Why OpenBSD's Release Process Works

An anonymous reader writes "Twelve years ago OpenBSD developers started engineering a release process that has resulted in quality software being delivered on a consistent 6 month schedule — 25 times in a row, exactly on the date promised, and with no critical bugs. This on-time delivery process is very different from how corporations manage their product releases and much more in tune with how volunteer driven communities are supposed to function. Theo de Raadt explains in this presentation how the OpenBSD release process is managed (video) and why it has been such a success."

Summary?

[bananaquackmoo]

I am NOT sitting through a 30 minute video. Can someone please summarize?

Re:Summary?

[CorporateSuit]

Basically, they only allow developers who are willing to sit through a 30-minute video to work on their software.

Re:Summary?

[MichaelSmith]

Well that counts me out. Maybe its because the only people who can stand to deal with Theo are people who do exactly what they are told (by Theo).

Re:Summary?

[tjohns]

The slides are here: http://www.openbsd.org/papers/asiabsdcon2009-release_engineering/

Re:Summary?

Sabotage

Re:Summary?

Here is the executive summary:

• OpenBSD is dying
• OpenBSD is incapable of supporting Beowulf clustering
• it runs Linux, but only in compatibility mode
• Netcraft has confirmed all of these items

Re:Summary?

[nacredata]

What I got out of it was that the core developers, not some other group, do the testing. Rather than hand the task of quality control/testing to some other group just prior to release, all developers are held to a high level of participation in this regard. Theo and other developers use nightly builds in their day-to-day work and the entire system compiles most every night.

Re:Summary?

Two points:

1) they do not create a separate branch for a release. The release stays in TRUNK until it is released. This has the advantage that ALL developers are working towards a release. Introduction of features is slowed as a release approaches. He does not address the disadvantage of this system: that many developers sit around idle when their work is completed early during this phase.

2) Everyone tests. There is no test team. All developers test things before a release. He does not talk about agile and how everyone should be testing their own stuff anyways.

Point 1) was interesting. It works for them because they are volunteer based. They are not paying the salaries of the idle developers during the release phase. It would not work in a corporate environment because those people are to valuable to be underutilized.

NOTE: I did not listen to him talk... just read his slides.

Re:Summary?

[MrNaz]

Not that that would be a bad thing. The majority of people in the world are average, by definition. When a truly extraordinary person tells them what to do, and they shut up and do it, the collective ability of the group is far greater than the mere sum of its parts. If the extraordinary person happens to be a bit of a knob, that's irrelevant if they are all focused on the desired result and not their own silly little egos.

"Oh noes, he told me my code was stupid and wants me to to it again! Cry cry cry!"

If Theo tells you your code is stupid, then it is. End of story. Do it again. Yes, there are better ways to deal with people, but seriously, Theo gets knocked for his personality not because it's really that big a deal, but more because ordinary people are jealous of his enormous capacity.

Get over it people. Theo's good at what he does, OpenBSD could and would not exist without him, and the world is a better place for it.

Re:Summary?

[WhatAmIDoingHere]

If everyone tests, the developers who are "sitting idle" are spending that idle time testing, no?

Re:Summary?

Good point about their work towards the project being idle. However, I would also like to point out that although idle to the committed code, they do involve themselves with side-projects that will possibly be integrated into openbsd.

I'm not an openbsd pro, but I think a two of those recent examples would be opensmtpd and the improved malloc()

Re:Summary?

[darthwader]

To translate to the "agile" buzwords of the day, they use a 2 week sprint cycle, and at the end of each sprint, the features for that sprint are complete and working, and the product is stable. They ensure this by doing daily builds and testing on those builds. Everyone runs the current build (he implies they run the daily build, but I expect that is too much hassle to upgrade every day, so in fact everyone runs the last sprint build (which is less than 2 weeks old, and has had a brief stabalizaiton period).

It's not rocket science, the notion of small "sprints" and a releasable product ready at the end of each sprint is fairly well known. All it requires is more discipline than 99% of development teams have. :-) Kudos to them for having the discipline to make it work.

Re:Summary?

[4D6963]

The majority of people in the world are average, by definition.

Excuse the pedantry, but you're making a big assumption when you're considering that the majority are in the average. For all you know half of people could be extremely bad and the other half extremely bright, leaving no one anywhere near the average.

Re:Summary?

[RiotingPacifist]

mode != mean

Re:Summary?

[644bd346996]

It really isn't that big of a leap to implicitly assume that intelligence is normally distributed.

Re:Summary?

[drerwk]

I think you mean envious .

Re:Summary?

[Sponge+Bath]

mode != mean

first post getting -1 redundant mod == mean

Re:Summary?

[girlintraining]

If everyone tests, the developers who are "sitting idle" are spending that idle time testing, no?

It would be pointless to test prior to integration of all submitted components. From the time the first component is completed and submitted and the last, those developers can test, but it's not meaningful if the goal is to evaluate the integrated product as a whole.

Re:Summary?

[Burning1]

Not that that would be a bad thing. The majority of people in the world are average, by definition

I cringe every time I see this statement. Your statement may be reasonable, but it's not correct 'by definition.'

Let's take a small group of numbers:

1, 1, 3, 4, 5, 7, 9, 0.

If we average and round those numbers, we can say that that the average number is '4.'

However, only 1/8th of those numbers are actually 4, and MOST of those numbers are not 4. In fact, it would be more correct to say that 'most of those numbers are 1' even though the numbers are not 1 on average.

It would be technically correct to say 'By definition, most people are not exceptional.' I highly doubt that you'll find a lot of truly average people in the world.

Re:Summary?

Suck some more cock, won't you? People like you are pathetic. You wallow about on the floor kissing the feet of the "great people" instead of standing up and being just as "great". Worst of all, you apply your own resignations of being a lesser person to everyone else.

Re:Summary?

[Theolojin]

Basically, they only allow developers who are willing to sit through a 30-minute video to work on their software.

...during which Theo tells them if they don't hit their release deadlines, he'll eat their children.

Re:Summary?

[nschubach]

As a developer, I think I'd work faster/better if I knew a quality product would let me work on side projects in the end. If I knew that I'd never have time to experiment and play then I'd just trudge along and get depressed. It would be a tremendous moral boost. Developing has downtime unless you work for a slave trade.

Re:Summary?

[brusk]

No, but assuming you can operationalize 'intelligence', it's a testable hypothesis. And it's always better to explicitly and not implicitly assume. Otherwise people think you're hiding something, 644bd346996 -- if that is even your real name.

Re:Summary?

[brusk]

That assumes that all developers are roughly equivalent. But if, says, the filesystem is basically in feature lock whereas active development is going on in the networking system, the fs developers are likely to be sitting on their hands. Sure they can test networking features, but that's not their expertise and their time might be much better spent working on the next generation fs, which is not going to be in the next release but might be a couple of releases away. A branch/trunk split would allow them to work on those experimental, too-rough-to-release features. That could make for a more efficient allocation of human resources in some respects.

Re:Summary?

Well, if we're being pedantic, there is no value held by "most" of those numbers, since "most" requires that at least half have the specified property.

Re:Summary?

[shutdown+-p+now]

The problem with your statement is that you assume that Theo is perfect. If he's not (and he's definitely not, just like all of us), then "shut up and do what I say, and I don't need you trying to explain me why I'm wrong, cause I'm never wrong!" mentality will lead to a disaster when he gets something wrong. You could say that it's alright so long as, on average, he's right more often than he's wrong; however, the real problem with mistake combined with arrogance is that mistakes often tend to become grave in such circumstances. It's the "fuhrer problem" - it's very tempting to put a brilliant guy in complete control with no backup, but it only works for limited time in practice.

Theo's good at what he does, OpenBSD could and would not exist without him, and the world is a better place for it.

Who knows; perhaps, if OpenBSD didn't exist, NetBSD would be better?

Re:Summary?

[floodo1]

Google agrees with you.

Re:Summary?

[rbanffy]

If there is a human testing, it's already wrong.

Perhaps developers who feel "idle" (if they exist at all) should be writing automated tests or, at the very least, thinking on how to automate stuff like testing for real-time kernel concurrency problems or device-driver weirdness.

Re:Summary?

[4D6963]

It's not about intelligence to begin with.

Re:Summary?

[gstoddart]

Excuse the pedantry, but you're making a big assumption when you're considering that the majority are in the average. For all you know half of people could be extremely bad and the other half extremely bright, leaving no one anywhere near the average.

Ummm ... they've measured IQs, plotted it on a bell curve, and defined average to be the peak in the curve plus some on each side.

Since that holds the majority of the population, it's entirely correct to say that the majority of the people in the world are average. It's defined to include the majority of the people.

What you're describing is, I believe, a double-tassel distribution -- which is what first year comp-sci classes tend to look like. You either get it, or you don't, there's no middle of the road.

Average human intelligence really does sit in the middle, and most people are average.

Cheers

Re:Summary?

[ceoyoyo]

"does not talk about agile and how everyone should be testing their own stuff anyways."

Interesting how that idea suddenly became this cool new idea. When I was doing my undergrad in CS we just called that coding.

Re:Summary?

[uncqual]

If only those that "didn't get it", got out...

Instead, too many struggle by and end up thinking someone should hire them to code.

Re:Summary?

[uncqual]

That ability to eat your own dogfood for real sounds pretty crucial to the strategy. Unfortunately, if one is developing software that they don't actually need to use extensively and continuously to get through each day, relying on developers for testing "by using it" is likely less reliable and/or predictable

For example, developers of software for set top cable DVRs (Motorola developers who write the crap Comcast downloads to my DVR - you know who you are!) may not even subscribe to cable -- and, presumably, even if they do, they have little time to watch it at the very time when it most needs testing.

Re:Summary?

[uncqual]

Isn't it likely that an fs developer who found themselves "sitting on their hands" might decide to go off and start working on the "big file system feature" so they can check it in a few days into the next release cycle (which is when checking of such "big" features seem to be encouraged)? I'd hope so. Although I have no first hand knowledge of OpenBSD's dev, I suspect a lot of short lived "branching" really does occur - but it's hidden out of sight of the cm system.

Re:Summary?

[swillden]

Average human intelligence really does sit in the middle, and most people are average.

Most people are within one standard deviation of the mean. Relatively few people are precisely at the mean.

Re:Summary?

[Omniscient+Lurker]

If they defined the avg like that it would be the mode. It just happens that IQs are normally distributed so mode=median=mean.

Re:Summary?

[fadir]

Of course they all work in trunk. They still use friggin' cvs. Who really wants to branch in cvs?

Re:Summary?

You lost me at Comic Sans.

Re:Summary?

[salimma]

Who knows; perhaps, if OpenBSD didn't exist, NetBSD would be better?

Or would be better faster: the current version's performance appears to be quite impressive, matching FreeBSD and Linux.

Re:Summary?

[gstoddart]

Most people are within one standard deviation of the mean. Relatively few people are precisely at the mean.

Which is why I qualified it and said:

and defined average to be the peak in the curve plus some on each side.

I just hand waved around the specifics of the statistics. :-P

Cheers

Re:Summary?

[dvice_null]

> It would be pointless to test prior to integration of all submitted components.

It might not be as useful, but it is not pointless. You can find new bugs, even when you write just a single unit test for a single function in your code. Especially when your system is build up from small independent applications.

Re:Summary?

[brusk]

In which case it would be harder to collaborate on developing that feature, meaning that such branching work would tend to be individual. Sounds like a problematic model to me.

Re:Summary?

[faffod]

It would be pointless to test prior to integration of all submitted components.

I would think that continuously testing as components are submitted would be immensely valuable. Waiting for every component to be submitted only to find out that nothing works would be far less efficient that continuous testing of submissions that that problems are found (and fixed) early.

Re:Summary?

It would be pointless to test prior to integration of all submitted components.

Stay away, stay faaaaaaar away from my code and applications.

Re:Summary?

[aztracker1]

I find that in a corporate lifecycle, having two projects to work on helps.. as one project approaches release, another is just coming out of a release, and into a rapid bugfix push... alternating the primary focus of your development time... This works pretty well actually.

Re:Summary?

Congratulation on being totally ignorant of a) the IQ bell curve and b) statistics.

IQ can be defined because it's not a "small group of numbers" its graphed around sample sizes in the tens of thousands. With a sample size that large, it has been demonstrated that intelligence follows a normal distribution, which is a technical term, not what you think it means so don't be getting all individual upstartey on the word "normal".

Re:Summary?

[Lennie]

If I'm right, their are definitly people ('senior developers') Theo does put trust in to atleast tell him to have an other look.

Re:Summary?

[Secret+Rabbit]

"""
that many developers sit around idle when their work is completed early during this phase.
"""

Developers *can* code new features during this phase. There is a difference between developing and committing those change to CVS. Developers don't have to be idle. If they don't want to do that, they can always help with the testing and bug fixing. Just saying that developers can do more than just one little thing.

Re:Summary?

[Secret+Rabbit]

You're assuming that the "integration of all submitted components" is required for testing. Are you sure that's a good one? Because, it really *really* isn't (in general). Especially, when such components are part of entirely different (sub)systems.

Re:Summary?

[Secret+Rabbit]

"""but I expect that is too much hassle to upgrade every day"""

Why? This is something that can be automated quite well. Something that could be run while one is sleeping for instance.

Re:Summary?

[Shamenaught]

Would any video do? Like, maybe pron or something?

Re:Summary?

[Ciggy]

Being pedantic?

In that case, you'd better specify to WHICH average you are referring and your exact definition of "most", because, mathematically, there are three averages which can be taken from the data given:

MEAN: sum the data and divide by the number: 30 / 8 = 3.75
MEDIAN: write in order, the one in the middle (or mean average of middle two if number of data is even): (3 + 4) / 2 = 3.5
MODE: the data item which appears the most often (has the highest frequency count): 1

[The last average is often stated as "the data item that appears the most", with "most" meaning "highest frequency count".]

So the error in the GP's post is to say that "'most of those numbers are 1' even though the numbers are not 1 on average" when in fact, using the MODAL average, the numbers ARE 1 on average!

In fact, using the data given, it is perfectly true to say that most[1] of the numbers are above average (when the average used is the MODAL average as 5 numbers are greater than 1, giving 62.5% greater than average).

[1]most here being defined by taking the numbers and dividing them into two sets: those larger than the modal average, and those not larger, and "most" being the size of the set with the larger number of elements.

Re:Summary?

OpenBSD could and would not exist without him, and the world is a better place for it.

Those are strong words, considering that OpenBSD has something about 400 users in the whole world.

Re:Summary?

[dargaud]

OpenBSD could and would not exist without him

While I agree with what you say, that line worries me. What happens to a software project when its charismatic leader gets run over by a bus / is targeted by MS hitmen / falls in love with a female of the same specie and heads off to a deserted island ? Which of the following projects can survive easily without their leader: Linus ? Theo ? Larry ? RMS ?

Re:Summary?

[dublindan]

Seconded.

Re:Summary?

[upside]

Writing automated test cases? Good on you.

Re:Summary?

Stop putting spaces before your question marks, dumbass. Note the lack of space before periods. Question marks are the same.

Re:Summary?

[hoggy]

Everyone runs the current build (he implies they run the daily build, but I expect that is too much hassle to upgrade every day, so in fact everyone runs the last sprint build (which is less than 2 weeks old, and has had a brief stabalizaiton period).

It's maybe worth noting that the BSDs have been source distributions for a very long time and that rebuilding the world is ingrained in the being of BSD developers. There's no real reason why they wouldn't be upgrading daily.

Re:Summary?

[xouumalperxe]

2) Everyone tests. There is no test team. All developers test things before a release. He does not talk about agile and how everyone should be testing their own stuff anyways.

That's "Agile Development" or "Extreme Programming" or whatever buzzwords people come up with next are just that: buzzwords. Most of what they espouse is essentially codified common sense. If your work process works, it works. If it doesn't, try to see what works for others and see if it works for you. I know, I'll call that "Pragmatic Programming", write a book or bunch of articles on it, do some conferences, and perhaps people will treat me as if I were some sort of guru because I said something elementary that makes sense.

Re:Summary?

