surfaces; they are integrated; not with the kernel, but with win32.

If you want to control the software that your users run, Software Restriction Policies will work much better, as they are designed for that. Create a whitelist of allowed program hashes. All others will be denied.

Re:Question

[N8w8]

It's not that simple, a lot of my hardware at some point wasn't supported by {Free,Open}BSD but was by Linux, such as the Hauppauge WinTV PVR350 TV capture card (right now), Aureal Vortex 2 sound card, OnStream DI30 tape streamer, VIA Nehemiah's CPU frequency scaling.

Because of that I switched my server/MythTV box to Linux, though I was perfectly happy with FreeBSD on my server before it had to run MythTV on a PVR350.

Re:Question

Except that those audits are by people who don't grasp security, and in fact if you read mailing lists, linus constantly proves to be very ignorant of security and secure programming practices. Auditing code doesn't help if you're auditors are incompetant.

SELinux doesn't really do much of anything, and PaX is not shipping standard as part of any distro, its something that the user has to know enough to find and enable, then will get mad cause its breaks all their apps and disable it. OpenBSD has working solutions that are equivilent to those, which are enabled by default, as well as having several other security measures linux doesn't offer at all.

Nice try, but you could maybe read before you make shit up next time?

Re:Question

[tiger99]

Yes, in many ways, but to a typical Windoze user who has never used a command line they might appear very different indeed.

There is one big difference, you don't get so mauch feature and application bloat with OpenBSD as you get with a typical Linux distro. True, you don't need to install it all, and FreeBSD seems to have even more......

Packaged up properly, OpenBSD could be the basis of a decent desktop OS, but Theo, who mostly runs the show, is fully occupied, and rightly so IMHO, with security issues, and things related to servers. But, as it is BSD licensed, the opportunity is there for anyone who wants to do it. What about a Blue Hat or a LuCY, or maybe a Tightware, or a WomanDuck? In fact I am surprised that no-one, apart from a few small businesses who supply "distros" has done much with FreeBSD or NetBSD either.

Re:Question

[curious.corn]

Fine, I'm not an expert NT admin but the link you provided on object manager somehow proves my point. The linked page begins by enumerating the bugs of the system provider interface to such a crucial security feature. Now, let's not fool ourself, enforcing chroot and namespace isolation isn't rocket science. Trouble is, MS just provides a useless and buggy handle for it and this I find unacceptable. They claim to provide low TCO but I'm still required to google around the damn web for some freeware (oh the despised freeware!) to get usable access to a fundamental security feature!? No, I'm not buying a quad xeon ibm brass, loading server 2k3 and THEN hunt for a bloody freeware! I'd rather go all the way and go linux/bsd. After all if there's a sloppy loose end I'm perfecly aware about it on linux, and encouraged to share the plug...

Re:Question

[OnTheMoney]

Watch while this OpenBSD discussion somehow turns into a Windows vs. Linux flame war.

I was at least hoping for some intelligent flames from FreeBSD people instead.

--
Healthy Info

*BSD is dying

It is official. Netcraft now confirms: *BSD is dying

One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last in the recent Sys Admin comprehensive networking test.

You don't need to be a Kreskin to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.

FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.

Let's keep to the facts and look at the numbers.

OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Fact: *BSD is dying

Re:*BSD is dying

[nusratt]

"bombshell", "complete disarray", "bleak future", "river of blood", "endangered", "abysmal", "corpse", "charnel house", "dim", "decay", "Nothing short of a miracle could save it"

so, um, how do you like its chances?

p.s. -- nothing wrong with that parrot, it's just sleeping.

Re:*BSD is dying

Good News Everyone!
Turns out that *BSD is stronger than ever!
According to an Inernetnews article, Netcraft has confirmed that *BSD has "dramatically increased its market penetration over the last year."
There has been a steady increase in *BSD developers over the past decade.
There are currently 307 FreeBSD developers as of the 2004 core team election.
You can read more about FreeBSD here

If you would like to try out a BSD, you can download: FreeBSD, OpenBSD, NetBSD, or DragonflyBSD
Enjoy!

different solutions for different problems

[dh003i]

If you are running a server, and security is extremely important, there is nothing better than OpenBSD. Period, end of discussion. Banks and financial institutions should not be using Windows, Linux, or even FreeBSD servers: they should be using OpenBSD servers. Likewise for any website online trafficking in sensitive financial information and private information.

