Slashdot Mirror
OpenBSD 4.0 Pre-orders are Available
fuzzyping1 writes "Pre-orders for OpenBSD 4.0 are now available in the online store. Five architectures on three CDs in a soft-shell DVD case. Check out the highlights of OpenBSD 4.0. This new release includes support for many new wireless chipsets, the UltraSPARC III platform, a new load-balancing feature for network trunks, and much, much more."
OpenBSD 4.0 is the beginning of the end... :)
Arash Partow's Philosophy: Be a person who knows what they don't know, and not a person who doesn't know.
50$ or 50euros is not the same thing
50euros is 63.57 USD so why does it cost more in Europe ?
OpenBSD has heard the voice of the people, and its screaming for FREE STICKERS!!!
...and the site has already been hacked by some script kiddie. How lame!
please excuse my apathy
Complete with four changes specifically for the VAX architecture. I myself have one or two alphas but why put so much effort into (for example) getting X11 to run on VAX? Its not as if anybody is going to run Gnome or anything. The vax is (probably) equivalent to a 386.
http://michaelsmith.id.au
One thing that bothers me about hardware RAID support in linux is the lack of a single set of management/monitoring tools that will work with every driver. With OpenBSD 4 you can just use sensord.
OpenBSD doesn't have quite the hardware coverage Linux does in this area, but who wants to use stuff like aacraid anyway when you have to troll the net for closed-source Dell tools to check your array status?
Anyway, thanks again, OpenBSD team. Good work.
Hands in my pocket
I'm waiting for the edition with the genuine Corinthian leather DVD case.
They like to get a bunch of preorders so the guy burning the DVD's knows whether to go buy a 50 DVD spindle or a 100 DVD spindle.
GNU RCS has been replaced with OpenRCS.
Interesting. the GNU RCS code is kind of an ugly mess (one reason it's stagnated, one reason it's had so many vulnerabilities). For local stuff, RCS is nice and simple, but I don't know why anyone would use CVS when much better alternatives now exist.
Do you even lift?
These aren't the 'roids you're looking for.
Not bad but I would have preferred a single DVD. DVD drives are now so cheap that there's no longer any reason to offer CDs. Plus the shipping costs can be lower.
Why isn't the BSD section no longer listed on the left hand Sections menu? The Slashdot bias against BSD has gone on far too long. Editors, bring back the BSD section!
In Soviet Russia, articles before post read *you*!
$10 says it gets more pre-orders than Vista and the PS3 combined. Any takers? No? aww :(
Is it just me or is it not going to upgrade to Vista in here?
Where's the new song?! (http://openbsd.org/lyrics.html) Usually it comes out before the new release, and I only have an OBSD 3.6 server which I never plan to have to upgrade, so an update to me means a new fun song!
Sometimes you've gotta roll the hard six.
Wow. Seriously, wow. That MUST be deliberately misleading.
The BSD licence means that the authors can't, even if they wanted to, withhold security patches from you and nobody else. You can just get the patch from someone else who has it.
Furthermore, OpenBSD asking for donations is no difference from Mozilla getting donation, OpenOffice getting corporate support or MySQL having a corporate company employing its development team. In fact OpenBSD's model is probably less influenced by profit agenda than all of the abovementioned projects.
What's more, they manage to keep up with OpenBSD's reputation of begin perhaps the most secure operating system available to consumers, bar none. And all this in their spare time, putting up with FUD like what you've just spouted, and not getting half the recognition they deserve. If you ask me, they are the knights of the open source world. Or something.
I hate printers.
...them corinthian folks are getting mighty T-eed off over being harvested for leather all the time...
I appear to have ventured into a parallel universe. Thus far, the most startling difference has been that people here appear to try to sell open source software, rather than making it available for free. I intend to document these differences as they come up, in the hopes of further study when (if ever) I return home.
Since the best retort you can come up with is 'lol retards' I'm going to assume that OpenBSD retains its' technically inferior posistion in the OS field.
Seriously, why bother with OpenBSD anymore when there's such a push towards Linux uptake?
BSD has about as much relevance in modern times as running an Amiga; relics of the past.