[Godwin+O'Hitler]

Nah it's not that big an assumption. Just a statistical one. The population is way large enough to assume with BIGNUMBER% certainty that it follows a normal distribution.
If you do that, of course, you have to set upper and lower boundaries for your definition of average. Maybe that's the road you were going down.

Re:Summary?

[Godwin+O'Hitler]

In English we don't put a space.
But if dargaud is French, for example, that's the way he and every single one of his countrymen have always written question marks.

Re:Summary?

[TheRaven64]

More importantly, there are no long code freezes and branches. Whatever is in CVS HEAD at a specific time is the next release. The tree is locked for 6-9 weeks during which time only bug fixes are allowed in, and then it's unlocked and development continues. You can contrast this with FreeBSD, where the release is branched and undergoes testing in that branch, while new features and bug fixes are committed into the main tree. Developers on FreeBSD tend to run -CURRENT, but that's not the branch that's actually released, so bug fixes need to be back-ported from the branch the developers are running to the branch that everyone else is using. Both approaches have advantages and disadvantages (as Theo says) but the OpenBSD approach seems to work very well for their project structure.

Re:Summary?

[Tom]

The majority of people in the world are average, by definition.

It's beside the point, but that's one of the wrong assumptions I just can't leave unchallenged.

The majority of people are not average. In many cases, you will not even find one particular instance of the average. In fact, only some methods of calculating the average guarantee that there's even one actual instance (e.g. the Median).

In distributions following the Bell curve or something like it, you will find a majority of people within a certain distance to the average, but depending on the form of the curve, that distance might be fairly large.

No, the majority of people are not average. They are below or above average, it only averages out in the sum total.

Re:Summary?

[arndawg]

FIRST! I might not have a high IQ, but I have a really good EQ!

Re:Summary?

[commanderfoxtrot]

Can I vote for Theo to "help" manage X now?

Re:Summary?

[TheRaven64]

Well, OpenBSD does have its own version of X.org in the base system, which is periodically sync'd with the main tree but often has extra patches and fixes which haven't yet been merged upstream. There is also an OpenBSD developer on the X.org core team, so there's some close involvement there.

Re:Summary?

And if he were Spanish he would write an inverted question mark before each question. This is not Eurodot. Go home.

Re:Summary?

[b4dc0d3r]

If it's not a human testing, it's already wrong.

You do both. Automated testing is only as good as the people who write the tests. If you make assumptions in the code, and also in the tests, you won't find bugs until users actually use it.

I know all about how you can rearrange responsibilities and someone other than the developer writes the tests blah blah whatever, it never works 100%. After I get done with all of my testing I have a human try it and about a third of the time that user will try to do something that wasn't in the requirements and did not get tested because it wasn't expected. Maybe a bug comes out of that, maybe it's just documentation that needs updated, but you have to have people using it in real life situations to be called a true test. I've seen automated testing pass things and then users, because they operate more slowly, expose timing or deadlock problems. Real people are needed.

Re:Summary?

[DuckDodgers]

So we average people are just supposed to accept anyone that comes along and proclaims that they are brilliant, and then do everything they say?

I'm not knocking Theo. I'm sure he really is exceptionally bright. But we should be working on raising the average intelligence, not encouraging people to blindly follow anyone that appears to be substantially brighter than they are.

Re:Summary?

[DuckDodgers]

This idea that computer science programs should weed out tons of people in the first years is ludicrous. Way back in the ancient 1990s, I started a college computer science program with no previous exposure to computers. I passed my first two courses by copying code from two friends who had home computers and introductory programming courses in their high school. After that, I was caught up enough not to need any help from anyone else. At graduation, my average in computing courses was equal to theirs.

Now, it's intuitive to most of the people on Slashdot that a lot of networking, system administration, programming concepts, and programming languages can be self-taught for a teenager. But just because it's intuitive to us doesn't mean every teen in all of the schools across the US (or the rest of the world) has exposure to the same concepts. Entry level computer science classes should be demanding, but they should bring everyone in the class into the field at the ground floor and give everyone plenty of time to get up to speed.

The idea that "you either get it, or you don't, there's no middle of the road" is ridiculous. It might take some people three times as long as others to get the foundation they need. But once they have it, they'll do fine and they'll learn new materials as quickly as most of their colleagues.

Re:Summary?

[DuckDodgers]

Thanks. It's an interesting idea, although I don't know how easy it would be to generalize it to other open source projects.

Re:Summary?

I feel compelled to note it is not Ameridot either. But then such subtlety is usually lost on one such as yourself.

Re:Summary?

Please excuse me for using the word "average" when I really meant "falls within a single standard deviation of the mean on the normal distribution of IQ bell curve".

But I suspect you know what I meant, you're just being obtuse. Either that or you're genuinely an idiot.

Re:Summary?

If Theo tells you your code is stupid, then it is. End of story. Do it again.
And Theo's never fucked up? Ever?

Bullshit. Call me when he starts walking on water and turns my MacBook into a Commodore-64.

Re:Summary?

You mean kudos to them for inventing the concept.

Re:Summary?

[BitZtream]

Get over it people. Theo's good at what he does, OpenBSD could and would not exist without him, and the world is a better place for it.

I have a great deal of respect for Theo and his work on OBSD, however we need to be realistic.

He's not THAT good. One of my biggest complaints is the whole 'no exploits in XXX time!@%$!@%' bullshit. Which just changes each time an exploit is found.

My code has never been exploited by anyone ever, including myself.

(two weeks later, after you exploit my code)

My code has never been exploited by anyone who hasn't ran it.

This is the kind of shit that gets pulled with OBSD, and makes it FAR FAR less impressive than it sounds if you actually have followed his antics over the past 10 years. Everytime someone shows him to be wrong, he just changes the definition. Anyone can be great if you just change the definition to fit your purposes. Why people still treat him like a god is beyond me.

He's a good developer, but his ability to be an obtuse asshole far overshadows his ability as a developer. I've found its far easier to just use one of the other BSDs which are far less painful and while not 'as secure' by Theo's definition, they good enough for production work and feel far less like you're living in the 70s when you use them.

Let Theo go play in his little sandbox, I don't mind, because he stands by the BSD license it means that my prefered OSes get to be pretty much as safe has OBSD, without me having to deal with all the headaches of his holier than thou attitude.

With that said, I respect and appreciate his (and ever other OBSD developers) work. It is definitely good stuff. Their skills are far above my level, no doubt. He is still just a man and should be treated as such, sans pedestal or high horse.

Re:Summary?

[BitZtream]

2) Everyone tests. There is no test team. All developers test things before a release. He does not talk about agile and how everyone should be testing their own stuff anyways.

They do test their own stuff. They also test how their own stuff works with everyone elses changes rather than in a little sandbox on the side without interaction with all the other parts. This interaction is where you run into problems. Most developers can write small chunks of code that work fine when used exactly as expected, which is what the original developer will do since they know exactly how it was intended to be used. You get in trouble when I start using your code that you documented one way and I interpreted a different way, which you didn't bother to sanitize the input or properly error check, and I just assumed your code was going to work flawlessly. Now, through no fault of yours or mine directly, we've introduced a problem that neither one of us will notice when playing in our own little sandbox.

You point this out like its a bad thing, in reality this is the only way it should be done.

The developers who finish their work early are not sitting idle, they are testing. The sooner the testing gets done and everything is signed off on, the sooner everyone can move forward. It prevents you from just working on what you want to work on and leaving everyone else to do the dirty/unfun work.

Both of your points that you think are bad are just signs of selfishness on your part and a lack of willingness to be a team player. The world doesn't revolve around you or your code, sorry.

Re:Summary?

[robot_love]

Damn, beat me to it. Seriously. Who does that?

Re:Summary?

[4D6963]

I know people here are obsessed with intelligence and seem to think of themselves as part of an intellectual elite (something about making themselves feel better about not fitting in with most of the rest of the population), but it's not about intelligence to begin with.

We're talking about people good at something precise such as coding. You can have an IQ of 173 and a special gift for statistics, that won't prevent you from writing shitty network code. Like me, I'm a great coder, but I went to school to become a sysadmin. Because of this, I'm a very mediocre sysadmin (and eventually abandoned the possibility of pursuing a career there), despite being an arguably bright individual and having certain technical skills.

IQs are one measure. Most people are average on that measure. But we're talking about professional skills, and for all you know most people may be excellent at what they're best, thus not just being "average". And again that has nothing to do with 'intelligence', I knew people excellent at driving vehicles or building houses who otherwise were utter all-around morons.

Re:Summary?

[david_thornley]

No, the fact that there's a big population doesn't imply a normal distribution.

Consider personal wealth. Assuming that 99% of the population has wealth under $10 million, and it's normally distributed, there's no possible way to account for billionaires, as they're far too many standard deviations from the mean.

Consider individual height among US adults. If not bimodal, it's close. Consider individual weight. It's skewed. The average is maybe 150 pounds, but there's a significant amount over 350 pounds and none less than -50 pounds.

The normal distribution works great for sums of sufficient random variables. There's a whole lot of stuff in nature that just doesn't fit.

Re:Summary?

[FrozenFOXX]

To my understanding Linux would survive just fine. He's our "benevolent dictator" but he hardly makes day-to-day decisions and tells people what they're going to do. Last time I checked most discussions over something getting integrated or not are handled by a group of people who only defer to Linus if nobody can reach a consensus.

Someone please feel free to correct me if I'm wrong.

Re:Summary?

[dargaud]

I know perfectly well about the space before question mark rules (and yes I'm french). I chose to do so because it makes the text more readable. Same for ending a quotation before the "period". I've lived in 4 countries and I like to take what's best of each. Thanks for coming to my defense BTW.

Re:Summary?

[Tom]

If you really meant that, you're the rare exception.

The too-simplified average assumption is one of the main problems in many design decisions. Systems are built for an "average user" that simply doesn't exist. The result is abominations like windos - stuff that nobody can use well, but everyone can use badly.

Re:Summary?

[gstoddart]

This idea that computer science programs should weed out tons of people in the first years is ludicrous. ... The idea that "you either get it, or you don't, there's no middle of the road" is ridiculous.

You seem to be laboring under the belief that I'm suggesting that computer science should be weeding people out heavily in first year.

I was merely pointing out that if you plot the test scores on a curve, you end up with a double-tassel distribution instead of a normal curve. It's more of a statement than a value judgement.

The reality of it is, it falls on a double-tassel distribution because in real life, you either do get it, or you don't. I've known brilliant mathematicians who never really understood writing code. Some people just never get their head wrapped around the specifics.

Trust me, I'm not being elitist or anything ... it's merely a reality that it's a subject matter which doesn't land on a bell curve.

Personally, I'm in favour of as many people as possible "getting it" -- the notion that computers should be some spooky voo-doo that only a select few can be taught is absurd. It doesn't change the fact that you can measurably demonstrate that it's not something everyone gets. I don't know if other subjects generally don't land on a bell curve or not.

To some people, it still ends up being voo-doo and something they can't figure out.

Cheers

Re:Summary?

[dunng808]

What happens to a software project when its charismatic leader ... falls in love with a female of the same specie and heads off to a deserted island ?

Alone, right? Surley you do not mean to suggest that a FEMALE would go along? This is, after all, SlashDot. News for nerds, and all that. Women chase after politicians, actors, rock singers, and piano players. Never computer geeks.

BTW, the Squeak developers list has been engaged in the same debate for the last week or two, leadership by committee vs. single strong leader. The moon is not full, or new, but it is in Taurus. Coincidence?

Re:Summary?

[Burning1]

I wasn't talking about IQ, because if I had been, I would have commented on the statement that "most people have an IQ of 100," which is also completely incorrect.

Yes, most people have a normal IQ. No shit. But wile people with an IQ of of exactly 100 might be the largest individual group of people with a specific IQ, they will be far outnumbered by the total number of people who have a normal IQ in he 90-110 range. If you take a random person and test their IQ, chances are it's near 100, but not exactly 100.

If you'd like, I could explain the difference between being 'an average person' and 'a person of average intelligence.'

Re:Summary?

[Burning1]

Thanks for this post. I'm surprised by how poorly my original post was received.

Re:Summary?

[Burning1]

Which number would you say appears the most often in that group?

Re:Summary?

[Burning1]

While we are being pedantic...

Main Entry: most
Pronunciation: \ËmÅst\
Function: adjective
Etymology: Middle English, from Old English mæÌst; akin to Old High German meist most, Old English mÄra more â" more at more
Date: before 12th century

1 : greatest in quantity, extent, or degree
2 : the majority of

Re:Summary?

[4D6963]

The population is way large enough to assume with BIGNUMBER% certainty that it follows a normal distribution.

Yes, because everyone knows that distributions in large populations are ALWAYS normal.

I'm being sarcastic. Maybe you should have went beyond Statistics 101.

Re:Summary?

[Godwin+O'Hitler]

You do realise there's such a thing as a skew normal distribution?
Your examples might be skewed bell curves but they're still bells, not inverted bells as 4D6963 was hypothesising. Their cumulative probability is still a nice smooth S curve.
Does their being skewed change how many people fall within the limits you've set for your definition of average? Nope. The majority of people are still average and that applies to all walks of life.

Re:Summary?

[DuckDodgers]

I still disagree.

If you arrived at a college course "Introduction to Ancient Mayan" and the professor announced that starting 10 minutes into the first day, every spoken and written word in the course had to be in Ancient Mayan, most people would drop out or fail the class. Only a few people with spectacular innate linguistic talent would succeed

If the professor made the introduction to the language more gradual, a significantly higher portion of his students would handle the transition. Many would still be unable to handle it, but not as many as if there was a hard switch to pure Mayan a few minutes into the first class.

That's exactly the problem with most instruction in computer science. Most of the students in a Computer Science 101 course have some raw talent in math and maybe some amateur programming under their belt. It's realistic to expect that many can never be skilled software developers and designers. But many others who could do fine with a good introduction to the field will fall behind because the professor hits day one and takes off like a rocket.

Again, this is a subject near and dear to my heart because I struggled like crazy to barely past my first few courses, and now I have many tens of thousands of lines of code in production and generally good performance reviews from both other developers and the QA team.

Is there a transcript? (Don't have time to watch)

[xxxJonBoyxxx]

Is there a transcript? (Don't have time to watch a video...zzz.)

Theo de Raadt may be an asshole

[Jailbrekr]

but at least he is stubbornly consistent. Without it, openBSD would not exist in its current fine form.

That video can serve as a lesson to others on how to manage a project for an extended period of time and keep things consistent and predictable.

Re:Theo de Raadt may be an asshole

[Jack9]

That video can serve as a lesson to others on how to manage a project for an extended period of time and keep things consistent and predictable.

I'd say to limit this "lesson" to an Open Source project, not just any project. His points are good strategic choices, which are well reasoned, even if some of them are incomplete or not fully explained in the length of the talk. He makes caveats throughout the presentation to exclude traditional choices found in commercial enterprise level development due to the heterogeneous BSD development environments. The implementation is a bit touchy feely to be a lesson on managing in private industry imo.

Re:Theo de Raadt may be an asshole

[Vu1turEMaN]

IIRC (even though its not really comparable), LinuxMint moved to the 6 month scheme too and has gotten alot better from it.

J.delanoy is a fucking bastard

He is a fucking Wiki pervert

slides

Geez, guys, it didn't take me even two minutes to find these:

http://www.openbsd.org/papers/asiabsdcon2009-release_engineering/

Re:slides

Hey dude, there's this awesome new tech that allows you to make text or addresses clickable so that people don't have to copy and paste addresses. It's called "magic clicky text" and you can see it in use on the so-called "Global Wide Thatchwork".

Re:slides

[itsybitsy]

hey thanks for posting the link for the slides... this was the first place I looked before the googlizer...

No critical bugs? BS.

While OpenBSD does have an outstanding security record, with good design & separation of privileges, they aren't perfect.

As they say on their website, "Only two remote holes in the default install, in a heck of a long time!"

Re:No critical bugs? BS.

[nethenson]

They should try to do it in the Microsoft way.

MS-DOS: zero remote holes in the default install.

Re:No critical bugs? BS.

[fuzzyfuzzyfungus]

The first 10 megs of /dev/zero have no local or remote holes...