For websites that don't deal in such sensitive information, OS' that are less secure are acceptable, such as FreeBSD and various Linux' suitable for servers (Slackware, Debian, Gentoo).

For Desktop users, security isn't as paramount. However, it is still important, especially if you store any sensitive information on your computer. Some people store their private financial information on their computers. This is why Windows creates problems. Other Windows security problems are just obvious: the plethora of virus', exploits, worms, etc etc etc. These are areas where Linux is better (if not misconfigured so as to be insecure). The reason for Linux and not OpenBSD is because computer's are not an end in themselves. They exist to do certain functions; many of the daily things which people want to do on their computers just aren't possible to do on OpenBSD, or are a real pain, but are possible to do in Linux.

Stating people should use Windows, MacOS, Linux, or xBSD is over-general. Do you know precisely what every users' needs/desires are? No. Then how can you possibly say what OS they should use? The answer is you can't.

Of course, I haven't really responded to your question "if security's such a BFD, why isn't BSD more popular around here?" The answer is that security isn't considered paramount, above all else. If you wanted to be completely secure with your computer, you could unplug it from the internet and never plug it back in, and lock it up in a vault-room, with finger-print protection. People here probably consider other things important as well...

Re:different solutions for different problems

Thanks for the tip Theo.

Code audits are a natural process, and if you're bragging about them then you're not yet out of kindergarden.

Linux has more professionals working on the code, and more eyes per line of source code.

The security features in most modern Linux distros (see for example PaX and SELinux) meet or exceed that which is available in OpenBSD.

Re:different solutions for different problems

Here's reality, cocksucker: Once you configure an OpenBSD system to do anything more useful than routing packets, it's not substantially more secure than any other Unix system. But it is much slower and has worse hardware support.

Mod this down, but OpenBSD had basically niched itself into "pointless", and developer egos & politics have rendered it incapable of even keeping up with the trailing edge of operating system development. The problem here is that it's NOT dying, but should be.

Re:different solutions for different problems

Actually, you are completely wrong. OpenBSD's performance is on par with netbsd, linux and freebsd 4 (freebsd 5 is still noticably slower than the others), benchmark it for yourself.

And openbsd is more secure than another OS doing the same job, wether it be serving webpages or whatever. Apart from code audits, theres stuff like removal of most setuid root apps, priviledge seperation in everything from syslogd to tcpdump, W^X, propolice, non-executable stack and heap, malloc and mmap randomization, stricter malloc/free checking than shit like glibc, strlcpy/strlcat and friends that glibc are too dense to add, swap encryption, and I am probably forgetting stuff.

To sum up, you are a moron, don't spew bullshit without learning the facts.

Re:different solutions for different problems

Too bad those aren't in any modern distros, and are limited about what they protect. Instead of fixing apps that cause problems with their security measures, they simply disable them. Hell, PaX breaks damn near any useful app you would want to run, so wtf is the point of it?

Re:different solutions for different problems

Banks and financial institutions should not be using Windows, Linux, or even FreeBSD servers: they should be using OpenBSD servers.

I know of two banks using OpenBSD for perimeter firewalls.

They are just the ones I know, there's bound to be plenty more OpenBSD in important places. But then, there is also lots of crap in important places.

Newbie trouble with OpenBSD

I have recently installed some new software on my OpenBSD computer but I have some questions. One thing it is apparently doing is detecting bad "scripts" on web pages and asks me if I want to debug them.

The question I have is "what exactly is scripting" and "debugging" and how I am supposed to debug? Can someone with some techno experience explain what is scripting, coding, etc...Also, what is a "RunTime Error". The exact line that pops up says: "A runtime error has occurred. Do you wish to debug? Line:52 Error 'null' is null or not an object" What does this mean? TIA.

