Slashdot Mirror
OpenBSD 4.0 Pre-orders are Available
fuzzyping1 writes "Pre-orders for OpenBSD 4.0 are now available in the online store. Five architectures on three CDs in a soft-shell DVD case. Check out the highlights of OpenBSD 4.0. This new release includes support for many new wireless chipsets, the UltraSPARC III platform, a new load-balancing feature for network trunks, and much, much more."
OpenBSD is actually turning into a very usable OS. I find it funny when I hear criticism of OBSD, it usually comes from people that have never tried using it. If you have never tried OpenBSD I suggest you start here: http://www.openbsd101.com/ Then make your judgements.
50euros is 63.57 USD so why does it cost more in Europe ?
Laziness and fondness for round numbers... particularly those that are even multiples of 50.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
One thing that bothers me about hardware RAID support in linux is the lack of a single set of management/monitoring tools that will work with every driver. With OpenBSD 4 you can just use sensord.
OpenBSD doesn't have quite the hardware coverage Linux does in this area, but who wants to use stuff like aacraid anyway when you have to troll the net for closed-source Dell tools to check your array status?
Anyway, thanks again, OpenBSD team. Good work.
Hands in my pocket
I love it, I use it whenever I can and whenever it makes sense.
Arash Partow's Philosophy: Be a person who knows what they don't know, and not a person who doesn't know.
I'm waiting for the edition with the genuine Corinthian leather DVD case.
Interesting. Though you have to admit, it has made more and more sense over the last few years.
They like to get a bunch of preorders so the guy burning the DVD's knows whether to go buy a 50 DVD spindle or a 100 DVD spindle.
GNU RCS has been replaced with OpenRCS.
Interesting. the GNU RCS code is kind of an ugly mess (one reason it's stagnated, one reason it's had so many vulnerabilities). For local stuff, RCS is nice and simple, but I don't know why anyone would use CVS when much better alternatives now exist.
Do you even lift?
These aren't the 'roids you're looking for.
Why isn't the BSD section no longer listed on the left hand Sections menu? The Slashdot bias against BSD has gone on far too long. Editors, bring back the BSD section!
In Soviet Russia, articles before post read *you*!
My guess? The people who actually have VAX machines and care about them, made the changes. Not some guy who has one or two alphas.
Lots of other folks wrote new bits that work fine on x86, etc. It's not like the VAX updates were the only ones made. Why complain about people writing additional features for machines they use just because you don't use them?
Not every architecture they support can take a DVD drive. Also, can you imagine trying to get a single DVD that is bootable on PPC, i386/amd64, and sparc/sparc64? A lot of us run OBSD on Sun gear.
Where's the new song?! (http://openbsd.org/lyrics.html) Usually it comes out before the new release, and I only have an OBSD 3.6 server which I never plan to have to upgrade, so an update to me means a new fun song!
Sometimes you've gotta roll the hard six.
Wow. Seriously, wow. That MUST be deliberately misleading.
The BSD licence means that the authors can't, even if they wanted to, withhold security patches from you and nobody else. You can just get the patch from someone else who has it.
Furthermore, OpenBSD asking for donations is no difference from Mozilla getting donation, OpenOffice getting corporate support or MySQL having a corporate company employing its development team. In fact OpenBSD's model is probably less influenced by profit agenda than all of the abovementioned projects.
What's more, they manage to keep up with OpenBSD's reputation of begin perhaps the most secure operating system available to consumers, bar none. And all this in their spare time, putting up with FUD like what you've just spouted, and not getting half the recognition they deserve. If you ask me, they are the knights of the open source world. Or something.
I hate printers.
That's ok - it's not uncommon that software is priced cheaper in third-world countries.
From the description it sounds like an extended version of 802.3ad standard, which is great. But under "trunk" most network admins imagine interface that tags VLANs as per 802.1q. Great feature nevetheless.
there is no issue with my network
Aside from the joy of it for those that are so inclined, the main reason for working on other architectures is because it often brings to light subtle errors in code--particularly in the compiler--because of the differences in the hardware's instructions and such.
In the case of the VAX and Alphas, both out-dated platforms to many people, they've both been quite good at making coding errors surface, so they're very useful for that if nothing else.
If memory serves in fact, one of the OpenBSD devs, Miod, fixed such an error in the compiler that was picked up because the VAX puked in building X on the same compiler instructions that other platforms were perfectly willing to tolerate.