Re:No critical bugs? BS.

They really need a new slogan. 'Only two remote holes...' sounds lame. It doesn't matter whether it is technically impressive or not; it sounds lame. And even then, it's only two remote holes because the default install is almost empty and sets up almost no services.

Re:No critical bugs? BS.

[RiotingPacifist]

2 vs ? This is just the count of kernel vulnerabilities right? obviously this varies by distro but what sort of record do debian/redhat have?

Re:No critical bugs? BS.

[VGPowerlord]

The first 10 megs of /dev/zero have no local or remote holes...

...or ones. ;)

Re:No critical bugs? BS.

This is not just the kernel, it's all remote holes in the default installation. Meaning there have only ever been two (known) vulnerabilities whereby a vanilla install of OpenBSD can be compromised. With the exception of those two holes, any version of OpenBSD is still totally secure today.

Re:No critical bugs? BS.

The first 10 megs of /dev/zero have no local or remote holes...

Well, no remote holes at least.

http://secunia.com/advisories/27030/

Re:No critical bugs? BS.

[machine321]

Not true! Every bit of /dev/zero has a big hole right in the middle!

Re:No critical bugs? BS.

[TheLink]

Seriously though they did kind of do it the MS-DOS way.

By default OpenBSD has very few network services enabled.

Which is why I consider that particular claim rather worthless.

FWIW, OpenBSD's process isn't that great:

http://www.matasano.com/log/720/openbsds-amusing-handling-of-remote-kernel-overflow/

Theo de Raadt's main focus appears to be making sure that he is right (or looks right). Making things better takes second place to that.

I personally prefer the Postgresql process. There's a lot less unnecessary/counterproductive flaming with the Postgresql process.

Re:No critical bugs? BS.

[TheRaven64]

No, this includes the base system, which includes things like SSH turned on by default. It's a bit hand-waving, because the base system also includes Sendmail (default local delivery only), BIND (default: off), a fork of Apache (default: off), and a few other things which have had vulnerabilities but don't count for this total because they are not enabled by default. Even so, it looks better than something like a typical Linux distro (only two remote kernel vulnerabilities in the last six months, plus however many application vulnerabilities you got from all of the extra stuff that's installed by default).

Re:No critical bugs? BS.

[Mashiara]

Any default install that is, you can of course install services yourself and open yourself up to all kinds of surprises.

That said I used to run OpenBSD on firewalls before I decided minimal Linux install is good enough and I don't have to remind me of the BSD:isms when I need to adjust the rules.

It's not to say that the BSD way is somehow inferior but I have enough flavours of *nix to remember as it is.

Re:No critical bugs? BS.

[RiotingPacifist]

Even so, it looks better than something like a typical Linux distro (only two remote kernel vulnerabilities in the last six months, plus however many application vulnerabilities you got from all of the extra stuff that's installed by default)

Obviously i agree it will be better, but most distros have ssh disabled by default, so the only count of remote vulnerabilities is kernel

only two remote kernel vulnerabilities in the last six months

No security conscious distros ship with vanilla kernels, typically its an old (2/3 versions 6-9months) secured kernels that has had most vulnerabilities ironed out, obviously some vulnerability come out that affect all recent versions or all 2.6.x versions but generally counting vulns on the vanilla kernel is a very bad measure, tbh thats why i asked i have no idea how much worse a stable distro is (over its supported life, obviously BSD completely owns if you compare unsupported versions)

Re:No critical bugs? BS.

[1s44c]

While OpenBSD does have an outstanding security record, with good design & separation of privileges, they aren't perfect.

As they say on their website, "Only two remote holes in the default install, in a heck of a long time!"

Indeed you are correct, it is false to state that OpenBSD has never had critical bugs. However the 2 bugs mentioned on their website is an amazing statistic compared to the best serious software vendors like sun, HP, redhat, IBM, etc. have managed.

Re:No critical bugs? BS.

[mzs]

I think errata 013 and 014 fixed http://www.openbsd.org/errata31.html were the best examples of critical bugs making it in for at least 2.5 years of releases. Now of course they were not remote exploits so do not count for those two, but they led to the OpenBSD guys to carefully look for other possible signed/unsigned mistakes in a whole lot of code, and of course they were very serious bugs.

Re:No critical bugs? BS.

[rtfa-troll]

The following simple test shows that /dev/zero is all holes.

bash-3.2$ dd if=/dev/zero bs=4096 count=2560 of=testme
2560+0 records in
2560+0 records out
10485760 bytes (10 MB) copied, 0.0258266 s, 406 MB/s
bash-3.2$ cp --sparse=always testme testmetoo
bash-3.2$ ls -l testme testmetoo
-rw-r--r-- 1 rtfatroll rtfatroll 10485760 2009-07-17 22:01 testme
-rw-r--r-- 1 rtfatroll rtfatroll 10485760 2009-07-17 22:02 testmetoo
bash-3.2$ ls -s testme testmetoo
10256 testme 0 testmetoo
bash-3.2$

Its not...

[Darkness404]

Its not a success until Netcraft confirms it.

Slashdotted???

[jsewell]

Is it possible to slashdot youtube? I tried to watch but the video had these annoying pauses...

Re:Slashdotted???

[Amazing+Quantum+Man]

That was a William Shatner video.

Re:Slashdotted???

Imagine a faceoff between Shatner and Christopher Walken.

That. would be? really. cool!

Congratulations!

[jeffliott]

Most of the respectable security consultants I've worked with have raved about OpenBSD. Unfortunately, all 7 of my computers have some kind of hardware issues with it. I suppose in a way that really puts the BSDs in a similar boat as Apple, regardless of OS X's roots. Less hardware support = stability? Suddenly I'm less impressed.

Re:Congratulations!

[chriscappuccio]

you should try a recent version (like the 4.6-current snapshots)
compatibility with most PC hardware is very good these days, even better than the 4.5 release

3d X acceleration (for slightly older cards) is out-of-the-box as well

Re:Congratulations!

Some of my computers were pretty stubborn with installing, but I don't think I've had any that I couldn't get to work at all.

Re:Congratulations!

That is the secret of its security! OpenBSD is carefully crafted to ensure it either won't run at all, or at the very least won't run long enough for someone to exploit the server. It's really rather clever when you think about it.

Re:Congratulations!

I've never had a machine refusing (or even giving anything remotely resembling trouble) to play ball with OpenBSD. I've worked with it since 1998, and I use it on a very wide range of machines. Then again, I never tried OBSD 1.0 which seems to be what you base your experience on.

Netcraft confims: *BSD is Dying

It is now official - Netcraft has confirmed: *BSD is dying

Yet another crippling bombshell hit the beleaguered *BSD community when recently IDC confirmed that *BSD accounts for less than a fraction of 1 percent of all servers. Coming on the heels of the latest Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as further exemplified by failing dead last in the recent Sys Admin comprehensive networking test.

You don't need to be a Kreskin to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood. FreeBSD is the most endangered of them all, having lost 93% of its core developers.

Let's keep to the facts and look at the numbers.

OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

Recently, Slashdot confirmed that FreeBSD has been bucked away by WindRiver to FreeBSD Mall, for a carton of Winston's and a six-pack of Pabst Blue Ribbon. This only serves to confirm the fact that FreeBSD is unwanted, doomed to be passed around like a harelipped orphan from one foster parent to another.

All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS hobbyist dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Fact: *BSD is dead

Re:Netcraft confims: *BSD is Dying

[floodo1]

7000 users? WOW, thats terrifically small :(

Re:Netcraft confims: *BSD is Dying

[Auxis]

I did a quick google and found an 8 year old /. article saying how BSD is dying. If it's dying, how long is it going to take to finally kick the bucket?

Re:Netcraft confims: *BSD is Dying

[trytoguess]

Well, Windows has been dying for much longer, so who knows?

Re:Netcraft confims: *BSD is Dying

[Anne+Thwacks]

If it's dying, how long is it going to take to finally kick the bucket?

The most reliable estimate to date is

(remaining life of BSD) = (expected total life of Microsoft) * 2 years.

Re:Netcraft confims: *BSD is Dying

[skeeto]

So the remaining life of BSD is in units of years squared?

No Bearded GNU Freaks Why BSD Is So Good

No wacky and nutty GPL kooks.

No screaming diatribes over 'purity' of ideology.

No foaming at the mouth tantrums that someone is using your code and not kissing your fat ugly ass in reverence.

Over the years I've learned that BSD developers are engineers while GPL developers are ideologues - ie. wackos and nutcases.

Thank god BSD is well on their way to ridding themselves of GCC and already have the amazing LLVM compiler tech building the system. The efforts the GNU crowd has done to keep open source developers locked into their compiler is sickening from anyone who likes to believe the open source world is some sort of technological marketplace of ideas compared to the Microsoft world.

Every BSD project I've followed or participated with has been a positive experience due to those types of licensed projects attracting engineers who just want to write good code and want their code to be available and free to everyone to make good use of it.

Re:No Bearded GNU Freaks Why BSD Is So Good

Hi Theo!

Re:No Bearded GNU Freaks Why BSD Is So Good

[Hatta]

No foaming at the mouth tantrums that someone is using your code and not kissing your fat ugly ass in reverence.

Oh, really?

Re:No Bearded GNU Freaks Why BSD Is So Good

[drinkypoo]

Wow, just wow. First, that is not a tantrum. Second, he is 100% correct. Trying to alter someone else's copyright notice is a gigantic legal fuckup. Third, all he asks is a lack of modification of copyright notice, no ass-kissing. Fourth, you are a troll.

Re:No Bearded GNU Freaks Why BSD Is So Good

[Draek]

No wacky and nutty GPL kooks.

But in return you get wacky and nutty BSD kooks.

No screaming diatribes over 'purity' of ideology.

You don't know who Theo de Raadt is?

No foaming at the mouth tantrums that someone is using your code and not kissing your fat ugly ass in reverence.

You definitely don't know Theo de Raadt.

The efforts the GNU crowd has done to keep open source developers locked into their compiler is sickening from anyone who likes to believe the open source world is some sort of technological marketplace of ideas compared to the Microsoft world.

Yeah, how dare they make a superior product, couldn't they have made GCC suck a bit more so the alternatives wouldn't look so bad?

Every BSD project I've followed or participated with has been a positive experience due to those types of licensed projects attracting engineers who just want to write good code and want their code to be available and free to everyone to make good use of it.

Same here, and the same goes for GPL'ed projects. In all cases, its the users (and the ocassional Slashdot troll) who make them look bad. Well, except for Theo's yearly foaming-at-the-mouth, but he's such a talented engineer we're ready to let that one pass.

Re:No Bearded GNU Freaks Why BSD Is So Good

That's not Theo! It was probably Jeff Merkey. Still an asshole, but from Utah.

Re:No Bearded GNU Freaks Why BSD Is So Good

[schon]

Wow, just wow.

My thoughts exactly.

Perhaps you need to read about what started it all before you make further posts. Your ignorance about the entire matter is showing.

Re:No Bearded GNU Freaks Why BSD Is So Good

Is there ANY reason that this amazing LLVM compiler couldn't be GPL-ed?
Before you ask, I didn't mean that its current authors would do it.
I meant, someone from the street picks it up, does some modifications and puts the same back on the net, but with a GPL attached.
How would you feel about it?
Before you start foaming, think about what makes that possible?
Probably the BSD license is not perfect?

Re:No Bearded GNU Freaks Why BSD Is So Good

...and want their code to be available and free to everyone to make good use of it.

This is what the GPL is for, right? It makes sure that the code stays available and free to everyone, whoever's maintaining it.

Re:No Bearded GNU Freaks Why BSD Is So Good

Hi Theo!

Finally, the identity of Anonymous Cowardon revealed!

Re:No Bearded GNU Freaks Why BSD Is So good

Over the years I've learned that BSD developers are engineers while GPL developers are ideologues

Funny, but the ideologies (ethics) has always saved more time, freedom and lives than just implenting something in good faith or idea. In example the BSE disease. Got in so widely because engineers (scientics) and farmers just did what "worked". Giving for cows the bone-meat feed what was done from cows. Many europeans did not even care that it is wrong by it's idea in the beginning. They just wanted to engineer it.

On scandinavia, farmers did not start to use such feed, because it was ethically totally wrong. On europe, the disease spreaded and killed lots of people. But on scandinavia, people were save by using own country meat because it was pure and clean. The ethics and ideas saved lives

The ethics are more important than just the nice code. Rules are more important than freedom. Without rules, you can not maintain freedom. If you want total freedom to your life, you need to give it for others too. But that means that any day, any place and who ever wants, can come and kill you without any reason. Because they have freedom to do so. Anyone would have freedom to blow up the whole world if they just could. That is not freedom or openess. The BSD can be worse because it does not keep such strick demands that everything play nice together and freedom is garanteed. That no one can not rip off the code without giving changes back. No one can not use others work against them.

GPL is nice, but thats it. Nothing else from GNU is not. Which one is more important, the biggest grow, or individuals? GPL garantees the rights of individuals same way as the biggest group as well. BSD gives more rights to individuals

Re:No Bearded GNU Freaks Why BSD Is So Good

[quadrox]

After reading some of the thread it seems to me that while Theo seems to have bit of an over-the-top style to him, I think he is quite correct.

1) He conceded that the whole thing was a problem that needed fixing
2) The GPL people DID repeatedly accuse the developer of theft - not using that exact word but by heavily implying that it was done on purpose (which it may well have been, but that is not the point)
3) Sending this kind of email to a large audience is of course very unnerving for the developer in question. Yes the developer was wrong in committing GPL'ed code, but it certainly COULD have been resolved in a lot more quiet and less messy way. Theo is absolutely right about that.

Re:No Bearded GNU Freaks Why BSD Is So Good

[Rogerborg]

couldn't they have made GCC suck a bit more so the alternatives wouldn't look so bad?

No to worry; 4.3.3 is a big step towards producing a compiler that punches you in the balls without a -Wno_punch_in_the_balls option.

Re:No Bearded GNU Freaks Why BSD Is So Good

[quadrox]

After reading a bit more of the thread... Both sides are wrong. Both sides are overreacting to things that were not really meant to be offensive, but they just don't realize it. It's a bit sad really because I sense that most of the people would prefer to get along.

Theo got it right when he said that you cannot have a cooperation if your first reaction to anything is mistrust. Unfortunately he makes the very same mistake as well. Oh well...

Re:No Bearded GNU Freaks Why BSD Is So Good

I guess this someone will have lots of fun porting all the progress from the original LLVM to his version. This why GPL vs BSD doesn't make a lot of a difference to large projects. The Linux kernel would be fine with a BSD license, because maintaining your own fork would be too costly. This is why companies contribute to it even though they don't have to (because they only use it inhouse).

On a side note that would also make a great flame fest. GPL fanatics will never understand why it is somehow hipocrite to call it "theft" if someone encloses BSD code with his own license, and at the same time take BSD code and enclose it with the GPL. Hint: Doing something you call "theft" makes you a "thief" by your own standards.

Re:No Bearded GNU Freaks Why BSD Is So Good

Where do you get off, referring to the group you obviously don't like as "wackos" and "nutjobs" and criticizing someone for ideological behaviour in the same breath? If I ever see you, expect to be punched in the teeth.

Re:No Bearded GNU Freaks Why BSD Is So Good

[Elwood+P+Dowd]

No screaming diatribes over 'purity' of ideology.

"Oh dear," said comment #28724745, "I hadn't thought of that," and promptly disappeared in a puff of logic.

Re:No Bearded GNU Freaks Why BSD Is So Good

[kelnos]

This crap is marked insightful? Wow.

No wacky and nutty GPL kooks.

No screaming diatribes over 'purity' of ideology.

You do realise we're discussing an article about Theo de Raadt, right? From what I've read, he's just as much of a BSD kook and idealist as RMS is. Just he gets less flak for it because he (currently, at least) is much more respected for his *engineering* contributions than RMS is.

Over the years I've learned that BSD developers are engineers while GPL developers are ideologues - ie. wackos and nutcases.

Wow, so I'm a wacko and a nutcase, and not real engineer? Sorry, not buying it.