Re:Newbie trouble with OpenBSD

[Gilk180]

Sounds like it's not the server, but the browser. Some javascript in a page is upsetting it.

More info would be helpful, unless of course this is a joke I'm not getting.

Re:Newbie trouble with OpenBSD

This problem can be avoided by just not going to any pages which end in ".php". That way you can ensure that the pages were crafted by professional programmers and nobody will try to exploit your uber-secure OpenBSD Javascript debugger.

Dealing with Loss

Poor thing, of course you mourn the demise of OpenBSD. It's only natural. Dealing with the death of an operating system close to you can be one of the most traumatic experiences of your life, and you're bound to go through a range of emotions. While you may be able to work through those feelings on your own, it's often helpful to talk to a friend, a family member, or a counselor. You might also seek out a support group for people who are grieving.

Grieving is a process, and it's totally normal to go through feelings of shock, sadness, anger even guilt. The healing process is different for everyone. It might take you six weeks to move on, or it might take you six years. Don't beat yourself up because you're not "over it" yet. It takes time to heal wounds.

So what else can you do to feel better? It might sound corny, but try writing a letter, making a collage, or planting a tree in memory of the operating system you've lost. Remembering and celebrating all the good things *BSD brought to your life might help give you some closure, and having a keepsake to honor *BSD may help you get through some tough times in the future when you'll be missing it.

It's true that life won't be the same without *BSD around. It may seem like you'll never feel better, but eventually you will. Take some comfort in the old saying, "Time heals all wounds," and remember that *BSD will always be with you in your heart.

14 Words

"We must secure the existence of our people and a future for White children."

-- David Lane

Most Secure OS?

[AKnightCowboy]

While not afraid to point out OpenBSD's shortcomings as a desktop OS, it's still a good tour of possibly the most secure OS.

Hardly. OpenBSD is a hobbiest's toy compared to some of the real secure operating system out there. OpenBSD doesn't even have mandatory access controls. How can you call something "the most secure OS" when there is still a concept of a root user that has access to the entire system?

Anyway, it is a nice general purpose operating system and is *very* secure compared to others like Linux, Windows and FreeBSD, but it's certainly not that secure compared to real operating systems designed to be secure from the ground up.

Re:Most Secure OS?

[swamp+boy]

Could you provide examples of "real operating systems designed to be secure from the ground up"? I'd like to know.

Re:Most Secure OS?

How can you call something "the most secure OS" when there is still a concept of a root user that has access to the entire system?

How can you secure, and be sure something is secure if the system can deny you from making sure it is so? Isn't that sort of a catch 22?

Re:Most Secure OS?

[burns210]

"real secure operating system"

What would you consider to fall into this category.

PS: Mac, and I believe Linux with the NSA patches(maybe, not?!) gets rid of the 'root' concept, and just uses sudo/su for doing former root-only tasks... Very good design, in my opinion.

Re:Most Secure OS?

[c13v3rm0nk3y]

How can you call something "the most secure OS" when there is still a concept of a root user that has access to the entire system?

Well, my understanding is that the most common exploits are simply bugs in userland and kernel code.

Even if one of these exploits leads to a remote or local privilege escalation, arguably it is the original exploit that is the real problem, since it led to the privilege escalation in the first place.

Furthermore, there is a fair amount of work being done to place all daemons on OpenBSD in a chroot jail, basically making running things like a mail server or http server no less secure than running without, which is a huge win for admins.

So, all that ACLs might give you is protection against local privilege escalation from the shell, which is nothing to sneeze at in principle; though the OBSD developers have been quick to suggest ACLs as offering minimal protection for the work involved. The consensus seems to be that there is more important work to be done elsewhere, like ensuring that a non-priv process isn't elevated to root. Though, this has not stopped others from thinking about this.

I'm also interested in what other altenatives you consider more secure, and if those alternatives are free-as-in-speech such that I can use it for a simple edge box for my internal network. I'm curious what other people are using.