In the end it produces a better product for all of us since it can often help developers find and fix bugs--especially the hard-to-find and hard-to-duplicate varities. That's pretty cool.
Running 'Nix is like owning a Lightsaber. It's "a more elegant weapon for a more civilized time."
Nope, he's right. This tells the sad story of OpenBsd very well. http://bulk.fefe.de/scalability/
FWIW (not much) I usually buy one copy of OpenBSD whenever a new version is released, if for no other reason than to support OpenSSL development. You may not be an OpenBSD fan, but if you're running Linux, you're probably also running OpenBSD-derived software.
Actually, if the developers write a bug fix, they can withhold security patches from you. The BSD license gives them the power to distribute patched software in any way they please. This means they could fix a bug and decide to relicense the fixed release in whatever way they see fit, even as closed source proprietary binary blob. In general the BSD license lets people do with the software whatever they please. In the case of GNU/Linux, if any group distributed a patch to any of the GPL software included then they would be forced to release their code under the GPL(because it would be considered a derivative work) and therefore have no real control over distribution. I am not familiar with what the OpenBSD people do, although it seems they have a firm commitment to open source software, but I did want to point out what the BSD license actually gives you the right to do. Some people see BSD style licenses as more open source than the GPL because it allows more freedom, but, because it allows almost complete freedom, many people don't like it because that means nobody is obligated to give anything back.
Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
OpenBSD may very well drag ass in performance, but to cite something last updated in Nov 3 2003 with OBSD v3.4 is hilarious (and wrong)
So how do you remotely access your new installations? Via telnet?
Given OpenBSD's track record of performing 'audits' instead of adding features or optimising algorhythms, the sad truth is that in the main it's doubtful that 4.0 is signifigantly any different or more apt to perform any better than 3.4
replacing a traditional system call here with one you wrote yourself there does not innovation make, neither does re-inventing the wheel (especially when you reinvent it poorly!)
Anyone outside the US / Canana know how much to send the CDs? The website doesn't say - and this is even right up to supplying your CC information.....
I would prefer to know.. even a rough guide how much.... because I've seen cases (on other sites) were the shipping costs outweighs the cost of the product!
OpenBSD got a real boost in performance at spring 2005 Hackathon, when a subtle bug in the virtual memory code was found and corrected.
-- "At Microsoft, quality is job 1.1" -- PC Magazine, Nov. 1994
The free shell folks at sdf.LoneStar.org once had somebody
break through their Linux security (years ago already), so
they went to NetBSD, I think (from memory).
They might have something to say about Linux -vs- [Net]BSD
I would love to use OpenBSD for more things, but I can't until I have a solid way to run Java apps on it. gcj is promising, but it won't run my real-world Java apps that I need, like NetBeans and JBoss. Likewise for Apache Harmony, Kaffe, and all the others. I'm hoping that Sun will come through with its promise to open source Java, and that there could be a native-compiled Java 6 for OpenBSD, which would let me switch over to it. Any ideas on this?
"it usually comes from people that have never tried using it... Then make your judgements."
I suspect that won't do any good. The ones yelling the loudest most likely only see computers/operating systems as a comsumer desktops. Though OBSD can be used as a desktop, I don't think they would find it meets their expectations. And if any Window's user did, they'd experience culture shock. Thus, all the bad-mouthing.
However, there are other uses for an operating system and in this area OBSD has value. But I don't think many of these critics will be building routers, bridges, wireless AP's and writing filtering rules enough to make a judgment tempered with experience. But to each his own. OBSD continues to improve and that is a plus.
Ew, clear text crap
I don't know everything.
Your history of SDF is correct, but this particular case does not prove that Linux is less secure than BSD. Depending on how you configure your system, either OS can be rock solid impenetrable, or more exploitable than an unpatched Windows98 box. Very few successful break ins are due to kernel flaws; usually the problem is an application bug, bad configuration, or incorrect policy. I also run a public shell service, and it too often comes under attempted exploit and DoS attacks. I've successfully managed to run it using Linux. I also run OpenBSD on another machine. Linux and BSD both have strong security as strengths, if you use them correctly. However, there is something to be said for OpenBSD's policy of "secure by default".
------ Take away the right to say fuck and you take away the right to say fuck the government.
OpenBSD is the new NetBSD?