Thank god BSD is well on their way to ridding themselves of GCC and already have the amazing LLVM compiler tech building the system. The efforts the GNU crowd has done to keep open source developers locked into their compiler is sickening from anyone who likes to believe the open source world is some sort of technological marketplace of ideas compared to the Microsoft world.

Yes, because everyone is just so completely *required* to use gcc. You can't use icc, Sun cc, MSVC, or anything else once you've even *touched* gcc. The fact that until recently there hasn't been another good open source compiler around says more to the quality of gcc and the lack of commitment or desire on the part of other potential compiler writers than anything negative about gcc. I'm sure LLVM is great, but apparently no one "needed" it until recently.

Man, too bad my mod points from yesterday didn't expire. -1 Flamebait, Troll, Misinformed-Idiot.`

Re:No Bearded GNU Freaks Why BSD Is So Good

[drinkypoo]

After reading a bit more of the thread... Both sides are wrong.

Actually, I think both sides are right and wrong at the same time.

It's difficult to discern why the particular cite that I replied to was cited, though, if the point was to show Theo at his worst. Personally, I'd read threads where he was way more of a dick long long ago... and I still bought the disc and the tee shirt. I care about results, sorry. But then, I act like an asshole on a regular basis. Nothing succeeds like success...

Re:No Bearded GNU Freaks Why BSD Is So Good

[RevDobbs]

No screaming diatribes over 'purity' of ideology.

You've never read misc@openbsd, have you?

Re:No Bearded GNU Freaks Why BSD Is So Good

LLVM is years away from being ready. It's a bit of a circus right now, with pretty much every change introducing a regression...it's been "6 steps forward, 5 steps back" for a while now.

It does have promise, however. Once they get their shit together a bit more, LLVM will be for real. Will I use it instead of gcc to compile my FreeBSD kernel? Probably not, but it'll be nice to have the option.

In my (considerable) experience, the only thing as bad as a GPL nut is a BSD nut. Sadly, there are plenty of both.

At any rate, good job modding the parent up. It may have its share of completely untrue bullshit, but there are also a couple of ON POINT observations in there.

Why OpenBSD's Release Process Works

[milatchi]

What's an OpenBSD?

It works?

[girlintraining]

Let's compare --

Linux (1991--present): The code base has never forked. The release process has remained largely in the hands of Alan Cox and Linus Torvalds throughout its history, and except for some cosmetic differences, patch submission and integration has been handled the same way. Most people consider the two head developers and various major contributors to be, on the whole, pretty nice guys, though the snafu with loading binary blobs, and the driver architecture supporting 'non-free' elements in kernel-space was notable for the high level of frustration on all sides.

OpenBSD (1994--present): Forked from NetBSD (1993--present), who forked from 386BSD (1992--1994), that originally derived its codebase from BSD4 (1977--1995). The history of BSD is a blood-bath of politics leading to forks; Most of the developers of the *BSDs are variously referred to as "difficult, abrasive, etc.," although Theo, to his credit, has had a major change in reputation over the past several years.

Historically, the BSD variants have enjoyed a smaller uptake in the market and casual open source contributors find it difficult to get involved because of cultural/political differences. They also tend to fragment, as noted by the number of variants, which further weakens their position. Linux, on the other hand, likely enjoys a much broader userbase and more contributions due to its more relaxed community standards and the general approachability of its core team. I would say the "release process works", but by feature count, contributions, and hardware support, the process is full of fail. Does that mean it's a failed project? No--I'm just saying that the differing priorities and political/cultural values held by the core developers has had an overwhelming impact. Businesses might appreciate the consistency of the release schedule and the relatively bug-free nature of those releases, but looking at market share it's pretty clear those are not the priorities for most businesses.

Re:It works?

Alan Cox hasn't really been an important figure in Linux for like 10 years.

Sometimes I think most of the people on this site got laid off after the dotcom boom and are just mindlessly repeating a view of the IT world circa 2001.

Re:It works?

Your red thread between Linux never having been forked and BSD as a foundation having been forked many times is completely pointless - OpenBSD itself has never been forked, and that's the only valid comparison you can do in this context.

And Linux dev's not being abrasive and anal? N****h, please... Go follow any forum Mr. Torvalds regularly post in...

Re:It works?

[Piranhaa]

They have different philosophies. I really don't know where you're going with that post because isn't very accurate. You can't compare the "Linux Kernel" with OpenBSD's whole. A kernel is pretty much useless without a "userland." OpenBSD, FreeBSD, NetBSD are all operating systems. Linux, sorry to say, is not.

If you want to compare BSD versions to Linux versions, then you'd have to compare with (in no particular order):
-Gentoo
-Debian - Ubuntu - Xubuntu - Xandros - (how many more are there?)
-Slackware
-RedHat
-Ubuntu .... because I can't even keep track

So, you have a million confusion projects going on based on the code all, called "Linux". How many versions of "OpenBSD" are there out there? Umm, ONE. Sure, someone could go and make their own userland and such, but it cannot be called OpenBSD. So, before you go on a rant about how many times BSD has been forked, please get your facts straight.

Thanks,

Re:It works?

You post as AC and bother censoring anything?

Nigga, please. This is Slashdot.

Re:It works?

[harmonise]

Your post is off-topic from the video and the Slashdot article. This isn't a comparison about how Linux compares versus OpenBSD. The video, if you watch it, is about how the OpenBSD team manages their releases, meets their agreed upon release dates, and makes sure that each release is a quality product.

The points he discusses in his video revolve around conducting adequate testing of the product and having the developers use the to-be-released system rather than throwing something out as a release and moving on. His points about managing the release process are just as valid if they were applied to manufacturing and releasing cars, paper products, or skateboards as they are to operating systems.

Re:It works?

[Troy]

This is somewhat of an apples/oranges comparison. Linux proper is principally the kernel, while the development teams for most *BSD variants manage both the BSD kernel and the userland. While it may be the case (and I don't know for sure honestly) that there are no viable forks of the Linux kernel, that really doesn't provide a fair basis for comparison.

I would suggest that a BSD variant (OpenBSD, FreeBSD, etc) is much more analogous to a Linux distribution than just the Linux kernel. When you frame it that way, I think it is safe to say that there is much more fragmentation in the Linux world than the BSD world.

Re:It works?

[noidentity]

Businesses might appreciate the consistency of the release schedule and the relatively bug-free nature of those releases, but looking at market share it's pretty clear those are not the priorities for most businesses.

And? The article is about how/why they have a consistent release schedule. Since Linux already has a different process, why should BSD adopt the same? If a consistent, stable release schedule is important, use BSD. If Linux is better for your needs use it.

Re:It works?

[girlintraining]

They have different philosophies. I really don't know where you're going with that post because isn't very accurate.

You just said it: They have different philosophies. I'm answering the question of why, and what's come out of those approaches historically.

OpenBSD, FreeBSD, NetBSD are all operating systems. Linux, sorry to say, is not.

I think you're confusing the terms "operating system" and "distribution".

So, you have a million confusion projects going on based on the code all, called "Linux".

No, I believe they call themselves things like "Redhat" or "Gentoo", etc.

So, before you go on a rant about how many times BSD has been forked, please get your facts straight.

Sir, a full exploration of all of the facts and an exhaustive comparison between all the Unix variants has been the subject of many books, panel discussions, conventions, and academic discourses, and has yet to be fully explored. I think that a high-level overview is both more productive, and better suited, for a humble posting on an electronic forum.

Re:It works?

[Just+Some+Guy]

Most of the developers of the *BSDs are variously referred to as "difficult, abrasive, etc.," although Theo, to his credit, has had a major change in reputation over the past several years.

I've never heard that referring to anyone in the BSDs but Theo himself. When was the last time you heard complaints about NetBSD or the FreeBSD core team?

They also tend to fragment, as noted by the number of variants, which further weakens their position. Linux, on the other hand [...]

...is even more fragmented. How many Debian derivatives are there? RedHat? What about Gentoo, LFS, etc.? There's probably more similarity (and shared code) between FreeBSD and OpenBSD than between Ubuntu and Slackware.

Cut the BSDs some love. They deserve it, and there's plenty to go around.

Re:It works?

[girlintraining]

The video, if you watch it, is about how the OpenBSD team manages their releases, meets their agreed upon release dates, and makes sure that each release is a quality product.

Yes, and I'm noting that various cultural and political influences that come from the core developers have a substantial impact on all of the above, and then comparing those influences in similar projects (ie, Linux).

His points about managing the release process are just as valid if they were applied to manufacturing and releasing cars, paper products, or skateboards as they are to operating systems.

And I don't think anyone's going to argue there's a different corporate culture at Ford than Toyota and it translates directly to the products those respective brands produce.

Re:It works?

The original BSD code base was maintained by UC Berkeley and a bare bones system that was used as the basis for many industrial operating systems (e.g. SunOS). It was never meant to be a full fledged operating system for all usages, so different groups forked in order to target special niches. Similarly System-V would be considered forked (e.g. Solaris). Generally one considers both a base design, as neither were mature enough or managed in way to solve all of the purposes that were spawned.

386BSD was a port of 4.3BSD to x86 and when development ceased then NetBSD and FreeBSD were created simultaniously to continue development.

It was only the NetBSD/OpenBSD clash that was a political/cultural difference. All others were natural progressions given the maturity of the industry, communication technology, and specializations required. The primary reasons that Linux became successful was (a) the BSD lawsuit, (b) IBM. The SVLUG was one of the earliest user groups and its archives site members stating that they switched communities due to concerns at the time. Still, both were equally popular until IBM became involved in the late 90s promoting it with their illegal spray painting all over San Francisco. As IBM was a hardware company, the GPL was more attractive than the BSD license due to restricting competitors (Sun) from leveraging IBM's contributions. Before IBM's commitment and promotion of Linux, which was followed by other big vendors like SGI for similar reasons, FreeBSD was arguably more popular (e.g. it was adopted by EBay, Yahoo!, and other startups).

Re:It works?

[MeNeXT]

Marketshare? What does market share have to do with this? OpenBSD is for security. Secure out of the box. Joe six pak has no need for security. So OpenBSD is not for them. FreeBSD has stability, standardization and has been consistent since almost it's inception. If you like BSD and need it to run on obscure hardware then NetBSD is for you. If you wish a stable desktop Linux or one of it's flavors. Linux is also a good server. Mac OS X is great if you want user friendly and can be customized if need be. Windows is great because everyone thinks they can support it and it runs a lot of business software.

Each and every one has its pros and cons and I'm glad that I CAN choose which I will use for a specific task. I couldn't see myself committing to any one in particular for all of my computing needs.

As for people who choose the OS based on market share, all I have to say is good luck with that...

Re:It works?

[lokiomega]

Mod parent up, and hope that girlintraining doesn't have anything else senseless and snarky to say.

Re:It works?

[timmarhy]

explain the difference between an operating system and a distribution? oh i c there isn't any.

and redhat still calls itself redhat LINUX you spastic.

Re:It works?

[perlchild]

He's not confusing operating system and distribution. The D in BSD is for "Distribution", they practically invented the term.

It's a new idea, though, to have a distribution that wasn't responsible for the kernel. And several terms, like platform, and operating system, were inveted to differentiate from distribution as a result. IMHO, companies(corporate clients) do not confuse platform, operating system, or distribution, they can only evaluate(assign a value to) a distribution, a set of software tested together that works as a whole and was tested, validated. Third party software gains value by similarly, being written for a coherent set of software tested to work together.

Windows isn't a platform, it's a of distro(each edition, home, professional, ultimate is one distro actually, which share enough code to actually have some third party software that works across distros). Linux isn't a platform, but you can get many distros based on it. Operating System and Platform are useful theoretical concepts, and can be of use, usually outside the business context, but when it comes to corporate clients, and business environments, openbsd is a distro.

Each unix variant is a distro, and some variants(like trusted solaris) vary enough from the main distro to be considered a distro in its own right. I posit that seeing things this way reduces confusion.

That software like alien allows some(well written, or limited-enough) software to work across distros is an accident, and detracts from this simple, can explain it to grandma definition.

"Can I buy solitaire for windows vista ultimate edition?" gets an unequivocal Yes/No answer, and she can know if she has ultimate edition straight on the box.

The term platform should be restricted to software like java or lua, that's (mostly) interpreted, and works across distros, by bypassing the distro entirely, and usually reinventing the wheel quite a bit.

Re:It works?

[Psychotria]

A kernel is pretty much useless without a "userland." OpenBSD, FreeBSD, NetBSD are all operating systems. Linux, sorry to say, is not.

Stop trying to redefine the term "Operating System". The rest of what you said might have merit, but once you tried to force your (wrong) interpretation of "Operating System" onto others I lost interest. Please explain to me and others how Linux is not an operating system.

 

So, before you go on a rant about how many times BSD has been forked, please get your facts straight.

How about you following your own advice?

Re:It works?

[man_of_mr_e]

I disagree. The "forks" from original BSD weren't really forks. They were Berkeley giving up on it and letting others take over.

Most of the various BSD's are "forks" because they have different purposes. OpenBSD is security oriented, NetBSD is intended to run on vritually everything that has a CPU, FreeBSD was intended for more mainstram use.

The only real "schism" I can think of is when Matt Dillon broke off and formed DragonFly BSD. Everything else was pretty much some guys saying "I'm gonna go off and do this instead".

There may not be any real Linux "forks", but that's because Linus has tried very hard to make Linux "one size fits all", and that has resulted in its own set of problems (see the various scheduler wars, for instance.. they were bloody). There are also any number of "branches" in which different patches are applied to the mainline kernel for different purposes.

Re:It works?

[iggymanz]

a kernel, (in the past also called a "nucleus: or "core"), is the central part of the operating system that manages resources and allows other programs to use those resources. In operating systems, say OS for the IBM mainframe or VMS for VAX, not only is there included that core but also utility programs for systems administration tasks. So Linux by itself is just a nucleus or kernel or core, while FreeBSD, DragonFly, NetBSD, and Mac OSX include not only a core but utilties to form a complete OS easy for anyone older than any operating system to know the difference.

Re:It works?

[Nimey]

Another schism was when de Raadt was booted from the NetBSD team and formed OpenBSD back in the mid '90s.

Re:It works?

[calmofthestorm]

Operating system: Kernel and base userland. e.g., GNU-Linux
Distribution: Operating system and software library

Re:It works?

[rbanffy]

They are all GNU/Linux. You can't compare BSD to the Linux kernel, but you can compare it to the Linux kernel plus the GNU userland.

The fact there are different distros that share slightly off-sync versions of a common base continuously forking and merging back makes for a more interesting history than the, as the GP aptly described, BSD fork bloodbath.

BSD is for those who want to write free software, while GPL is for those who write free software and want it to be free forever. They may be called ideologues, but you can't question the GPL side of the fence breeds greater diversity and a richer ecosystem.

Re:It works?

[grub]

Another schism was when de Raadt was booted from the NetBSD team and formed OpenBSD back in the mid '90s.

In hindsight, that was probably one of the best things to have ever happened in Free-OS-Land. I sure am happy it did.

.

Re:It works?

[socceroos]

+1 Slapdown

Re:It works?

[girlintraining]

I disagree. The "forks" from original BSD weren't really forks. They were Berkeley giving up on it and letting others take over.

Berkeley "gave up" exactly once, in 1995. And it wasn't because they made room for others, but because of USL v. BSDi, a lawsuit that probably created the conditions for Linux to rise to power in the first place. Linus himself once said that had there been no legal ambiguity regarding the BSD code base, he probably wouldn't have started a completely new project from scratch.

Second, since you may be unaware of what a "fork" means, it's simply a point where developers take the existing code and then begin independent development on it. With the exception of Minix and Linux, every UNIX-like operating system has its code base derived from the original Unics in some fashion. Every UNIX variant EXCEPT Minux and Linux has forks that trace back to that.

Re:It works?

[IntlHarvester]

I disagree. The "forks" from original BSD weren't really forks. They were Berkeley giving up on it and letting others take over.

Most of the various BSD's are "forks" because they have different purposes. OpenBSD is security oriented, NetBSD is intended to run on vritually everything that has a CPU, FreeBSD was intended for more mainstram use.