Re:Most Secure OS?

[AKnightCowboy]

Could you provide examples of "real operating systems designed to be secure from the ground up"? I'd like to know.

Trusted Solaris from Sun and SecureOS from Secure Computing used in their Sidewinder firewall are just two off the top of my head.

It doesn't necessarily need to be commercial either since there's TrustedBSD for instance. I guess I shouldn't say "designed from scratch" since many of them build on original BSD or System V code as a starting point, but there are certainly MAC based systems built from scratch out there.. probably custom jobs unavailable to us outside the government, but they're out there.

Again, I'm not saying OpenBSD is insecure, far from it. OpenBSD is probably the most secure operating system you'll get without introducing complicated mandatory access controls (type enforcement, RBAC, whatever you want to call it), but we shouldn't kid ourselves by saying that it's as secure as other operating systems available.

Re:Most Secure OS?

And what exactly makes you think that root is a bad thing to have on a system?

One should not use it for daily use, but it makes sense to have root for managing the system.

I don't see how having a root account suddenly lessen the security of a system, programmes don't run as root, people don't run as root unless they need to do change the configuration of the system. Programmes are chrooted into their own areas running as their own users and users are either trusted or chrooted into their own areas.

Stuff like stack protection, chrooting and running as it's own user make things on OpenBSD a cry better than a FreeBSD experimental branch that is nolonger being done.

Re:Most Secure OS?

You are confusing access control and security. OpenBSD is a unix OS, part of that entails having a root super user. Its not designed to be an access/permission based system. Its my system, I get access to it all, that's one of the fundamental concepts of unix. This has nothing to do with security, only to do with management of user permissions and rights. Security is preventing unauthorized access, not fine-grained access control.

Re:Most Secure OS?

[holysin]

Having one user (root) with the ability to do anything (s)he wants to the system is a security fault if only because it means *1* password will allow a person unfiltered access to your system. (there's more downsides, but it's almost 2:30 in the morning, and I'm farging tired) That's a single point of failure, which is not a great thing in the real world. It is to me, tolerable, but it is still a security fault.

Re:Most Secure OS?

[Nimrangul]

Yet you first need to be using a user that is in the wheel group to make use of this *1* password, if the user you are already logged in as is not in wheel you cannot become root. So instead it is that you need *2* passwords and that *1* of them must be to a user with specific permisssions.

Even then, you need to know the name of the first user that is in wheel before you can get in and try to become root.

I am not seeing a security problem, because it is not a single point of failure as you describe.

Re:Most Secure OS?

[tiger99]

Yes, and some methods of security can turn into unmitigated disasters when something goes wrong and you dont have a root capability to get access to fix it. It is always necessary to balance security against reliability and maintainability, and ideally maximise them all, a tall order with present-day technology.

Re:Most Secure OS?

[holysin]

My mistake (considering the time, that's hardly surprising) I meant you just need physical access (not hard) + 1 password for most locations, or on the other hand one good exploit.

That's one point of failure. Also of course "good" exploits on *nix tend to give the user root access, without a root to be given access to, there's not as much of a problem.

A third possible security situation with root would be if you work with the government, or for *SOME* banks that do not like the idea of a superuser. For some situations they do *NOT* want any one person to have access to everything, to them that's a security issue. Usually this only involves secret/top-secret or higher clearance, and will not be found in the "real world", but it's still a valid security point. Of course, you'll note I was just explaining some reasons why the previous user said it was a security problem...

Re:Most Secure OS?

[Nimrangul]

As we were discussing OpenBSD in this article, the good exploit you refer to is a buffer overflow, I will point out that such buffer overflows don't work on OpenBSD. They just kill the daemon off. That's what the stack protection in OpenBSD is for.

Re:Most Secure OS?

[sydsavage]

A properly secured system would only allow root to log in from the console, and physical security should prevent the malicious user from gaining console access.

Delegating administrative privileges can be controlled with extremely fine granularity using sudo, as this excellent series of articles point out.