But there is more old hardware in the newly supported list, atleast the
"New pgt(4) driver for Connexant/Intersil Prism GT Full-MAC IEEE 802.11a/b/g wireless." caught my eye. A wireless card that hasn't been sold for a couple of years (sadly enough).
Well, PCs support it. That a pretty significant market.
The OpenSSH improvments should help us all...
# OpenSSH 4.4:
* Conditional configuration in sshd_config(5) using the Match directive. This allows some configuration options to be selectively overridden if specific criteria (based on user, group, hostname and/or address) are met.
* Add support for Diffie-Hellman group exchange key agreement with a final hash of SHA256.
* Added a ForceCommand directive to sshd_config(5), similar to the command="..." option in ~/.ssh/authorized_keys.
* Added a PermitOpen directive to sshd_config(5), similar to the permitopen="..." option in authorized_keys, to allow control over the port-forwardings that a user is allowed to establish.
* Added an ExitOnForwardFailure option to cause ssh(1) to exit (with a non-zero exit code) when requested port forwardings could not be established.
* Added optional logging of transactions to sftp-server(8).
* ssh(1) will now record port numbers for hosts stored in ~/.ssh/authorized_keys when a non-standard port has been requested.
* Extended the sshd_config(5) "SubSystem" directive to allow the specification of commandline arguments.
* Many manpage fixes and improvements
Not to mention by default VNC is unencrypted... unless you tunnel it - and how might one tunnel it? Hmmmm...
This is actually pretty common practice. At least it doesn't cost _more_ euros than dollars; that's common, too.
Please correct me if I got my facts wrong.
Thus far, the most startling difference has been that people here appear to try to sell open source software, rather than making it available for free.
Are you really that surprised?
https://www.redhat.com/apps/commerce/
https://shop.mysql.com/
http://www.novell.com/linux/
http://www.cafepress.com/officialgentoo/1227454
etc...
And if you prefer the free approach:
ftp://ftp.openbsd.org/
Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
...before using Asterix imagery: those people are pretty litigious.
European prices INCLUDE 21% VAT.
OpenBSD is the new NetBSD?
perhaps you meant the old NetBSD? with 17 supported platforms (as opposed to 60) it aint king of portability.
Stop Computers/Cars Analogies on S
Long story short: tried it, was easier than I expected, went back to Debian. With my brief experience I cant fault anyone for sticking with it.
It makes me wonder what incentive Europeans would have to pre-order it, then. VAT is cheaper than 21% in 18 of the 25 (PDF) member states.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
The people who are writing for the VAX platform are probably doing it because that's what they enjoy. It's not like there is a tradeoff - they are working on VAX and so not, say, working on feature du jour on i386 - because they have no interest on i386 (or other platforms) they wouldn't be working on it anyway.
The VAX is a well built older machine which was absolutely awesome in its day, and it's good to see that people still interested in the VAX are keeping at least one new operating system running on the machine.
Oolite: Elite-like game. For Mac, Linux and Windows
written in Perl
Get. Away. From. Me.
How we know is more important than what we know.
Well, PCs support it. That a pretty significant market.
if you look at OpenBSD's mission statement you'll see that their goal is to build a free secure stable operating system -- and not cater to the needs of whiny people that sound like broken records. you honestly think that OBSD/i386 users will feel left out because their toy didn't come on a DVD and flee to some sort of Fedora/Ubuntu point-click-drool affair? dollars to donuts, they gonna do a netinstall like any normal person while waiting for the CDs to come in the mail.
Stop Computers/Cars Analogies on S
Can one use the USB version of aDSL modem/router FRITZ!Box Fon under OpenBSD 4.0? The hardware support pages at openbsd.org are not clear to me as to whether one can use this router (even post-installation) or not.
Indeed, given the recent plight of NetBSD, it seems OpenBSD is poised to gain new support and momentum. Perhaps the potential demise of one BSD is simply to the benefit of another?
Free Software games list and commentary
But haven't you been following the news about NetBSD? It's irrelevant
I don't know what version you were trying to install but every openbsd install starting with 3.5 has been nothing but simplicity in itself to go through. I've never had a single instance of network cards not being recognized and all my hardware is right there when you start up. Of course - there really isn't a gui installer so if you're not comfortable at the cl you might be a little disconcerted
If you'd be bothered to read some day, you'd know that the 2.9.5.3 gcc version is for hardware that is not supported by the more recent versions of gcc. The developers of gcc do not support as many platforms as OpenBSD does and thus the OpenBSD developers must either port the gcc to their platforms or use the older gcc version that still supported those hardware versions. OpenBSD uses 3.3.5 of the gcc for most platforms because it's not as dog-fuck slow as gcc 4.
