OpenBSD 4.4 Released

Linux blog writes "The new version of OpenBSD is available for download. There are lots of nifty new features to try out including OpenSSH 5.1 with chroot(2) support, Xenocara, Gnome 2.20.3, KDE 3.5.8, etc. Machines using the UltraSPARC IV/T1/T2 and Fujitsu SPARC64-V/VI/VII are now supported. It seems amazing to me that they keep delivering these new results on a six-month release cycle."

why bother with 6 month release cycle?

This isn't meant as a troll, but... Those SPARCs are 4 year old machines. If this is the result of a 6 month release cycle, I wonder why they bother? The new machine support isn't at all impressive. Is their unstable branch so bad that stabilizing a release every 6 months is a big deal? I'm guessing that's not the reason, in which case, why?

Rock Solid

I have been regularly running OpenBSD for the last 8 years, and I have never been disappointed. 4.4 keeps up the string of solid releases.

I have a thinkpad that runs it as well.

Yes, I buy the CDs, and a few shirts, and donate $ when I can. Hopefully it keeps them working on the next release. I don't know what I would do without it running my DNS and other servers.

Re:Mebbe I should try it some time

[QuickFox]

although they lack a good pre-built distro like Ubuntu.

They do have a good pre-built distro. It's called PC-BSD. It's very good in my experience, very nice. And it's a breeze to install, just like Ubuntu.

I like Ubuntu even better. But PC-BSD is very fine, really, it deserves recognition. It's well worth trying.

Re:EOL cycle

[timmarhy]

updating requires about 30 minutes of down time, I have a production system that costs the company $10,000 a minute when it's not running (and i'm sure that's cheap by some peoples standards). explain why i would choose an OS that costs the company $300,000 a year in avoidable down time. with other OS's i can continue to get security patches and i can apply them with the minimum amount of down time possible.

and yes we have backup systems, but if you've ever worked in a real industrial environment it's not as simple as flicking a switch when it comes to changing control systems, and it's certainly something you want to avoid.

Silent Money Maker

[imus]

OpenBSD puts a lot of money in consultant's pockets. It's hands down the most secure OS on the market. Got a client that needs a secure redundant firewall but can't afford big, over-priced Cisco gear? OpenBSD to the resuce. OpenBGP, CARP, etc. You can do things with OpenBSD and 15K worth of hardware that would cost six or seven times as much money with dedicated networking hardware. And, you can do it better. So, if you need some easy extra cash get into OpenBSD and start making a killing in the firewall business in your hometown. When you get a reputation for solid, secure systems (they'll wonder how you do it :)) donate some cash to the OpenBSD Foundation and buy some CDs.

Re:Mebbe I should try it some time

Time to get off your Finnish high horse. If Apple takes code from BSD it is their choice whether or not to return the changes. I know that puts your GPL panties in a wedge but remember the BSD license lets them do that. The code is being taken because it's being offered for the taking. If BSD people didn't like that they would change the license. I do think Apple gives in return but how much I certainly don't know.

Why are you so angry about this? Apple has, all by itself, done more than all the Linux distros combined (this includes your precious Ubuntu) to keep non-Windows solutions in the public mind-share. And it's done it quite profitably. Something Mr. Shuttleworth doesn't seem to be able to do yet. Let me ask you: Why do so many Linux people seem to require conflict in their religion? Don't take the bazaar analogy too far; the world has moved on a bit from 1990.

Re:Mebbe I should try it some time

[laddiebuck]

As a Debian admin and user, I have to point out that Debian also makes this process trivial. Gentoo is overrated; Debian is the best OS to admin I've come across, whether Linux or BSD.

Package security?

[Unsung+Bovine+Herd]

For a distro that prides itself on proactive security, OpenBSD seems to lack one security feature most mainline Linux distributions have: some form of package signing. I know package signing doesn't make a system 100% percent secure from Trojan'ed applications. I'm not a security expert, but I think having signed packages helps reduce the possibility of man-in-the-middle attacks, say, from malicious DNS redirection that points the user to a bogus mirror even if the "real" mirror (which presumably is running a secure BSD system) isn't compromised. It seems to me the most secure OpenBSD system is one without anything besides the base system installed, good enough for a server, but unfortunately not for everyday Desktop use in Facebook era.

Re:Congratulations

[TheRaven64]

Mabye in OpenBSD land, but here in FreeBSD world, we dont flame people to death.

Interesting to hear. I did a series of articles about the new versions of NetBSD, OpenBSD and DragonflyBSD about a year ago. I originally intended to write one on FreeBSD for the same series, but decided to drop it. When I emailed the OpenBSD developers, I got well thought-out replies to my questions. The NetBSD guys went even further and forwarded my questions to some other people, collected replies, and gave me a huge amount of material to work with. Matt Dillon, likewise, gave me some great material on his plans for Dragonfly. The FreeBSD developers ignored me for a month, and then replied with a colossal flame ending 'never contact me again'. One of the other developers did apologise for this behaviour later. I thought this was a shame, since I've been a FreeBSD user for some years and wanted to give the project some free publicity. After this encounter, however, I dropped the idea of a FreeBSD article.