Here is a relevant quote from the first article:
Once you have sudo configured correctly, you can change the root password and not give it to anyone. Nobody should need the root password if they have the correct sudo permissions, after all! Reducing the number of people who have the root password can help improve security.

Re:Most Secure OS?

[kiltedtaco]

A very Gödelian problem.

Re:Most Secure OS?

[aluser]

Furthermore, there is a fair amount of work being done to place all daemons on OpenBSD in a chroot jail, basically making running things like a mail server or http server no less secure than running without

From the chroot(2) man page (okay, this is on debian but the same applies to obsd):

Note that this call does not change the current working directory, so that `.' can be outside the tree rooted at `/'. In particular, the super-user can escape from a `chroot jail' by doing `mkdir foo; chroot foo; cd ..'.

So if you've got an exploit for a chrooted daemon plus an exploit for a kernel bug, you can get root and break out of the jail. Thus, if you don't have untrusted local users on the system, adding more chrooted daemons does endanger your security a bit. Not to mention that even if it couldn't break out of the jail, root can send signals to whatever processes it wants or halt the system.

Re:Most Secure OS?

[endx7]

PS: Mac, and I believe Linux with the NSA patches(maybe, not?!) gets rid of the 'root' concept, and just uses sudo/su for doing former root-only tasks... Very good design, in my opinion.

root never really goes away. su and sudo work by switching to user id 0, which is the user id of root. What you can do however, is remove root from existing as a user. The kernel/whatnot still grants specials priviledges to user id 0, but you can't actually login or use any user with that id because root doesn't exist now! (I suppose this might have been what you were saying...)

Actually, you can't have su without a root user anyway, since su needs to authenticate you as user, such as root.

sudo can be a bad too, like if you are using ssh. Many systems have ssh deny remote login of root by default. This means you need a user password (often this user needs to be wheel which is gid 0) + the root password to su to root as. Two different passwords are harder to acquire than one is.

Although, I'll admit here and now that I use normally sudo.

Re:Most Secure OS?

Try OpenVMS, formerly from DEC, now from HP. It even runs on Itanium, or will Real Soon Now (tm). As I recall, it won a Capture the Flag at a DefCon to the extent that it's not welcome back.

Re:Most Secure OS?

this is only possible if you are running as root. on openbsd, the chrooted daemons drop their privileges.

automatic package dependencies

[straycheck]

It's not true that OpenBSD does not support network installation of packages with automatic dependency handling.

Try this (assuming a Bourne-style shell):

PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/3.5/pac kages/i386/
export PKG_PATH
pkg_add p5-DBD-mysql-2.90.03

All dependencies are discovered, downloaded, and installed as necessary. The only real downside is that you need to know the version of the package.

Check pkg_add(1) for the details.

Re:automatic package dependencies

[tiger99]

True, but all the BSDs and for that matter Linux urgently need a package management system that works, and what is more can be made to work over a modem link with 2 hour time limit. Neither Xandros nor SuSE have had the decency to respond to bug reports about this from a paying customer, it is not possible in Fedora either (some packages like the kernel tend to be upwards of 130MB), and while most of the world still has to use modems, security patches can simply not be applied.

Time for a well thought out system (not RPM!) that can work with data in small chunks, and control redialling etc, as well as doing source patching to reduce the amount of download needed each time. Mostly, BSD does this, with each package having its own makefile etc. But a decent user interface is, for now, sadly lacking. The download issue should be fixable by basing it around wget or one of the variants, curl and so on. The user interface needs to show, both in GUI and text mode, a list of what is installed, with upgrade options available (such as YaST tries to do), so the average user, or the experienced user with little time to mess about, only has to rattle a few keys or click the mouse a couple of times, not mess about wasting time typing in great long package names and version strings in a plethora of formats.......

Someone please fix it!