I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
No, OpenSSL is developed by the OpenSSL project, what you are doing is a common misconception, it is covered in the Wikipedia articles of both OpenSSL and OpenSSH. OpenSSH uses OpenSSL for the encryption, but does not do the development of it, just like Open BIOS or OpenBSM, it's not under the wing of OpenBSD, it just has Open-* in the front of it's name.
I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
Good to see OpenBSD keeping its finger on the pulse with Apache 1.3.29 as part of the package. As I recall this isn't even an up-to-date 1.3.x
Exactly
Doesn't it make you feel good to know that our freedoms are protected by politicans, lawyers and journalists.
Because if they weren't adding features no one cares about they would most likely have spent that time making (a) feature(s) everyone wanted that/(which) didn't make it into this release
This is what open source is all about, fixing the things that you want to fix. Unless you're in the position of working on code for your employer, in which case you do what they want as long as it doesn't side track you too often from the stuff you love.
Too often there's this mentality that users of open source products are owed something, and if they-the users-don't get what they want they will leave and use other products, and that can't happen now can it. But it can, the maintainers really don't care that much. A 'thank you' goes much farther than a 'work on something useful.' Because in all likely-hood these VAX patches took no time away from getting other work done: either the submitters only work on VAX or still had plenty of time to do other things.
"but money is the God of Algiers & Mahomet their prophet." - Rich. O'Bryen June 8th 1786
I can write a security patch for GPL'd software and release it under any license I like. I can make it as restrictive or permissive as I like, as I control it via copyright law. Since it's GPL software I couldn't distribute the patched result, but the patch itself is mine to control.
So, your point about BSD is true, but no more true than GPL code, and once the BSD developers release the resulting, patched code as BSD licensed code, anyone can redistribute it.
Awesome furniture, accessories and cabinetry in Santa Rosa, CA: http://humanity-home.com/
Yes, like there have been vast architectural changes in the last 3 years. I would lay huge money that it's still a poor performer.
Why get so worked up about it? It's just software, a tool. Do you get really intense over which brand of 3/8 inch wrench you use?
I tried it about 6 months ago. The installation was unbelievably horrible - pretty much impossible. Complete waste of money. Never again.
It is quick and simple. Regardless of whether I am at my 17" Sony VAIO, Mac mini or the console port of a Sun at the end of a PSTN MODEM or console server somewhere else on this planet. Condensed, it goes something like this...
Boot a cdrom (or floppy, network, swap partition, file on a filesystem, etc), (I)nstall, (U)pgrade or (S)hell? IS YOUR DATA BACKED UP? Proceed with install? You will now initialize the disk(s) that OpenBSD will use. Partitions are made and formatted. Hostname is set. Network details are set. Password for root account is set. Sets are located, chosen and installed. Start sshd(8) by default? Start ntpd(8) by default? Do you expect to run the X Window System? What timezone are you in? CONGRATULATIONS! Your OpenBSD install has been successfully completed! To boot the new system, enter halt at the command prompt. Once the system has halted, reset the machine and boot from the disk.
# halt
syncing disks... done
halted
Program terminated
{0} ok reset-all
OpenBSD now boots and much happiness is had by all. If I installed the x* sets, then at this stage if I log in and type 'startx', X typically just comes up at whatever my flatpanels native resolution is and the mouse is working too. Sometimes I'll have to setup X and the mouse, but very often not. Oh and if I have a wireless card, it is treated just like any other NIC.
How hard was that?
War crimes, torture, lies, illegal spying... Would someone give Bush a blowjob, already, so he can be impeached?
OpenBSD enables OpenSSH and (a heavily patched) Sendmail, by default, and has had: "Only one remote hole in the default install, in more than 8 years!"
So, your claim is pure bullshit.
Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
My 3/8 inch wrench doesn't keep people out of my pornography collection, it doesn't prevent me from getting computer viri, it doesn't protect me from nasty little idiot script kitties playing around in their parent's basement. OpenBSD does that.
Throwing around bullshit stats that are entirely out of date about a particular brand of wrench would still be something to make someone displeased - if the old Mastercraft wrenches broke easily and were made of inferior steel compounds and it's been years and many changes including perhaps the material itself they are made of, the old statistics of how often the outside fork broke off are no longer valid to the current Mastercraft wrench.