(Posted AC because KCG will kill me otherwise)
From the description it sounds like an extended version of 802.3ad standard, which is great. But under "trunk" most network admins imagine interface that tags VLANs as per 802.1q. Great feature nevetheless.
there is no issue with my network
Nope, he's right. This tells the sad story of OpenBsd very well. http://bulk.fefe.de/scalability/
Actually, if the developers write a bug fix, they can withhold security patches from you. The BSD license gives them the power to distribute patched software in any way they please. This means they could fix a bug and decide to relicense the fixed release in whatever way they see fit, even as closed source proprietary binary blob. In general the BSD license lets people do with the software whatever they please. In the case of GNU/Linux, if any group distributed a patch to any of the GPL software included then they would be forced to release their code under the GPL(because it would be considered a derivative work) and therefore have no real control over distribution. I am not familiar with what the OpenBSD people do, although it seems they have a firm commitment to open source software, but I did want to point out what the BSD license actually gives you the right to do. Some people see BSD style licenses as more open source than the GPL because it allows more freedom, but, because it allows almost complete freedom, many people don't like it because that means nobody is obligated to give anything back.
OpenBSD may very well drag ass in performance, but to cite something last updated in Nov 3 2003 with OBSD v3.4 is hilarious (and wrong)
Also, the orders may be slow to ship. The Taiyo Yuden media is on backorder, so the DVDs have to be burned at 4x.
I guess all that effort clearing out incompatible licenses were for naught, then.
and
Right, it's Free Software.
One's copyleft, the other's permissive. Being held to an obligation seems a whole lot more different than just letting people contribute at thier own whims, but that's just me...
Given OpenBSD's track record of performing 'audits' instead of adding features or optimising algorhythms, the sad truth is that in the main it's doubtful that 4.0 is signifigantly any different or more apt to perform any better than 3.4
replacing a traditional system call here with one you wrote yourself there does not innovation make, neither does re-inventing the wheel (especially when you reinvent it poorly!)
Anyone outside the US / Canana know how much to send the CDs? The website doesn't say - and this is even right up to supplying your CC information.....
I would prefer to know.. even a rough guide how much.... because I've seen cases (on other sites) were the shipping costs outweighs the cost of the product!
OpenBSD got a real boost in performance at spring 2005 Hackathon, when a subtle bug in the virtual memory code was found and corrected.
-- "At Microsoft, quality is job 1.1" -- PC Magazine, Nov. 1994
The free shell folks at sdf.LoneStar.org once had somebody
break through their Linux security (years ago already), so
they went to NetBSD, I think (from memory).
They might have something to say about Linux -vs- [Net]BSD
I would love to use OpenBSD for more things, but I can't until I have a solid way to run Java apps on it. gcj is promising, but it won't run my real-world Java apps that I need, like NetBeans and JBoss. Likewise for Apache Harmony, Kaffe, and all the others. I'm hoping that Sun will come through with its promise to open source Java, and that there could be a native-compiled Java 6 for OpenBSD, which would let me switch over to it. Any ideas on this?
Your history of SDF is correct, but this particular case does not prove that Linux is less secure than BSD. Depending on how you configure your system, either OS can be rock solid impenetrable, or more exploitable than an unpatched Windows98 box. Very few successful break ins are due to kernel flaws; usually the problem is an application bug, bad configuration, or incorrect policy. I also run a public shell service, and it too often comes under attempted exploit and DoS attacks. I've successfully managed to run it using Linux. I also run OpenBSD on another machine. Linux and BSD both have strong security as strengths, if you use them correctly. However, there is something to be said for OpenBSD's policy of "secure by default".
------ Take away the right to say fuck and you take away the right to say fuck the government.
Take a look at qpsmtpd:
http://smtpd.develooper.com/
OpenBSD fucking rocks. [period]
Why are they still shipping with gcc 2.9._? It would be nice if they would try out gcc 4._ sometime. That comes with a fairly usable gcj that would let us do some Java things in OpenBSD.
The OpenSSH improvments should help us all...
# OpenSSH 4.4:
* Conditional configuration in sshd_config(5) using the Match directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met.
* Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256.
* Added a ForceCommand directive to sshd_config(5), similar to the command="..." option in ~/.ssh/authorized_keys.
* Added a PermitOpen directive to sshd_config(5), similar to the permitopen="..." option in authorized_keys, to allow control over the port-forwardings that a user is allowed to establish.
* Added an ExitOnForwardFailure option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established.
* Added optional logging of transactions to sftp-server(8).
* ssh(1) will now record port numbers for hosts stored in ~/.ssh/authorized_keys when a non-standard port has been requested.