First of all they weren't forks directly from Berkeley, they all forked from a dead OS called 386BSD that had a lot of development problems.

Second, everything I've read on the topic indicates this was very much personality-driven and related to 386BSD politics. The "reasoning" behind each BSD was something that was developed later.

In an ideal world, I suppose, 386BSD would have been managed better and there would be no forks.

Re:It works?

[ripratm]

Stop trying to redefine the term "Operating System". The rest of what you said might have merit, but once you tried to force your (wrong) interpretation of "Operating System" onto others I lost interest. Please explain to me and others how Linux is not an operating system.

No, he's correct. Linux is not an OS its a kernel, pure a simple. You can download the latest version of "Linux" from kernel.org but but you can't to anything with it. You can't burn it to an iso and boot it. Now Red Hat Linux is an operating system, because they bundle the kernel with GNU but "Linux" is not. OpenBSD is an OS, it contains a kernel PLUS everything else needed to perform functions. Linux is like car engine but with out the rest of the car is pretty useless.

Re:It works?

[dbIII]

A couple of points. First not everyone regards the binary blobs as a truly horrible situation - we are talking about linux here and not hurd. Linux is not a gnu project and most of those frustrated "on all sides" were from the outside looking in without contributing a single line and were even at times working at cross purposes (eg. RMS demanding that gcc stop working on linux only optimisations becuase that wouldn't nelp hurd).
In the second case I think you are trying to compare success vs exceptional success, like comparing a mystery novel that sells hundreds of thousands of copies per year to the entire Harry Potter series. Not even hurd is a failure since it is still an ongoing project and people use it. With BSD a lot of work has been done and a lot of people use it.

Re:It works?

When someone says they run OpenBSD, you have a very clear picture as to what kernel, compiler and userland they are running. When someone says they run Linux, the best you can hope for is that they actually are using the Linux kernel. That's the difference between an operating system and a distribution.

Re:It works?

[dbIII]

No.
Bash, ash, ksh, csh, zsh, busybox or whatever are all applications so forget about the "base userland" and forget about the gnu tools despite it being a politically astute move to change the name to advertise a completely different project.
All this silly redefinition is from the Microsoft courtcase years ago where it was proposed that a web browser was an integral part of the operating system. The judge took expert advice and ruled that such a definition was utter bullshit. Unfortunately it stuck in a lot of minds (with the help of a lot of marketing) and now every newbie that has just got over the idea that the beige box is more than just a "hard drive" thinks that a solitaire game is part of what a computer professional would call an operating system.
close, but for the textbook definition refer to the f* textbooks.

Re:It works?

[pathological+liar]

I've never heard that referring to anyone in the BSDs but Theo himself. When was the last time you heard complaints about NetBSD or the FreeBSD core team?

Matt Dillon, before the FreeBSD -> DragonflyBSD split. I liked him, there were plenty of people who felt otherwise though. I don't pay attention to NetBSD.

Re:It works?

[Zancarius]

And I don't think anyone's going to argue there's a different corporate culture at Ford than Toyota and it translates directly to the products those respective brands produce.

Yes, there's a different corporate culture, but it has less to do with the product than with the fact that Ford and Toyota are for profit institutions. Although, be they for profit or not, that still doesn't negate the OP's point (I'll quote the whole thing since you only quoted his last sentence and some readers might be entertained to take it out of context):

The points he discusses in his video revolve around conducting adequate testing of the product and having the developers use the to-be-released system rather than throwing something out as a release and moving on. His points about managing the release process are just as valid if they were applied to manufacturing and releasing cars, paper products, or skateboards as they are to operating systems.

Please correct me if I'm wrong, but it seems that you're implicating the OP was incorrect in suggesting that Theo's points are applicable to industry as a whole? The part I quoted (emphasis mine) seems to be good advice for any firm, regardless of product, service, or creed. I'd appreciate clarification if you would be so kind.

Re:It works?

[Secret+Rabbit]

Um, there's kind of other stuff in there as well. Like, Linux (kernel) being written from scratch and using the userland developed from scratch by others and the BSDs coming from a corp and then being subsequently re-written so that no corp code was left in the code base. Lots of suing in there as well (corps don't like such things). Etc, etc, etc.

Also,

"""
but looking at market share it's pretty clear those are not the priorities for most businesses.
"""

That is sophistry (at best). The reason why there is more "Linux" out there is because there are more zealots of that nature. But, even then, it's arguable that there aren't. I can't tell you how many "Linux" people I've run into that have a couple "Linux" boxes running apps, yet there entire perimeter is running OpenBSD and then some. The only thing that can really be said is that the "Linux" people are a hell of a lot more loud than the BSD people. And that makes the (anecdotal) numbers quite unreliable.

I could go on about "Linux" being a buzz-word, etc, etc, etc. But, I'll stop there.

Re:It works?

[klui]

Boot the Linux kernel and nothing else. What can you do with it? Not very much, therefore, just the kernel is not an operating system.

Your original post states that the Linux code base has never been forked you imply that OpenBSD has. I don't think OpenBSD has been forked after its creation. Who really cares what the code's history was before it became OpenBSD? This article is about OpenBSD release engineering. If it were about BSD release engineering, you would have a point.

Re:It works?

[neural.disruption]

Lets Get The Facts: Most BSDs - Kernel code is significantly different - Operating Systems
Most Linux Distributions - Kernel code is mostly the same - Distributions

So you can say they share a initial common base (4.4BSD in the case of Free and Net, since Open is a Fork of Net), but I welcome you to compare the code between them and then compare it between Linux Dists and see for yourself the difference.

Saying they're the same is the same as saying Solaris and HP-UX are the same(because they share a common base in System Vr4).

Re:It works?

[SavTM]

Sir, a full exploration of all of the facts and an exhaustive comparison between all the Unix variants has been the subject of many books, panel discussions, conventions, and academic discourses, and has yet to be fully explored. I think that a high-level overview is both more productive, and better suited, for a humble posting on an electronic forum.

Actually, there is a dichotomy between OpenBSD and all other operating systems. Theo's political stances have brought a lot of problems for the development of OpenBSD as compared to other BSD dstributions, but at their core, the OpenBSD devs are concerned with server security, open code and open protocols and not necessarily the latest features. This process is called security auditing.

They still have only a generally limited window manager, but without the plodding devotion of the OpenBSD team, many binary WiFi blobs (that have been reverse engineered by the OpenBSD team) would still be enabling security breaches while legitimate users were none the wiser. SSH, and the use of remote terminals for all operating systems, have been vastly improved because of the OpenBSD project and it's (simple) minimum requirements which are generally unmet by the commercial software industry.

Whether or not the OpenBSD platform ever grows into a popular client for web-browsing and document editing, it seems as if the community of developers using OpenBSD for their work have definitely succeeded as administrators over the years. And because of the license BSD provides to developers, all of the code in OpenBSD can be used in other projects, whether or not those other projects meet the political standards of Theo de Raadt.

Re:It works?

When was the last time you heard complaints about NetBSD or the FreeBSD core team?

When was the last time you heard ANYTHING about NetBSD or the FreeBSD core team?

Re:It works?

They have different philosophies. I really don't know where you're going with that post because isn't very accurate. You can't compare the "Linux Kernel" with OpenBSD's whole. A kernel is pretty much useless without a "userland." OpenBSD, FreeBSD, NetBSD are all operating systems. Linux, sorry to say, is not.

And you just dont know anything about operating systems and kernels? Didn't you know that the monolith kernel is the operating system and nothing else? FreeBSD, OpenBSD and even NetBSD are all monolithic kernels. All those kernels are the operating systems. There is not such OS as GNU/Linux. Monolith kernel is the operating system structure where the whole OS runs alone in kernel space as one binary. Even that OS is monolithic, it can be modular in filesystem leve, but not on binary level. You can have all drivers as own files but when they are loaded to RAM, they are exactly the same way integrated to kernel as they would be the one giant binary blob on disk.

The microkernel is different thing. Now you are referring Linux as being such. The microkernel ide.a is to slice down the OS for multiple parts that are all protected from errors. You do loose speed (10-50%, in theory) of OS functions but you are better way protected (in theory).

The microkernel is the OS what is sliced to tiny kernel and userspace OS servers. The kernel itself exist alone in the kernel space in the pure form of microkernel. While all the OS servers runs as protected processes to it. Every OS server runs as supervisor mode with the microkernel and they all builds up the whole OS.
The monolithic OS structure is different. It is the original way to build up the Unix OS like BSD or HP-UX or SunOS.

On microkernel-based operating systems the OS needs a kernel. Just like kernel needs the OS servers.it
On monolithic operating systems the kernel is the operating system. The kernel does not need anything outside of kernel space to build up a operating system. The monolithic kernel runs alone as supervisor mode.

In the shortest and most accurate definition of the operating system is, it is the that part of the software system what runs in the kernel space or as supervisor mode.

When you talk about FreeBSD or OpenBSD or NetBSD you are talking about monolithic kernels. But the marketing is different too because all those three BSD OS's use own userland tools and mixtures as well and same way many belives that the OS is something else than the monolithic kernels.

Even the XNU, the operating system of mac osx has parts of FreeBSD. The Darwin project (what is XNU OS + Apples own development tools) is such version that you can use mac osx architecture on it. XNU has driver kit and mach microkernel and FreeBSD OS servers doing some parts of it. XNU is marketed as hybrid kernel, but it is just marketing. It is true microkernel-based OS where just some of the OS servers has moved from userland to kernel space, but still not integrated in binary level to kernel itself like on monolithic OS.

There are few other microkernel-based OS's like NT or Minix and Hurd. Few monolithic OS's are Linux, FreeBSD or NetBSD or OpenBSD and SunOS, HP-UX and so on.

Just for example.
http://www.usenix.org/publications/login/2006-04/openpdfs/herder.pdf

If you talk about Linux or Linux kernel. You talk about the operating system. If you talk about GNU/Linux, you talk about development platform. If you talk about GNU/Linux/Xorg/Gnome/Firefox you talk about software system and if someone else takes that and modifies it littlebit and distributes it for other people, you talk about different Linux distribution. It is clear and simple as that.

Simple basics.
http://www.topology.org/human/?a=/linux/lingl.html

No one, does anything just with the OS. They need other software, libraries and programs to build up applications what they can use to drawn UI's and write some memos and send email and download p0rn and watch it with videoplayers. Without OS like Linux (kernel), all those are not working at all (unless you code them to work on bare hardware alone)

Re:It works?

[TheRaven64]

I don't think OpenBSD has been forked after its creation

I beg to differ, and both users of the fork will be very upset to hear you say that. Forks do exist in the BSD world, but they share a lot of code. MidnightBSD is a fork of FreeBSD, but has incorporated a lot of code from NetBSD and OpenBSD. DragonflyBSD is a fork of FreeBSD and if you read the commit logs from either you will see 'code merged from {the other one}' in a lot of cases. As an example, the unionfs code from 4BSD had bitrotted in all of the recent BSDs over the years and was not working for a long time (the man page came with a big 'this does not work' warning). It was fixed in Dragonfly and FreeBSD imported it last year.

Forking is not necessarily a bad thing. Forks tend to occur in the BSD world when different developers have incompatible goals. As long as the licenses remain compatible, code can flow in both directions, so any time their goals overlap, they can benefit from each others' work.

Re:It works?

Debian, RedHat, Slackware and many others are distributions. Not OS's. The Linux kernel is the monolithic OS. You do not have variants from it like you have from BSD. From BSD you have NetBSD, FreeBSD and OpenBSD and all are monolithic OS's like Linux (kernel). Those projects just uphold all the userspace software as well together with other parties. There are distributions of those OS's as well. Like PC-BSD from FreeBSD.

OS:
Linux
FreeBSD
NetBSD
OpenBSD
SunOS
XNU
Hurd
Minix
NT

Variants:
of BSD
FreeBSD
NetBSD
OpenBSD

Distributions:
of NetBSD
PC-BSD
BSDBox ....
of Linux
Debian
Slackware
Gentoo
RedHat
SUSE

distributions derived from other distribution:
Ubuntu from Debian
Xandros from Debian
SUSE from RedHat
Mandriva from RedHat
Kubuntu from Debian ....

Re:It works?

[TheRaven64]

The line is slightly blurred, however, because most Linux distributions include a number of patches on top of the vanilla kernel. I don't know if it's fixed now, but for a while RHEL was not ABI-compatible with vanilla Linux; they added a new flag to one system call, and later Linus used the same flag to mean something different. It didn't matter for most code, but if your code used this system call with this flag then it would do different things on RHEL to other Linux systems.

They're much closer than any two BSDs, but possibly not much more different than the first release of Dragonfly BSD was from FreeBSD, or the first release of OpenBSD was from NetBSD.

Re:It works?

[Rogerborg]

Boot the Linux kernel and nothing else. What can you do with it? Not very much, therefore, just the kernel is not an operating system

Not a userland operating system, no. Do you have some point to make that isn't based on willful ignorance of the preponderance and relative importance of userland vs embedded systems?

Re:It works?

[TheRaven64]

I've never heard that referring to anyone in the BSDs but Theo himself. When was the last time you heard complaints about NetBSD or the FreeBSD core team?

If you haven't, then I'll be the one to say it. About 18 months ago, I wrote a series of articles about the major BSDs. I approached each of the teams with a series of questions and got varying responses:

OpenBSD: Marco Peereboom chased all of the other developers and made sure I got detailed and interesting answers from them. More recently I've written an article about OpenBSD on ARM platforms and got some great material from Dale Rahn, the maintainer of the ARM ports. At all times, the team was friendly and helpful.

NetBSD: Geert Hendrickx took my questions, forwarded them to whoever he thought would be best able to answer them, collected the replies, and sent them back. He did the same with follow-up questions, and I ended up with a great set of quotes for the article.

Dragonfly BSD: Matt Dillon personally answered all of my questions in detail. He even managed to convince me that 1:1 threading was a better idea than M:N in the process.

FreeBSD: No replies for about a month. When I sent a follow-up, I got one abusive reply ending with 'never contact me again'. I forwarded this to one of the other developers, and received an apology, but no useful material.

In the end, I decided to drop the FreeBSD article from the series; I wasn't being paid enough for it to deal with the FreeBSD team. It's a shame, because I like FreeBSD as an operating system - it's my main development platform - but I'm glad I don't have to work on the project.

Re:It works?

You can't throw the BSDs and Linux in the same list. Linux is just the kernel. The BSDs contain the userland and the ports collection (somewhat like the package managers for Linux).

While there are also alternative distributions like PCBSD or FreeNAS, it is still true that FreeBSD, NetBSD and OpenBSD are distributions as well. The relation of FreeBSD to PCBSD is like Debian to Ubuntu, not like Linux to Ubuntu.

You just can't compare them like that. And even if you only consider the kernel of the BSDs and Linux you can hardly compare their fragmentation. The Linux development cycle is based on fragmentations. There are thousands of forks that get eventually merged to the mainline. BSD development is more centralized. But the different BSDs also exchange code between their kernels. It is not unusual that features of one BSD are merged to the other BSDs, if they consider them worthwhile for their goal.

That is another very important difference why the kernels are hard to compare: Linux is a jack of all trades. It wants to be everything to everyone. The BSDs have more precise visions of the use of their OS. So they have different requirements on the features they include.

So to conclude: comparing the fragmentation of the Linux kernel to the BSD OSs is futile in every respect.

Re:It works?

[petrus4]

Theo's political stances have brought a lot of problems for the development of OpenBSD as compared to other BSD dstributions

Theo has two things which the majority don't; a) intelligence, and b) a spine. As a result, he makes himself unpopular.

His presentation's entire point was to illustrate how much more effectively he is able to do things, than either corporations, or delusional idiots like the Debian developers who think they're doing a smashing job, but then don't understand why they take years to get releases out the door.

Accept it, Linux people. Linux. Is. Inferior. To. The. BSDs.

I know you don't like that. I know it upsets you. It is, however, the plain and simple truth.

Re:It works?

Even if you don't agree on the definition of OS, that still doesn't make FreeBSD just a kernel.

Re:It works?