I'm sick of following my dreams - I'm just going to ask them where they're going and hook up with them later.
No one seems to have mentioned this, but Debian Etch is using OpenBSD's inetd superserver, for security and clean code. I was as surprised as anyone to see it, but why not use the best?
Please, for the good of Humanity, vote Obama.
Actually, it's not. Yet people earn up to 50 times less money in 3rd world countries. So when a software package costs a month's salary for the average person, most people resort to piracy.
OH; I see! you were joking and referring to piracy! LOL! i get it now ! LOL!
They still recommend that you keep your entire / partition within the first 2Gb. http://www.openbsd.org/faq/faq14.html#LargeDrive
> It makes me wonder what incentive Europeans would have to pre-order it, then.
:)
You're donating to the OpenBSD project. You can download the CDs for free, if that suits you. The box and printed insert cost maybe $1... the rest is money so the devs can continue to write an excellent OS.
Somehow I managed to spend $120 at the OpenBSD store today...
My other car is first.
I meant as opposed to buying it locally upon release, where most Europeans would be giving less money to the government in taxes.
GLaDOS for President 2016! "Well here we are again. It's always such a pleasure." -- GLaDOS, 2011
That only applies to old systems. Newer BIOSes do not have this strict limitation. Acutally reading the text tells you that.
Myself working for an ISP, I use OpenBSD for my servers wherever possible. OpenBSD does much to soothe my paranoia about services running that I don't need. I know when I install OpenBSD that only the software I install will be showing to the outside world. Unfortunately, the Dell servers my boss buys will not work out of box with OpenBSD, and I'm too lazy to try to figure out what to do so it will. Seems that either the RAID or NIC driver is never there.
You are mixing a few things up. Badly.
(1) The OpenBSD project made a call for donations. Wikipedia does that once a year if my memory serves me right. The thing with the OpenBSD CFD just was, that they told some unpleasant truths. They reminded some companies that what they are doing is legally fine, but morally questionable. For example one large vendor (I think it was IBM, not sure) sells OpenSSH for real money and did so for years, charges even more money for support contracts, and then points customers to the OpenSSH project if they need support. That is a simple business truth, but only very few companies like to get headlines like that.
(2) Sun uses OpenSSH as base for their SunSSH and even hold conferences about it, but manage somehow to "forget" to invite OpenSSH developers to those events. Even after being asked for upfront. This and a few other things led to the fact that Sun does not get separate warnings/information when a critical bug in OpenSSH is found, as for example the ssh maintainers of the other BSD projects get. Sun has to find these things in the public cvs themselves. So OpenSSH is not withholding any security fixes, it is just not handing them on a silver plate to just about everyone.
The best way to support OpenBSD and its subprojects is still: employ a developer (if you are a company) or buy CDs (if you are a user). Or do both. And more.
While OpenSSL is completely independant, OpenSSH is a sub-project of OpenBSD. I'm not sure if thats the point of your post, but my first impression was that both were seperate.
How did this post get modded insightful? He completely missed the point of the parent: i.e. even if one company witholds a patch, someone else can still develop the patch separately and distribute it just the same. In order for all of this to be an issue,
1. A vulnerability exists that the general public is not aware of.
2. Somebody that produces a closed source proprietary derivative product is aware of this vulnerability, does not disclose it, and patches it.
3. Yet another person is aware of this vulnerability, and exploits it.
It would be extremely improbable that all these requirements are met, especially since the person in 2. is unlikely to receive any benefit for doing so, whereas they would receive plenty of recognition for exposing said vulnerability. Besides, if such a person or entity were to exist, they could just as easily omit the patch in their source while distributing patched binaries. Not to mention, OpenBSD has a better security track record than any other open or closed source operating system anyway, so it goes to show that the license is hardly any hindrance.
An BSD licensed project is not going to be adversely affected just because a closed proprietary derivative is produced. Development goes on whether somebody decides to fork it and not give any code back, or not use it at all.
http://astutehosting.com/
I used it in production for almost three years as a spam box. It ran at ~90% CPU utillization all that time an never had a problem....except for the time I accidentally did `postsuper -r ALL|postfix reload` instead of `postsuper -r ALL;postfix reload`. That gave me a kernel panic.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
What part of "You can just get the patch from someone else who has it" didn't you understand?
Don't blame me, I didn't vote for either of them!