* Extended the sshd_config(5) "SubSystem" directive to allow the specification of commandline arguments.
* Many manpage fixes and improvements
...before using Asterix imagery: those people are pretty litigious.
I am a system administrator for a small-medium ISP. I setup an OpenBSD machine more than 2 years back as a firewall/router that sometimes even did load balancing. The only time it failed was... when the electricity went down.
As advertised.. it IS rock solid!
Can one use the USB version of aDSL modem/router FRITZ!Box Fon under OpenBSD 4.0? The hardware support pages at openbsd.org are not clear to me as to whether one can use this router (even post-installation) or not.
How about making a filesystems which supports file generations you damned "only one generation of a file shall exist at any point in time", unwashed hippies.
It's 2006 and we're stil stuck with the 1960s idea that you can only have one version of a file.
Bah.
No, this tells the story of OpenBSD 3.4, which is to say the OpenBSD that was out a full 3 years ago. If you don't have anything relevent to the real world, why make a comment like this?
I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
Good to see OpenBSD keeping its finger on the pulse with Apache 1.3.29 as part of the package. As I recall this isn't even an up-to-date 1.3.x
I can write a security patch for GPL'd software and release it under any license I like. I can make it as restrictive or permissive as I like, as I control it via copyright law. Since it's GPL software I couldn't distribute the patched result, but the patch itself is mine to control.
So, your point about BSD is true, but no more true than GPL code, and once the BSD developers release the resulting, patched code as BSD licensed code, anyone can redistribute it.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
Yes, like there have been vast architectural changes in the last 3 years. I would lay huge money that it's still a poor performer.
Why get so worked up about it? It's just software, a tool. Do you get really intense over which brand of 3/8 inch wrench you use?
You must be new to browsing at the -1 threshold.
Cunt-felching is strictly prohibited by the GNAA code of, err, "ethics", and is therefore a serious insult to many first-post trolls.
"OpenBSD is actually turning into a very usable OS"
OpenBSD has been the most usable unix for a good 8 years, arguably longer. Its not turning into, it always has been.
This is a very well known article (yep, it even drew a Slashdot discussion when first published). I am very curious though how much of it is still valid? Has anyone done any measurements on more recent OpenBSD releases or have there been any changes in OpenBSD intended to address some of the specific issues mentioned in the article?
First, gcc in ports/packages is gcc 4. Its gcc in base that is 3.x and 2.x. And its that was because gcc 4 is unusably slow, and gcc2 has to be used on architectures that gcc doesn't support anymore.
Second, those are not performance benchmarks, they are (horribly flawed) scalability benchmarks. You will notice he has hated openbsd since long before that, and designed his test intentionally to try to make it look bad. You will also notice that its very old, and actually a few fixes went in to solve the kernel panics right after that happened, and several performance and scalability improvements have gone in since then.
Try a real world benchmark some time. In a single CPU server, in a real world workload of apache (static files), apache+php, squid, sendmail, and postgresql, there was no difference between linux, solaris, freebsd, netbsd and openbsd. The only thing that did have a difference was mysql, which performed best on solaris, then linux/freebsd/netbsd, then openbsd. This indicates that openbsd's threading is/was a performance issue, and that solaris has very good threading performance. If you are using a thread heavy workload like mysql, you should probably use solaris, not openbsd.
My 3/8 inch wrench doesn't keep people out of my pornography collection, it doesn't prevent me from getting computer viri, it doesn't protect me from nasty little idiot script kitties playing around in their parent's basement. OpenBSD does that.
Throwing around bullshit stats that are entirely out of date about a particular brand of wrench would still be something to make someone displeased - if the old Mastercraft wrenches broke easily and were made of inferior steel compounds and it's been years and many changes including perhaps the material itself they are made of, the old statistics of how often the outside fork broke off are no longer valid to the current Mastercraft wrench.
I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
Apache changed their license. It is no longer acceptable. The only difference between apache 1.3.29 and newer 1.3.x releases are security fixes. That's why openbsd includes apache 1.3.29 + patches. Patches to fix those security problems, some of which openbsd had already fixed before apache, but apache refused to fix because the patches weren't portable to OS/2.
Is there still Installboot bug? I remember I could not run OS because it was below the 4GB line. Linux, FreeBSD and Windows did not have this bug.
There are several local root exploits in the linux kernel every year. Most years, there are 0 for openbsd. Which one is more suitable for a shell server or webserver where untrusted users can execute code?