[neural.disruption]

Yes but today most linux distribution are as close to the other as they ever were 10+ years ago. They still use the same kernel (I admit with minor patches but still essentially the same), they do not start modifying the kernel to suit the distribution needs and because of that they remain a distribution: a bunch of programs on top of an operating system that in essence is the same for everyone of them.
That is not the case for most today's BSDs they evolve without fear of modifying the OS from which they derive as independent OSes with independent goals.

RHEL, I think, is another case, if I remember correctly RHat initially modified the kernel to suit its needs never intending much cross-compatibility.

Re:It works?

There is also AErieBSD. And all of their zero users will be upset with you.
MirBSD is done by a proprietary crap lover that wants to move to Linux to have more of his proprietary ways.
AErieBSD isn't even "done".
Both were born from dissidents who thought they were better than Theo.
Sadly, they weren't.

Re:It works?

[diegocgteleline.es]

Alan Cox hasn't really been an important figure in Linux for like 10 years.

10 years? I disagree, it hasn't been that long, it'd say 5 or 6 years, since 2.5 started and akpm became the Linus' right hand. And while he has not been as active as he used to be, he still contributes quite frequently (50 changes in 2.6.30, 1032 in the last 10 versions), and he is quite active in the mailing lists. And the kind of work he does is not exactly easy, in the last year he has been fixing the tty locking, a long overdue task that not many hackers (if any) dared to do. He has also been a quite active libata/ide contributor (including new drivers), maintains the 8250 serial driver and edac related things, an sends patches that touch many other places of the tree. He has not the reponsibility he used to have, but i wouldn't say he is not an important figure

Re:It works?

[Lockblade]

Accept it, Linux people. Linux. Is. Inferior. To. The. BSDs.

That may be true, but it still isn't the right tool for many jobs. It makes a great server, but I wouldn't put it on the family computer.

Re:It works?

[Piranhaa]

No, I believe they call themselves things like "Redhat" or "Gentoo", etc.

Okay. So why is the name of Gentoo's website "Gentoo Linux -- Gentoo Linux News" then? Because if it was simply called Gentoo, people wouldn't know what the heck it is. A lot of people I come across still don't know what Ubuntu is, but as soon as you throw the term Linux at them, they at least have some idea of what you're talking about.

You just said it: They have different philosophies. I'm answering the question of why, and what's come out of those approaches historically.

The philosophy of Linux is to make a kernel and modules, nothing more. OpenBSD's is to make the kernel, modules, userland and even side projects to benefit everyone (OpenSSH, OpenBGPD, OpenNTPD, OpenCVS), and to be as secure as possible. They have regular code audits to fix up bugs and make it more secure. Sure, this makes it less bleeding edge than say Linux and FreeBSD, but it pays off. Remember, there isn't a one-size-fits-all OS, just like how a Swiss Army Knife doesn't do everything very well.

But, let's not get too off course here... You are still comparing a company that simply makes an engine, versus a company that makes the engine, seats, body and the rest of the car. The number of forks that happen in the Linux community is very high. Maybe the kernel forks aren't, but if you start including the userland (which you should be, to do a proper comparison) the number skyrockets. How many distributions have forked from Debian alone? I know of (but there are plenty more): Ubuntu, Damn Small Linux, Xandros, Knoppix, BackTrack, Linspire, and LinEx. Hell, there are forks of forks of forks as well.

But as another poster mentioned, the past isn't important. Look at things in the present and how well they are going for the OpenBSD team.

Re:It works?

There are members of the FreeBSD core team who are excessively rude and "abrasive", specifically Kris Kennaway. You can peruse many of the FreeBSD mailing lists and find him repetitively arguing with other developers and end-users alike. Occasionally he's tolerable and even civil, but many of his personality traits mimic that of another FreeBSD developer who might as well be part of Core as a result of his extensive work: Dag-Erling Smorgrav. Dag-Erling has been recently fixing the large number of warnings output during buildworld/buildkernel, which is a noble effort -- but is also the sole maintainer/author of OpenPAM, which has many bugs (leaking fds and other oddities, some of which affect Dovecot), and hasn't been updated in nearly 4 years. But back to his behaviour: like Kris, peruse the mailing lists and you'll find him flaming people left and right, being rude constantly. The best part is that you will always find these two at BSD conventions hanging on one another like flies on shit.

On the other hand, FreeBSD Core members such as Robert Watson, Philip Paeps, Brooks Davis, and SATO Hiroki are incredibly friendly, fun to work with, talk to, discuss things with, and are always kind, even to those who they disagree with. Robert is probably the best example there is of someone in the FreeBSD development group who actually listens to opposing views and discusses -- not debates -- them. Another individual, who is not part of FreeBSD Core (but should be) is John Baldwin; friendly, and highly technical. Many of his commits are worthwhile, and he understands the need to improve FreeBSD for server environments. John truly improves the OS and fixes low-level bugs. Another worthy mention is Matt Dillon of the DragonflyBSD Project, who is an amazing individual -- if you mail him, expect a verbose, well-written, friendly response that answers your question.

On the other side of the fence you have developers who are constantly missing in action, such as Soren Schmidt (original author of the FreeBSD ATA layer) and David O'Brien. Look through some open FreeBSD PRs; you'll find many assigned to these individuals which have gone untouched and unanswered for literally 3-4 years, and some of which even include working patches to address the problems -- yet are not committed. I remember seeing a FreeBSD Wiki page which documented known bugs and broken behaviour in the FreeBSD ATA layer, and other areas of the kernel as well; this should come as no surprise. FreeBSD still lacks NCQ support, despite supporting AHCI; another example of how slow the evolutionary process is with BSD.

With regards to BSDs as a whole, as someone who has been a part of their development since 1995, I can assure you the stereotypes presented (behaviour and attitudes that are aggressive, rude, arrogant and often argumentative) are accurate. They do not apply to all developers, but they apply to many -- especially those who are in key roles or maintain key components. OpenBSD's Theo is just an extreme example.

Key Linux developers, on the other hand, are very similar in this regard. Linux application (userland) developers, on the contrary, are not (as a majority). Most of those developers want to accomplish goals and do so -- while in BSD-land, application (userland) developers often find themselves "stuck in a rut" because the kernel or device layer contains bugs or lacks proper ioctl support for what they're trying to interface with. Opening PRs, sending Email to the responsible committer or maintainer, or even posting to mailing lists, often results in one of two things: a) silence, or b) replies from other developers or end-users who want to "do battle" rather than address the core issue.

What people need to understand is that the number of eyes developing and supporting Linux (I'm referring to kernel, device support, and ABI) is significantly greater than that of the BSDs, and this is where Linux has the upper hand. The BSDs have a very strong, supportive userbase, but the number of developers who actually

Re:It works?

[david_thornley]

The reason why there is more "Linux" out there is because there are more zealots of that nature.

Once you leave /. and your basement, you'll find that zealots are awfully thin on the ground. Even among people who run some sort of Unix (not even counting Mac OSX), there's not that many zealots. There are people with preferences for one license or another, but even FSF zealots will run BSD-licensed software, and there's a lot of people who dislike the GPL but run Linux.

The way to popularity is to appeal to people who aren't zealots, since they're a far larger market than people who are. Linux has done an excellent job of that compared to most BSD systems, and if you're a fan of OpenBSD or whatever you might want to figure out why. Blaming popularity on zealots is like looking at a complicated natural phenomenon and saying "God did it, no point in investigating." It may make you feel better, and it's even conceivably true, but it makes progress impossible.

However, you are correct in that far more desktops run a BSD-based system than a Linux system. MacOSX is a BSD Unix, pushed by a company that doesn't have FOSS zealotry, and which includes components with BSD and GPL licenses.

Re:It works?

[kelnos]

So, you have a million confusion projects going on based on the code all, called "Linux". How many versions of "OpenBSD" are there out there? Umm, ONE. Sure, someone could go and make their own userland and such, but it cannot be called OpenBSD. So, before you go on a rant about how many times BSD has been forked, please get your facts straight.

Well, while you are correct in the distinction between the BSDs being full package-deal OSes, whereas Linux is just a kernel, and the better comparison would be between the BSDs and the various LInux-based distros, there's another way of looking at it, which I suspect the original poster was actually talking about.

The three main BSD *kernels* (Free, Open, Net... and should we count Dragonfly too?) are all forks of an original BSD kernel. They've diverged quite a lot, and in the unlikely event that they wanted to reunify, it would take many years of work to combine them all into a single kernel... if it's even possible.

On the other hand, there is really just one Linux kernel. Yes, there are small, (comparatively) short-lived forks. Most distros ship patched kernels, and some independent patchsets exist, but they tend not to diverge too much, or, when they do, usually diverge due to patches and driver support backported from later kernel versions. Many patches in distro kernels get pushed upstream. While they are technically forks in the real definition of the term, they're not anywhere in the same league as the differences between the various BSD kernels.

So while it's not true to say Linux-based OSes don't fork all the time (there are hundreds of them), it is, for practical purposes, safe to say that there is pretty much one Linux kernel. You can't say the same thing where BSD kernels are concerned.

Whether or not this really matters for any practical purpose is up to the reader to decide; it may just be an academic exercise to recognise the difference.

Re:It works?

Alan Cox has been maintaining the 2.4 line since 2.6 went stable... well maybe it's not important for you, but he still seems to be #2 in Linux kernel hierarchy. Not mentioning his, even though occasional, kernel submissions.

Re:It works?

That is true, but it doesn't change the original statement's truth either. It didn't say Alan Cox is *currently* managing the release process. Read it again.

Re:It works?

Bah.
Linux is a kernel.
O/N/F/BSD are complete os.
How many linuxes are there?
Linux and the BSDs are all good and have their advantages and disadvantages.
For stability, efficiency, network and security we all have to admit OBSD is at the top.

Similar to Ruby...

[tcopeland]

...at least, in that Matz releases a new version at Christmas each year. For example, here's his Christmas post from Dec 2004 for Ruby 1.8.2. Way back when!

Re:Similar to Ruby...

As in, no one really uses it?

Debian

[kabloom]

This sounds a lot like Debian's release process. Debian's primary release delays in the past have been infrastructure issues rather than software stability issues -- things like getting the right set of architectures on their mirrors, or getting security infrastructure set up for the new release.

I may very well be that the thing that makes this work is not only the release management practices, but also whatever they do to avoid security problems in the first place.

Re:Debian

[kabloom]

Offtopic? I think I should clarify. I may very well be that the thing that makes OpenBSD's process work in six-month intervals is not only the release management practices, but also whatever they do to avoid security problems in the first place.

Is the OS as good as the Art?

[Sir+Hossfly]

I couldn't finishing watching the video...(sorry guys...I bet there was some great info in there tho)...I'm not as developie. Anyways...Check the freaking art on their site! Developer Dudes...You change your marketing style just a bit...You'll get people asking for your disk...and then they might even install and try out your OS. Make the two forms of art work together. Developing + Painting...merge the right combination...then...\m/()\m/

Why is Theo trying to help Microsoft?

[Shag]

The reasons, mechanics and social workings of our process have never been detailed outside the project, but now will be, hopefully providing some insight to others who face delays and quality issues with their own product lines.

He's clearly talking about Microsoft here, but why would he want to help them?

Re:Why is Theo trying to help Microsoft?

He's not talking about MS, you tool. Fedora Core fits that description.

Re:Why is Theo trying to help Microsoft?

He's not talking about MS, you tool. Fedora Core fits that description.

Hell, I'd say at least 80% of software projects (and a good many non-software endeavors) fit that description.

- T

Aww, Teh Liddle GPL Nut Tried To Make A Funny

Shouldn't you be off screaming about some possible "GPL violation' loser?

Or trolling stories about non-GPL software retard?

Re:Aww, Teh Liddle GPL Nut Tried To Make A Funny

quit being a trolling retard.

Re:Aww, Teh Liddle GPL Nut Tried To Make A Funny

Shouldn't you be throwing a hissy fit about how much RMS sucks? Using 'bearded' as a slur? Saying BSD developers are better?

His joke was kinda funny. Maybe only GPL guys are funny?

Re:Aww, Teh Liddle GPL Nut Tried To Make A Funny

[rbanffy]

Don't you have a release to do, Theo?

Re:Is there a transcript? (Don't have time to watc

[QuantumG]

Long story short: Theo rules with an iron fist and springs releases like pop quizzes.
 

MOD PARENT UP!!!!!

Mod parent up.. please..

*Two* critical bugs, actually

[Nimey]

both with SSH. That's still damned impressive.

Re:Is there a transcript? (Don't have time to watc

[Shikaku]

Summary: people who can sit through that video and can program well without crying if Theo thinks your code sucks are good enough for OpenBSD.

god i hate wanky titles.

[timmarhy]

the poster is making the assertion that it works, a lot of people would say their release cycle is a terrible burden on the project.

1. code freeze happens every six months meaning you don't get to finish off features and fixes which might have been of huge benefit. it would make much more sense to base your release cycle around features and improvements, then some arbitary number of days.

2. openBSD EOL's it's releases so quickly, that only in the very rare instance that a business is willing to pay through the nose for inhouse support will you be able to see your system patched.

3. 6 months is way WAY too short of a time for a whole new release. 12 months (if you have to go with the retarded time based release) would be much less of a drain on resources as there is a certain amount of work that must go into a release wether it's got useful upgrades or not.

i've used openbsd in production environment, and it doesn't cut it in hardware support or speed. it's firewall was nice, but i've got that in freebsd now which is a far better OS.

Re:god i hate wanky titles.

[BikeHelmet]

1. code freeze happens every six months meaning you don't get to finish off features and fixes which might have been of huge benefit. it would make much more sense to base your release cycle around features and improvements, then some arbitary number of days.

I see this more as a positive. With Linux - Ubuntu in particular - every new version adds new features, and breaks old ones. Maybe if they spent less time adding new stuff, they'd have a more stable product.

Bluetooth and my SATA controller say hello, Ubuntu. :)

Re:god i hate wanky titles.

[Secret+Rabbit]

"""
the poster is making the assertion that it works, a lot of people would say their release cycle is a terrible burden on the project.
"""

Well, it does work. And guess which people are best able to determine whether things work or not and whether the trade-offs are worth it? That'd be the OpenBSD people.

"1"

Fixed by not allowing features/etc that aren't ready into release.

"2"

I've heard of systems running OpenBSD for *years* *non-stop* *without issue*. Quite impressive. Also, I've never heard anyone complain about there upgrade. Things are very well documented and tested. I did it once (I usually just clean wipe and start over) and only had one or two issues which would have been resolved quickly if I would have read the documentation /before/ I upgraded.

"3"

Unless you have a targeted release. Which OpenBSD does. Go check the releases. There is typically a "this is what we focused on this time 'round" notice. One *can* do such a quick release schedule under these conditions. In fact, OpenBSD PROVES that it can be done.

As for the other comment, I'd consider what you might have to say if it weren't just so bloody inaccurate. Not to mention your "kiddy" lack of capitalisation. Seriously, there *is* a reason for it. Just think back to primary school and you might remember why. In fact, if you do it, you just might come off professional enough to fool people on the tubes that you're actually a professional!

Re:god i hate wanky titles.

[neural.disruption]

Having to work on a schedule makes most people work more efficiently(no more time lost playing "Who can hit the beer bottle with a piece of paper" or "lets paint Carl's face while he is a asleep").
Also if its security oriented I would never expect it to have a long release cycle (12 months is a lot of time in terms of security)

Re:god i hate wanky titles.

umm...not really

1) if you can't finish it in 6 months, you get to finish it for another release. the horror!

2) yes, because the 5 minutes of downtime doing an upgrade from bsd.rd is *so onerous* that you've got to helicopter someone in to do it who will charge you ten gajillion dollars to push buttons; seriously, have you upgraded an openbsd box in the past 4 years? i could teach a monkey to do it

3) what drain on resources? taking time away from your playing quake? Is sitting down and answering a series of yes/no questions for 5 minutes too much of a strain on your busy day? If so, you can script the mofo and get back to quake.

Re:god i hate wanky titles.

[Anne+Thwacks]

openBSD EOL's it's releases so quickly, that only in the very rare instance that a business is willing to pay through the nose for inhouse support will you be able to see your system patched.