Developer laments What Killed FreeBSD

The End of FreeBSD

[ed. note: in the following text, former FreeBSD developer Mike Smith gives his reasons for abandoning FreeBSD]

When I stood for election to the FreeBSD core team nearly two years ago, many of you will recall that it was after a long series of debates during which I maintained that too much organisation, too many rules and too much formality would be a bad thing for the project.

Today, as I read the latest discussions on the future of the FreeBSD project, I see the same problem; a few new faces and many of the old going over the same tired arguments and suggesting variations on the same worthless schemes. Frankly I'm sick of it.

FreeBSD used to be fun. It used to be about doing things the right way. It used to be something that you could sink your teeth into when the mundane chores of programming for a living got you down. It was something cool and exciting; a way to spend your spare time on an endeavour you loved that was at the same time wholesome and worthwhile.

It's not anymore. It's about bylaws and committees and reports and milestones, telling others what to do and doing what you're told. It's about who can rant the longest or shout the loudest or mislead the most people into a bloc in order to legitimise doing what they think is best. Individuals notwithstanding, the project as a whole has lost track of where it's going, and has instead become obsessed with process and mechanics.

So I'm leaving core. I don't want to feel like I should be "doing something" about a project that has lost interest in having something done for it. I don't have the energy to fight what has clearly become a losing battle; I have a life to live and a job to keep, and I won't achieve any of the goals I personally consider worthwhile if I remain obligated to care for the project.

Discussion

I'm sure that I've offended some people already; I'm sure that by the time I'm done here, I'll have offended more. If you feel a need to play to the crowd in your replies rather than make a sincere effort to address the problems I'm discussing here, please do us the courtesy of playing your politics openly.

From a technical perspective, the project faces a set of challenges that significantly outstrips our ability to deliver. Some of the resources that we need to address these challenges are tied up in the fruitless metadiscussions that have raged since we made the mistake of electing officers. Others have left in disgust, or been driven out by the culture of abuse and distraction that has grown up since then. More may well remain available to recruitment, but while the project is busy infighting our chances for successful outreach are sorely diminished.

There's no simple solution to this. For the project to move forward, one or the other of the warring philosophies must win out; either the project returns to its laid-back roots and gets on with the work, or it transforms into a super-organised engineering project and executes a brilliant plan to deliver what, ultimately, we all know we want.

Whatever path is chosen, whatever balance is struck, the choosing and the striking are the important parts. The current indecision and endless conflict are incompatible with any sort of progress.

Trying to dissect the above is far beyond the scope of any parting shot, no matter how distended. All I can really ask of you all is to let go of the minutiae for a moment and take a look at the big picture. What is the ultimate goal here? How can we get there with as little overhead as possible? How would you like to be treated by your fellow travellers?

Shouts

To the Slashdot "BSD is dying" crowd - big deal. Death is part of the cycle; take a look at your soft, pallid bodies and consider that right this very moment, parts of you are dying. See? It's not so bad.

To the bulk of the FreeBSD committerbase and the developer community at large - keep your eyes on the real goals. It's when

Re:Developer laments What Killed FreeBSD

Good News Everyone!
Mike Smith now works for Apple, who's OS is based on BSD.
Check it out: www.lemis.com/~grog/msmr.html
and at: daemonnews, under "BSD at Apple"
He didn't like the direction that v5 was taking so he quit and starting writing BSD code for Apple.

Alligator Attack Woman Dies In Surgery

FORT MYERS, Fla. -- A woman who was mauled by an alligator died Friday in surgery to treat an infection caused by the animal's vicious bites.

Janie Melsek, 54, died at Lee Memorial Hospital. Doctors said her body simply shut down in response to the infection.

"My mom showed more courage than fear and I could not be more proud of her," said Melsek's daughter, Joy Williams, 29. "She's just absolutely amazed me and our whole community with the fight she put up."

Melsek was attacked Wednesday by a 12-foot, 457-pound alligator as she worked on landscaping behind a home on Sanibel Island. The alligator dragged her into a pond, tearing at her right arm so severely that part of it was later amputated.

A neighbors who heard her screams was joined by police officers to save her from the reptile's jaws in what was described as a fierce "tug-of-war." Police killed the alligator, which was so large it took six men to lift it to shore.