Legally they are entitled to do whatever they want with BSD licenced code. Legally they could do binary releases (although the base system does contain GPL'd bits like gcc, so they couldn't do that for the whole thing)
However the important point is they won't . All of their source up-to-the-minute is available on anonymous CVS with public servers and many mirrors. Yeah, they tell people not to make copies of the CDs they sell. But (1) there are still third party ISOs available (2) you can build the binaries from publically available source and (3) you can download the binaries a month or two after the CVS gets tagged with the release version.
In other words, they do use releases as a fund raiser, but Open BSD is pretty, well, Open. As I understand it part of the reason for its very founding was that Theo felt other projects (NetBSD) were too stingy about allowing people to look at the CVS tree.
If you're talking about strlcpy() etc, you need to get your terminology straight. It's not a system call. Those are implemented by the kernel. It's a library function. Those are userland. These are different. Calling the nonintuitive interface of strncpy() "traditional" is also a joke.
And how is it "poor" replacement if you're just making it more intuitive, meaning passing sizeof(buf) instead of sizeof(buf)-1 and then setting the last byte to zero? strlcpy() does in 1 line what you'd need 2 for with strncpy().
Changing strncpy() calls is like zero work, too. Seriously, most of the work is just running a grep.
The real innovations out of OpenBSD lately, I think, have been drivers. If you were paying attention to OpenBSD development instead of complaining about strlcpy() maybe you'd see that too.
Myself working for an ISP, I use OpenBSD for my servers wherever possible. OpenBSD does much to soothe my paranoia about services running that I don't need. I know when I install OpenBSD that only the software I install will be showing to the outside world. Unfortunately, the Dell servers my boss buys will not work out of box with OpenBSD, and I'm too lazy to try to figure out what to do so it will. Seems that either the RAID or NIC driver is never there.
You are mixing a few things up. Badly.
(1) The OpenBSD project made a call for donations. Wikipedia does that once a year if my memory serves me right. The thing with the OpenBSD CFD just was, that they told some unpleasant truths. They reminded some companies that what they are doing is legally fine, but morally questionable. For example one large vendor (I think it was IBM, not sure) sells OpenSSH for real money and did so for years, charges even more money for support contracts, and then points customers to the OpenSSH project if they need support. That is a simple business truth, but only very few companies like to get headlines like that.
(2) Sun uses OpenSSH as base for their SunSSH and even hold conferences about it, but manage somehow to "forget" to invite OpenSSH developers to those events. Even after being asked for upfront. This and a few other things led to the fact that Sun does not get separate warnings/information when a critical bug in OpenSSH is found, as for example the ssh maintainers of the other BSD projects get. Sun has to find these things in the public cvs themselves. So OpenSSH is not withholding any security fixes, it is just not handing them on a silver plate to just about everyone.
The best way to support OpenBSD and its subprojects is still: employ a developer (if you are a company) or buy CDs (if you are a user). Or do both. And more.
How did this post get modded insightful? He completely missed the point of the parent: i.e. even if one company witholds a patch, someone else can still develop the patch separately and distribute it just the same. In order for all of this to be an issue,
1. A vulnerability exists that the general public is not aware of.
2. Somebody that produces a closed source proprietary derivative product is aware of this vulnerability, does not disclose it, and patches it.
3. Yet another person is aware of this vulnerability, and exploits it.
It would be extremely improbable that all these requirements are met, especially since the person in 2. is unlikely to receive any benefit for doing so, whereas they would receive plenty of recognition for exposing said vulnerability. Besides, if such a person or entity were to exist, they could just as easily omit the patch in their source while distributing patched binaries. Not to mention, OpenBSD has a better security track record than any other open or closed source operating system anyway, so it goes to show that the license is hardly any hindrance.
An BSD licensed project is not going to be adversely affected just because a closed proprietary derivative is produced. Development goes on whether somebody decides to fork it and not give any code back, or not use it at all.
http://astutehosting.com/
I used it in production for almost three years as a spam box. It ran at ~90% CPU utillization all that time an never had a problem....except for the time I accidentally did `postsuper -r ALL|postfix reload` instead of `postsuper -r ALL;postfix reload`. That gave me a kernel panic.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
What part of "You can just get the patch from someone else who has it" didn't you understand?
Don't blame me, I didn't vote for either of them!