In house support is our only option. Cost or no cost. As someone who manages OpenBSD servers for OLTP (ie processing MONEY, live on the real Internet), Its security wot counts. Features, you ask? When you dont care if you are losing $5,000,000 a minute, then you can care about features. Meanwhile, I care about security and reliability, and I care about typical uptimes of a year. I buy the hardware that IS compatible (I use only SUN Sparc64 kit)

Upgrade? you are kidding? We build a new set of servers, install the new versions of the apps, test them for several months, including actual disaster recovery, and then deploy them. OBSD may have had a new release before the system even gets deployed, as we have to test the new iteration of our application layer over the firewall/webserver/database server three tier architecture.

Official EOL is not a problem - we phase in the replacement in line with the scheduled date. If we are late, well, no patches will be supplied. Were there have been any anyway? Would we have time to test them? Weekly patch cycle, eh? not in my world, matey!

Re:god i hate wanky titles.

[Tom]

I call bullshit on all of that, and I do have a couple OpenBSD systems installed in a commercial setting.

1.) if you wait for the coders to finish up the "cool", uh, sorry "desperately needed" features, you could just as well put the release date on Independence Day, 2025. Having a fixed date forces the coders to concentrate on the essential, instead of the "cool" stuff.

2.) yes, you need to upgrade rapidly. However, your point is misleading. Upgrading OpenBSD has, in all the many upgrades I have made, been no more problematic than, say, running "apt-get update && apt-get upgrade" on Debian.

3.) it's not a "whole new release". It's minor version numbers every six months. And six months can be a damn short time in the security world.

i've used openbsd in production environment, and it doesn't cut it in hardware support or speed.

So you're lamenting why, exactly? If the release cycle isn't even your main problem?

Re:god i hate wanky titles.

I could go on a big tirade against you for the inane jibba-jabba you just spewed forth, but instead I will state that I disagree with you and find you to be incapable of using OpenBSD, or even brain cells.

Re:god i hate wanky titles.

[BitZtream]

it's firewall was nice, but i've got that in freebsd now which is a far better OS.

Wait wait wait!! You mean someone actually uses OpenBSD for something OTHER than a firewall? That sounds silly to me.

Either way, FBSD is a far superior firewall, and when you install it in the same manner that OBSD installs its just as secure.

OBSD is 'secure' because they don't install or start any services they don't have to. Once you add an open port its claim to fame is gone.

FBSD when installed in the same way has the same track record, and a far better networking stack.

The main difference is, OBSD is just a pain in the ass to use regardless of how you install it.

FBSD isn't nearly as much of a pain in the ass, regardless of how you install it.

I really have never understood why people get so excited over OBSD, its not really that impressive.

WHY does OpenBSD's release process work?

LOW EXPECTATIONS.

I'm srs. OpenBSD is as useless as a bag of rocks, and the developers grind away at either obscure (but easy) features, wasting time duplicating already-existing programs (CVS) when the rest of the world has move on (GIT) and generally taking a half-assed easy route to developing. The suggestion that they implement anything original or useful is met with general derision.

OpenBSD is NOT a serious operating system. When it comes to security, Solaris has it beat, when it comes to performance even VMS works better. The only thing I can honestly credit OpenBSD with is OpenSSH -and that was a decade ago! In that time the rest of the BSDs have made major contributions to the computing world (NetBSD was the first OS to incorporate USB, FreeBSD gave us two new file systems AND developed a free software port of Dtrace).

OpenBSD only works if your metric is based on how prone supposedly adult devlopers to flaming on mailing lists for no reason. They're neither competent, nor professional.

Talk to us about a REAL development community -not the sad myopic joke that is the OpenBSD community.

Re:WHY does OpenBSD's release process work?

[mevets]

Daarrin Reed, is that you?

Re:WHY does OpenBSD's release process work?

[brusk]

OpenBSD is as useless as a bag of rocks

**hits anonymous cowardon the head with a bag of rocks
**thinks that was actually pretty useful.

Re:WHY does OpenBSD's release process work?

[iggymanz]

hahaha, what a farce, Solaris through version 9 could never be hooked straight to the internet in default install or it would be pwn3d. Who runs a Solaris router or firewall? no one, that's who. Not even Sun marketing droids are dumb enough to spout the shit you just did. VMS is slower than OpenBSD on a comparable platform running the same code because of the more complicated file system. And running DCL is slower than bash scripts.

Re:WHY does OpenBSD's release process work?

[Heavy+Machinery]

VMS is slower than OpenBSD on a comparable system? I haven't tried OpenBSD on Alpha but if you have run OpenBSD/alpha and OpenVMS on the same or similar Alpha server then well done sir, and do you have any metrics to show us?

The problem I have with your statement comparing (default) filesystem for each OS is that they have quite different feature-sets, for instance VMS has file-versioning, and quite extensive access control and access auditing capability. Bash is a very lightweight and simple shell that relies on a lot of (admittedly) standard Unix tools (such as grep, awk, sed, etc) to make it useful. DCL on the other hand has a significant payload of lexical functions. VMS has a batch and printer control system that is leaves unix job and print control way behind, VMS is more akin to a traditional mainframe in that respect. So don't get me wrong, I'm not knocking OpenBSD (I'm a great fan of the secure-by-default nature of OpenBSD) but I just don't believe one can easily compare it to OpenVMS...

Re:WHY does OpenBSD's release process work?

[iggymanz]

mainly I was in the mood to troll at a troll, makes me feel young. But I have run VMS on VAX, Alpha and Itanium2 and OpenBSD on VAXStation 4000/60 and 4000/90. But alas, that was years ago, so no metrics as the VAXStations have given up the ghost due to cpu pin corrosion

Re:WHY does OpenBSD's release process work?

[gavron]

You don't have to be a troll to note that Theo is a sociopath and his followers are a messianic-follower lot of nutbars. (All 7 of them each with 1000 identities).

I used to do kernel coding for VMS (original VAX/VMS, then VMS, then OpenVMS) way back. If you were on the VAX-L list (Bitnet...) or comp.os.vms then you know my name or Carl Lydick (Rest in peace).

I think it's cute that some OpenBSD accolyte thought this was a good time for a big public slasdot attaboy for OpenBSD. Sadly the "project" outlived its usefulness when it put *ALL* its eggs into the "The is our spokesmodel and ruler" basket.

VMS is still the operating system of choice for banks and hospitals. The "VMS vs. Unix" wars ended.
Market share - Microsoft won.
Uptime - VMS still has it.
Other - Linux has it.
OpenBSD - No such winner in any category.

If someone has a category in which OpenBSD comes up on top, feel free to bring it up.

Most reliable in terms of mean or mode uptime - no.

Most lines of code reviewed, corrected, maintained, or updated - no

Most hardware supported - no

Most non sociopath developers ranting on in public forums making asses of themselves - no
(I hope my use of the double negative doesn't confuse those same)

In short, OpenBSD, I wish you well. Your chosen prophet has taken you down a well from which you will not return.

E

Re:WHY does OpenBSD's release process work?

[Heavy+Machinery]

Hey, Mr. "this was sent from an Alpha" himself! I remember you well from comp.os.vms in '89 thru '93 and a bit later, I used to lurk in that newsgroup daily. I still remember some of the (in)famous DCL scripts you posted that generated hundreds of replies in controversy. But this is not the time or place for such reminisces...

I'd agree with you that OpenBSD will probably never be a winner in any of those categories you listed, but I am still a (mild) fan nonetheless if not for any other reason than for evolutionary diversity. OpenBSD may never become mainstream but some of the code that the OBSD team work on often filter back to the rest of the open source community. Especially the code auditing they do for Apache and other key ports.

Re:WHY does OpenBSD's release process work?

Care to show us what you have ever done for anyone? NO EXPECTATIONS describes my thoughts very good.

Re:WHY does OpenBSD's release process work?

You start bashing Anonymous Coward with uncursed +0 bag of rocks. You kill Anonymous Coward. Welcome to level 10.

LLVM Is A Key Turning Point In Open Source

Having followed LLVM for the past couple years and seen the amazing things companies and projects are doing with already, I couldn't figure where all these angry flames on Slashdot stories were coming from.

It's the GNU/GPL crowd. LLVM is direct threat to their attempts to trap all open source development in GPL licensed code. All those 'BSD is Dying' posts weren't/aren't just unfunny Gay Nigger or Natatlie Portman trolls, they were are concerted effort by the crazies GNU crowd doing their best to try to get the open source world to equate 'Open Source' with 'GNU' and 'GPL'.

GCC was the last thing that the GNU crowd had to lock the rest of the open source world into using their tech. It is understandable that they have been fighting it the same way Microsoft is fighting to hold on to their monopoly over office software document formats.

LLVM means that open source developers now have a truly free state of the art compiler and compiler tech that is free of ideology and license lock in.

Re:LLVM Is A Key Turning Point In Open Source

[K.+S.+Kyosuke]

How exactly does GCC "lock in" anyone into using "GNU tech"? How exactly is GCC "not truly free"? The only way in which GCC limits you in licensing your code is that you can't build your own shiny new proprietary compiler on top of GCC, and that is a good thing. The "document format" in question here is C. GNU is not claiming ownership of C.

And yes, LLVM is nice, for many thing. By the same toke, it's no panacea, either.

Re:LLVM Is A Key Turning Point In Open Source

Clueless. Absolutely clueless...

Re:LLVM Is A Key Turning Point In Open Source

If you've dealt with anything since GCC-2.95.3 especially regarding C++ code, it really *IS* a form of vendor lockin, and especially on linux, between it and glibc and the linux kernel, you run into all sorts of nightmares regarding how you HAVE to upgrade in order to get bugfixes, and keep your supporting software functional.

Re:LLVM Is A Key Turning Point In Open Source

Linux and several large FOSS projects use custom GNU C extensions which are not supported by other compilers. This in effect locks them in to using the GCC. While this is not necessarily a bad thing, because the GCC is FOSS, imagine a scenario where the Microsoft or some other propietary compiler suddenly gained a huge and decisive performance advantage over the GCC, not likely but possible. FOSS projects couldn't use another compiler because many of them utilize these GNU extensions. This is lock-in. Unintended and innocent, but still lock-in.

Re:LLVM Is A Key Turning Point In Open Source

[xouumalperxe]

If you just wrote the freaking code to be compilable both for windows and linux in the first place, you'd end up with code that compiles fine under both gcc and msvc. The problem resides, as it often does, in users (developers, in this case) digging their own grave.

Re:LLVM Is A Key Turning Point In Open Source

[TheRaven64]

Compiler extensions are generally how the C language standard evolves. WG14 recommends two independent implementations of an extension (or of semantically-similar extensions) before it will be considered for addition into the next version of the standard. Pretty much all of the GCC extensions are supported by Clang and a lot are supported by ICC and XLC. A number of the GCC extensions originated with other compilers and were added to GCC to remain compatible with code originally written for these compilers.

In short, this is how C standard evolution works: One compiler adds a feature. People use that feature. People complain that other compilers don't have it. Other compilers implement it. The C standards committee approves (a tidied up version of) the extension.

Re:LLVM Is A Key Turning Point In Open Source

[kelnos]

Since when did you get bug fixes with any software *without* upgrading?

There's nothing stopping an interested party in cherry-picking bug fixes from newer versions and backporting patches. The fact that you haven't done so yourself means you either don't care enough, or are incapable (both of which turns your complaint into entitlement-laced whining).

And I'm not really sure how writing C++ code and compiling with gcc locks you in to gcc. My C++ code (on the sad occasion I need to use C++ for work) compiles just fine with both gcc and MSVC with a minimum of #ifdefs. If yours doesn't, perhaps you're just not a very good C++ programmer.

Re:LLVM Is A Key Turning Point In Open Source

[kelnos]

Sorry, but "unintended and innocent" changes the meaning of "lock in" so completely that it's useless. The term "lock in" is almost always used to describe the intentional, malicious action of one party to prevent another from using a competing product/service/whatever. If you take out the malice and make it unintended and innocent, then it's hard to call it lock in with a straight face.

But if you still insist on calling it lock in, then I say... who cares? If it's unintended and innocent, you can usually fix this problem through gentle prodding and education. (Hint: there's a compiler flag for gcc that will make it not accept GNU extensions.) If a software maintainer doesn't want to accept a patch ("well everyone uses gcc, so why should I clutter my code with this patch?"), then that's the direct fault of the developer, not of gcc.

And hell, many GNU extensions are useful. I'd imagine that LLVM's compiler backends might want to borrow some of them. (And sorry, childish "we don't want to copy gcc" isn't a valid reason for not implementing them if the extension truly is useful.)

Re:LLVM Is A Key Turning Point In Open Source

[jgrahn]

In short, this is how C standard evolution works: One compiler adds a feature. People use that feature. People complain that other compilers don't have it. Other compilers implement it. The C standards committee approves (a tidied up version of) the extension.

But here one important thing to point out is that the GCC people (for C and C++ at least) seem less fond of adding GCC-specific language extensions to their compilers these days, and lets you easily avoid them. You no longer get the feeling they're saying: "here is a new operator you might want to use -- it will never be standardized, but you will never again use some other compiler anyway, will you?"

Wow, Talks About Getting Owned By Your Own Link

Way to go Hatta. You just made a fool of yourself.

Now everyone is actually reading you link and realizing what a pathetic Karam troll your post was. Hey, but at least you got a couple of knee jerk GNU fans with mod points to mod you up...

Comic Sans

makes me sad.

Video DOES suck for certain applications

[Weedhopper]

Why was parent modded down as flamebait/offttopic? That's not fair.

While there are uses for which video is king, video as a way conveying certain types of information DOES suck. I think most people on here can read MUCH faster and process information more comprehensively in written form than some talking head on a video. This vid has slides, so it's better but I'd still prefer to read the slides and attached notes than basically be lectured to at someone else's pace. It does more for my comprehension and it saves time.

Christ, you'd think people thought the parent post was personally attacking Theo or something.

Re:Video DOES suck for certain applications

[Secret+Rabbit]

Well, there are a couple assumptions in what you just said. The first being that what is written is written well. I can't tell you how bad of an assumption that is. I mean, just with how many times I've had to unwind what someone wrote just because it was /that/ bad, *and* it was of so called "professional quality." Kind of sad when you think about it.

The second point is that you don't seem to understand what slides are actually for. I haven't watched this video yet, so I can't comment on this specific case, but in general slides are for talking points rather than discussion. They are used in talks because of this very point. Similarly, for the notes. They are written specifically for someone else and thinking that you could fully properly interpret such short hand is rather arrogant.

Seriously, this is a video of a talk given by Theo. You might not like the medium, but since it doesn't exist in another format, bitching about it is rather pointless. And asking for it in another format (implied or otherwise) is rather presumptuous.

Re:Video DOES suck for certain applications

[Weedhopper]

Hey, if you're going to comment on something, why don't you at least attempt to see WTF I'm talking about before you do?

I am a Toro Fecundian

[Mana+Mana]

but this is just plain wrong!

`` exactly on the date promised''

Lies! OBSD releases are regularly released a month early.

And, the canard that de Raadt is an asshole is plain wrong. To those who follow OBSD for anything other than a short period of time will know what his, the team's refrain is: We make this OS for us, not for you! Your benefit is an unintended consequence. We don't want to be the most popular, we make this OS for us, not for you! You want Linux. We don't talk, we code. We don't suggest bs features, we code. You want it, code it. But then you keep posting to the list, you've been told to help yourself, that we make this OS for us, not for you! So I will now tell you to fuck off, slacker.

It's simple, man. I've read Bruce Perens say he met the guy, extended his hand but the guy never acknowledged him, that he might be Aspergerish. I thought Bruce was off his rocker when I read that. He bats .400 most of the time, and some-times I say WTF is he drinking today?

Check out theo.c for a lot of laughs!!!

One list goodie went sort of like this years ago: Why are you posting to misc@. Why didn't you read the man pages, slacker. They're quality, this is not Linux. If you didn't bother you're an idler. If you read them and didn't understand them you're a lamer.