Since 1973, there have been 13 fatal alligator attacks in Florida. In related news, sharks were seen near Vero Beach feeding on the corpse of *BSD.

Point/Counter-Point

Yet another sickening blow has struck what's left of the *BSD community, as a soon-to-be-released report by the independent Commision for Technology Management (CTM) after a year-long study has concluded: *BSD is already dead. Here are some of the commission's findings:

Fact: servers running OpenBSD, which claims to focus on security, are frequently compromised. According to Jim Markham, editor of the online security forum SecurityWatch, the few OpenBSD servers that exist on the internet have become a joke among the hacker community. "They make a game out of it," he says. "(OpenBSD leader) Theo [de Raadt] will scramble to make a new patch to fix one problem, and they've already compromised a bunch of boxes with a different exploit."

Fact: the *BSDs have balkanized yet again. There are now no less than twelve separate, competing *BSD projects, each of which has introduced fundamental incompatibilities with the other *BSDs, and frequently with Unix standards. Average number of developers in each project: fewer than five. Average number of users per project: there are no definitive numbers, but reports show that all projects are on the decline.

Fact: X.org will not include support *BSD. The newly formed group believes that the *BSDs have strayed too far from Unix standards and have become too difficult to support along with Linux and Solaris x86. "It's too much trouble," said one anonymous developer. "If they want to make their own standards, let them doing the porting for us."

Fact: DragonflyBSD, yet another offshoot of the beleaguered FreeBSD "project", is already collapsing under the weight of internal power struggles and in-fighting. "They haven't done a single decent release," notes Mark Baron, an industry watcher and columnist. "Their mailing lists read like an online version of a Jerry Springer episode, complete with food fights, swearing, name-calling, and chair-throwing." Netcraft reports that DragonflyBSD is run on exactly 0% of internet servers.

Fact: There are almost no FreeBSD developers left, and its use, according to Netcraft, is down to a sadly crippled .005% of internet servers. A recent attempt at a face-to-face summit in Boulder, Colorado culminated in an out-and-out fistfight between core developers, reportedly over code commenting formats (tabs vs. spaces). Hotel security guards broke up the melee and banned the participants from the hotel. Two of the developers were hospitalized, and one continues to have his jaw wired shut.

Fact: NetBSD, which claims to focus on portability (whatever that is supposed to mean), is slow, and cannot take advantage of multiple CPUs. "That about drove the last nail in the coffin for BSD use here," said Michael Curry, CTO of Amazon.com. "We took our NetBSD boxes out to the backyard and shot them in the head. We're much happier running Linux."

Fact: *BSD has no support from the media. Number of Linux magazines available at bookstores: 5 (Linux Journal, Linux World, Linux Developer, Linux Format, Linux User). Number of available *BSD magazines: 0. Current count of Linux-oriented technical books: 1071. Current count of *BSD books: 6.

Fact: Many user-level applications will no longer work under *BSD, and no one is working to change this. The GIMP, a Photoshop-like application, has not worked at all under *BSD since version 1.1 (sorry, too much trouble for such a small base, developers have said). OpenOffice, a Microsoft Office clone, has never worked under *BSD and never will. ("Why would we bother?" said developer Steven Andrews, an OpenOffice team lead.)

With these incontroverible facts staring (what's left of) the *BSD community in the face, they can only draw one conclusion: *BSD is already dead.

Re:Point/Counter-Point

Good News Everyone!
Fact: There is no man by the name "Jim Markham" at SecurityWatch
Fact: There are 307 FreeBSD developers. And there never was a fistfight
Fact: X.org does in fact support all of the BSDs
Fact: Michael Curry doesn't even know what netbsd is
Fact: There are over 35 BSD books
Fact: Gimp has always worked on all BSDs and always will.
Fact: OpenBSD has had the fewest security holes of all OS's
Fact: Truth is not relative

The Wisdom of DeForest Kelley

It's dead, Jim.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Hello World

Hello