Slashdot Mirror
OpenBSD 3.6 Live
An anonymous reader writes "There is a mounting excitement for the upcoming OpenBSD 3.6 release, as it is the first release that supports multiprocessor systems. To celebrate the event, ONLamp.com published an interview with several developers to discuss new features, tools, and future plans."
There has been so much development in all the BSD's, and a new BSD system (DragonFlyBSD) coming out, how can anyone say *BSD is dead? The OpenBSD community has even pushed some vendors to release firmware for various hardware in a more open source way. If a "dead" community can convince hardware vendors to do that, then why isn't the Linux community doing more to make vendors release more firmware/docs in an open way.
Well if you have enough to spare one, I'm sure a developer could use a multiproc sun box, check their wanted hardware list about donating one to further smp for sun.
Apache on OpenBSD always had a lot of security-related patches compared to the regular Apache (chroot for example), but it seems that Apache on OpenBSD can now be considered a real fork:
JP
I have never seen so much credible info from so many of the OpenBSD developers! I understand now a little more how they approach things. I wish I could read a similar article on the others, to see how FreeBSD and NetBSD and DragonflyBSD compare. Hopefully Oreilly will see the uptick in web hits and keep it up, with some more interview type articles.
There is a storm brewing over at the OpenBSD Journal web site at http://undeadly.org over including binary blob files in the kernel for the fariuos wireless cards. I have to agree with the premise: You vendors put your binary firmware files on all the CDs you sell with your wireless cardss, so if anyone wanted to reverse engineer yoru stuff, they just have to buy the card and they get the binary file. OpenBSD just wants to put same file in their distribution so if you plug your wireless card into an OpenBSD system it will get recognized and used. Sounds simple enough to me. The other approach is to somehow download the file (freely available on sourceforge or from the vendor, or the CD that came with your little card..) That makes it so much more involved for installing.
The short version: Some companies see the light and are cooperating, others, notably Texas Instruments http://www.ti.com have been strangely silent. Fasten your seat belts, fellow puffys.
The official release has just happened. Here are the official announcement, the undeadly.org thread and a torrent for the i386 binaries (149MB, matching MD5 which might beat some of the mirrors). Cheers ;)
OpenBSD showed me, security-wise, how crufty and cobbled Linux is. IPtables? Are you kidding? pf rolls it up and smokes it.
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
The other BSDs have security levels. OpenBSD has a lot of things they don't, still, a large part of which is that it randomizes practically everything, making it very difficult for even a local attacker to know what the kernel is going to do next. They also yank out any external software that isn't getting properly treated against exploits, so their base package is still as firm as possible, and even ports are treated with great care.
In practice, FreeBSD and NetBSD are about as hard to exploit remotely, but they don't take care of every possible exploit, so in theory there are still some holes. NetBSD is still a lot faster than OpenBSD (unless some miracle happened and I missed it) so a 'real world' server might benefit more, but for a stronghold of impenetrable security that doesn't need every last drop of performance, OpenBSD is the choice.
Linux is nowhere near any of this. The code is sloppy and dirty (no, nobody can argue this, don't even try, just go read some yourself) and few distributions actually take security seriously. It does happen to perform better in many synthetic tests, and definitely on SMP, but the difference for most cases is so minimal that it's hard to understand why anyone would run Linux on a server and not a BSD.
I put it down to hype. Business love to advertise their adoption of Linux and their entrance into open-source, because that's what customers want to hear, especially Linux zealots. The businesses (hell, even governments now) certainly aren't scientific about it, using an "operating system" (I still call Linux a kernel, up to you) mashed together from seemingly infinite and inconsistent projects and parents'-basement-developed hacks. The source shows this, hell even configuration shows this, but they seem to be okay with this so long as it sounds good. Or, and I wouldn't be surprised, they've never heard of BSD.
Sam ty sig.
If I combine the core teams, even the security teams of all the flavors COMBINED, we'll have a hard time finding programmers with stable jobs, let alone an advanced degree in the area or an industrial lab support. I know I sound quite rude, but I am trying to illustrate my point. Just check out the bios.
I'm going to be brutally honest with you, and I hope that this advice helps you in the future: people who have sex with animals shouldn't point out other's foibles. That's not to say that you put peanutbutter on your dick and have the dog lick it off; it's just something that I think you should consider before posting. Because while people who have sex with animals (and I'm not saying that you do) aren't necessarily "bad" people, they tend to have warped perceptions, perhaps without even being aware of it. So, while I'm not saying that you like taking it up the ass from your cockerspaniel "Checkers," while jerking your meat to "she-male" anthropomorphic penguin pictures, I AM saying that you should consider these things, and your current state of affairs before posting, as you may (or may not) be unaware of your warped views.
In closing, I know that this may seem harsh, or rude, or even arousing to you right now, but I'm just trying to illustrate my point.