"you bring new meaning to the terms slackass. I will have to invent a new term." --Theo de Raadt

http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/mg/theo.c

Re:I am a Toro Fecundian

[kelnos]

Taking that stance is fine -- that the OS is written for the developers, and people who don't contribute code may benefit, but not to expect a benefit, and not to complain when things don't work... unless you're willing to work on fixing it yourself.

I'm totally on board with that attitude.

However, that doesn't mean you're not an asshole. Saying, "If you read [the docs] and didn't understand them you're a lamer," is pretty much the textbook definition of being an elitist asshole. Telling people to "fuck off" may mean you are an asshole.

From what I've read of de Raadt (both his own writing, and people writing about him), I'd totally believe that he ignored a handshake from Bruce Perens (not saying it happened or not; I have no idea, just that I'd believe it).

As for theo.c... obviously all of that stuff has no context whatsoever, but (while, admittedly, some of it is indeed pretty funny) some of it does sound pretty asshole-ish. And that's fine. But being somehow "proud" of theo.c takes the assholery to a new level.
Now, again, I'm not coming down negatively on the idea of being an asshole. I can be an asshole sometimes too. Sometimes being an asshole is a useful way of getting things done. But don't hide behind some facade based on pretending to be a nice, respectful guy if you aren't. That's just dishonest.

Re:I am a Toro Fecundian

[Mana+Mana]

de Raadt doesn't walk into a diner and yell out @s$#0135 when someone asks him the time of day. However, he doesn't go lightly on you if you walk into his house, where there are signs, a valet and a receptionist that say ``men at work'' do not disturb, read the DIY instructions for any questions, and interrupt as a last resort.

I don't view the OBSD developers as elitist, but as members of a lucid meritocracy. Anyone is welcome to contribute, down to simple html patches if you like. There are friendships clearly evident in the src submit list but if you lazily/foolishly foul up your submits, code, a patch, an idea or design some other developer will call you out. Typically it's de Raadt.

That is what theo.c playfully is. Theo de Raadt doesn't contribute to it, it is the OTHER developers that respectfully, teasingly, lovingly? code it. Get it now? It's not an exercise in vanity from TdR.

In essence, there are sweet people, temperate people, mean people, and cool guys that are fun to hang out with that don't suffer fools lightly---that is Theo de Raadt. Now I am a sweet guy, that's full of inner rage, that canm turn the spigot on when neccesary, but, I wouldn't mind being excellent in a given field and be TdR like.

The guy is a big fitness, hiking type. How many geeks are that into p.t. and hacking.

Why I do not consider OpenBSD a secure system

[metrix007]

A secure system is more than just not having vulnerabilities.

Secure systems, for a start, should have the ability to control and restricts information to a fine grained level. Unfortunately, Theo is stubborn that things like MAC and RBAC should not be included, as they are not necessary. Which is remarkably short-sighted. DAC has many problems, any any truly secure system should have an alternative. As much as I like OpenBSD for what it is, and as much as I respect the development team, a focus on quality is not the same as a focus on security. Secure by default is a good approach, but is somewhat meaningless, as you are limited in what you can do with it. A true metric would be to look at the vulnerabilities of software in the ports tree, of which there is still a lot.

At the moment, SELinux or RSBAC are far more secure systems, despite those platforms having more vulnerabilities. If you gain a root shell through Apache for example, you will not be able to do a damn thing. On OpenBSD, as there is no defence in depth, the system is yours. Even NetBSD and FreeBSD seem to have more of a focus on actual security, with efforts like SEBSD, executable signatures, PAX/NX support etc.

OpenBSD is quality, top not software. It is not however, a secure system.

Re:Why I do not consider OpenBSD a secure system

[Secret+Rabbit]

"""a focus on quality is not the same as a focus on security."""

Kinda is actually. Bug hunting and the fixing there of, regardless of exploitability is the exact reason why comments like "this was fixed 7 months ago in OpenBSD" are commonplace on security mailing lists.

"""Secure by default is a good approach, but is somewhat meaningless, as you are limited in what you can do with it."""

This *statement* is meaningless and completely misses the point. The point of secure by default is that when you turn something on, you have to read how. So, the person turning a service on will (or should) learn about the security implications thereof. So, that person is less likely to f**k up. THAT is the point. It's even stated somewhere on their website.

"""A true metric would be to look at the vulnerabilities of software in the ports tree, of which there is still a lot."""

Ports have been removed for that exact reason. I think it should also be pointed out that EVERY ports tree (or similar) has the same issues. The main problem being that tracking thousands of pieces of software is rather intractable for just a couple of people. That would be the maintainers job and those guys, again in all ports trees (or similar), are necessarily spending each day checking up on things.

"""At the moment, SELinux or RSBAC are far more secure systems, despite those platforms having more vulnerabilities."""

That last part kinda cuts the legs out from under the first part. You should read what you write before hitting submit.

Re:Why I do not consider OpenBSD a secure system

[metrix007]

Some points, in response to your post.

A focus on quality is part of a fous on security, and is a necessary step. By itself, a quality system is not necessarily secure. As I stated, there is much more to being a secure system than just not having vulnerabilities.

I am aware of the reasoning behind secure by default. My point above only meant to demonstrate that such a configuration is not synonymous with not having any vulnerability in a real world scenario, which many OpenBSD fans try to equate it as being.

So the ports tree has been removed? I was not aware of this. So OpenBSD now no longer audits 3rd party software, and the entire system security can be reduced by running a server not in the official OpenBSD release? You see, a secure system would have methods to help protect against this, in the case of an attack.

No point of my post was contradictory. I can run a Linux server, full of vulnerable software, and with a correct SELinux or RSBAC policy, it will be more secure than OpenBSD, by far.

Re:Is there a transcript? (Don't have time to watc

[Captain+Splendid]

Long story short: Theo rules with an iron fist and springs releases like pop quizzes.

Mod parent up. Successful organizations need strong leadership. FOSS' generally decentralized model (and that damn egalitarian hacker ethic) works against this. Not that that's a bad thing, but somebody needs to steer the boat.

The primary reason they release so fast

[guacamole]

I could be wrong, but I think the primary reason they release so fast is because the OpenBSD team does not attempt to bundle all of existing open source software with their OS like say Debian is trying to do. In *BSD distros, there is the core OS that includes essentially only the operating system and some utilities, and then there is the ports collection. I believe a serious bug in some port package will not halt the release process of a BSD distribution, at least for non-essential ports.

Re:The primary reason they release so fast

[wb8wsf]

This is correct. OpenBSD can be thought of as two parts, the OS itself
and the ports/packages tree.

OpenBSD itself undergoes the most testing. This is not to say that the
packages aren't tested, because they are. But the packages--some
5000 of them--can't be tested as much as the core OS. Still, the packages
are of very high quality, and for most cases you do not have to compile
things on your own for OpenBSD.

If a port is bad, ie it isn't compiling or some such, it simply isn't included
in a release. If the port is a security horror, it isn't in the ports tree at
all.

Me, I'd rather see the OS itself get the most scrutiny, given that endless
numbers of good testers don't exist.

Unit testing

It would be pointless to test prior to integration of all submitted components.

Integration and functional testing are necessary, but unit tests are not pointless, either.

one person doing decisions

1. There is one person making key decisions and so the decisions are made. The overhead of bringing your stupid team members up to speed does not exist. This is good and bad, and Theo couldn't last a week in a big company like mine.
2. A lot of unit testing by developers on the main branch - always a good idea, instead of some stupid self-appointed Chief Release Officer's decision while having beer with the Chief Information Officer the previous evening.

Locking out API or locking out problem developers is questionable and judgemental. Being the only decision maker helps here, but it won't always the right decision. The product's feature set and its completeness is what matters, and so no area of code is ever locked. In a company you have to deal with mistakes and have people learn from mistakes, but not punish them. You don't always have the luxury of experienced engineers and so some of the techniques about ensuring quality need to be changed.

faux inefficiency

[epine]

In an ideal world, I suppose, 386BSD would have been managed better and there would be no forks.

In your "ideal world" I suspect we would all be rather less well off.

I've never understood the appeal of one-size-fits all. Why is it the premise of so many off-the-cuff comments in every venue of discussion?

So far as I can see, it accomplishes two things: makes it easy to criticize others for not getting along, and relieves the commentator of having to learn or understand systems theory, which is subtle and difficult. If only the whales had not split off from the carnivorous ungulates, evolution, in the ideal world, would have accomplished so much more. Put into a real context, the idea barely parses.

Within the prokaryote kingdom, there is a great deal of horizontal gene transfer. Within the BSD clade, there is a great deal of horizontal transfer (of ideas and code) whenever the need arises.

horizontal gene transfer

The most profound fork is probably the GPL from the long-standing conventions of public domain, which the BSD license more nearly mimics.

I don't see much difference between the scope of source code and the scope of human interpersonal relationships. In an ideal world, we would all be better off if either A) all information was private, or B) all information was public. Turns out, some people have information they don't wish to share (for a list of reasons which includes every human motivation) so the GPL lacks universal appeal. Turns out, some people have information which they don't wish other people not to share, so neither does the BSD license have universal appeal.

Having the two license camps puts a crimp on horizontal transfer, but it hasn't caused the world to stop turning. Is it fundamentally a bad thing to implement an idea twice, beginning from two different sets of premises? Only if your goal is world domination. For maximizing insight, diversity rocks.

I could continue, but I'm sure the choir has already figured this out, and the sinners are set in their ways.

At the end of the day, fork has become a term of social derision founded upon a monolithic Garden of Eden which never existed, and wouldn't have been a paradise even if it had.

If the only reason to fork is that two parties can't get along (X, libc are possibilities, but I don't know enough of the story) then forking is a mite unseemly, much like a failed marriage. Do open source communities fork more often than any other walk of life? I suspect not. And no, I'm not counting whiner attrition, where one or two guys copy a code base into their own tree, make a dozen patches, and are never heard from again. Does IBM fork every time a deadbeat is fired or quits?

Many of these projects have accomplished things through volunteer collaboration that twenty years ago few would have believed possible, yet they are mostly criticized in retrospect for the occasional loud public spat prior to a parting of ways, by people who are deeply in touch with their inner primate.

Those of us in the results oriented camp are less inclined to praise the false nirvana of pretending to agree when you really don't.

For an interesting comparison, consider the disputes over the years within NASA over the "smaller, faster, cheaper" engineering meme.

Small Is Beautiful, But Big Is Necessary

I suspect smaller, faster, cheaper might work, but it won't ever be NASA who consistently pulls this off. NASA is what you get when an agency never forks. Ideal leaves a lot to be desired.

Re:faux inefficiency

[IntlHarvester]

Huff another bong hit and consider this, bro...

If BSD hadn't forked, it would likely be the most predominate x86 *nix, rather than an almost irrelevant footnote in IT history.

As it is, any great concept that the BSD teams developed was eventually incorporated in the more politically unified development culture of Linux. BSD folks tend toward very shallow marketing slogans like "Security, Portability, and whatever" which doesn't cut it when you look at where the actual work is happening. Any meaningful conclusion is that results beat stoner burnout platitudes.

Re:faux inefficiency

[torstenvl]

"If BSD hadn't forked, it would likely be the most predominate x86 *nix, rather than an almost irrelevant footnote in IT history."

BSD is the most predominant x86 *nix.

Re:faux inefficiency

Or maybe it's Darwin...
Sorry, but MacOS is not BSD, it's only slightly mimicing BSD. It's GNU-style latching on. Do you guys call Solaris a BSD too :p - and of course that's only the desktop market, a comparably small niche to the other two below.

In the server, it's probably a close contest between Solaris and Linux at this point (with BSD and a non-*nix), and in the embedded market... true, it's probably unsure and a contest of BSDs and Linux.

Re:faux inefficiency

[BitZtream]

If BSD hadn't forked, it would likely be the most predominate x86 *nix, rather than an almost irrelevant footnote in IT history.

Uhm, you do realize, thanks to things like OS X, that it IS the most predominate Unix in the world right? x86 or otherwise.

Please feel free to show me a unix (and we'll use the term loosely as to not rule out Linux) with more installed machines.

Re:faux inefficiency

[BitZtream]

If you count Linux as a Unix, you must count OS X, since OS X is actually a certified unix and Linux isn't.

Re:faux inefficiency

Within the prokaryote kingdom, there is a great deal of horizontal gene transfer. Within the BSD clade, there is a great deal of horizontal transfer (of ideas and code) whenever the need arises.

My hat is off to you sir, for successfully making an analogy between BSD and pond scum, intentionally or not.

Re:faux inefficiency

[IntlHarvester]

Besides Linux's massive server marketshare, it's also used a ton of cellphones and other devices. I think you would have great difficulty substantiating your claim.

Not to mention OS X isn't even really BSD.

BSD Daemon!

[Zancarius]

Cut the BSDs some love. They deserve it, and there's plenty to go around.

Especially for the beastie daemon. I just had a rather odd mental image of him in a "naughty suit."

It's due to the continious boxes of Lucky Charmes

[itsybitsy]

http://en.wikipedia.org/wiki/Lucky_Charms

http://www.youtube.com/watch?v=mCcPRroLgzE
http://www.youtube.com/watch?v=9VALrCj8xhU

Give me what I need, not what anyone needs

[synthesizerpatel]

SELinux and RSBAC don't necessarily provide any additional security. They certainly seem to suggest it, but the software you trust is just software like everything else.

But, I think the primary 'hmm' here is that you suggest that there aren't more granular levels in BSD. Of course there are.

* chroot
* privilege separation (root from an apache server? sounds like a linux box to me..)
* sysctls for kernel and other behavior (security level, immutables)
* built-in stack protection (isn't that half of why you'd need SELinux anyway??
* encrypted swap/fs
* randomized malloc()

There's a variety of standard, well documented features that anyone can use. Each element on it's own has it's own vulnerabilities, used in concert correctly they are very effective and predictable. Unlike SELinux for instance that will randomly just not let something happen emitting a cryptic error message. And, while we're at it.. why do you trust SELinux? Audited it's code?

Given the overall security track record of the Linux distros (Debian SSH RNG anyone?) -- I trust OpenBSD a tiny bit more.

Re:Give me what I need, not what anyone needs

[metrix007]

I am sorry, but you are incorrect.

The whole point of SELinux and RSBAC is that they provide additional security. Not least, true enforceable separation of duty and principles of least privilege.

I am aware there are more granular levels, but they are all largely ineffective, and may stop some attacks. SELinux does not give cryptic error messages, any more than OpenBSD does. It gives a very clear error message, detailing the access request being denied, and why.

Now, let's look at your list.

Even if the chroot is secure, it will not prevent accessing data within the chroot, accessing other machines on the network, defacing a website or something...

The OpenBSD privilege separation is not complete, and not system wide. There is certainly no separation of duty, with root still being god...

sysctls are a nice touch, but again, necessarily limited are are not going to help that much

Stack Protection is a preventive measure, and no, it is not half the reason you would use SELinux. Assume something gets past stack protection, SELinux prevents the attacker from being able to do anything, as were on OpenBSD they can still do a hell of a lot.

Encrypted Swap...OK....again, not relevant, and available on Linux....not sure what your point is here...

Randomized malloc()....again, it won't help in the face of a successful attack, which was the point of my post. Also available on Linux.

Have a look at some of the models and example policies used by SELinux to get a better idea.

If SELinux is sufficient for the NSA to use..., I trust SELinux and RSBAC because they have companies working on them auditing their code and have an excellent track record, with considerably less vulnerabilities than OpenBSD.

The overall security track record is irrelevant, as distros tend not to enable SELinux. If they did, most security problems not a result of user stupidity would likely disappear overnight.

all it requires

[Gary+W.+Longsine]

Bureaucracies seem to be scared of this agile stuff, because it doesn't pretend to be able to answer questions like, "given this enormous pile of features, how many developers do we need to get this project done in 18 months?" Of course, the various methods they use do give them answers to these sorts of questions, demonstrably and wildly incorrect answers. So really, all it requires is a fundamental shift in mindset, and a shift to managing projects with an agile mindset. That's probably not possible for most organizations. They prefer certainty and predictability, out into the range where it simply doesn't exist. They prefer to fail time after time after time, and are willing to live with occasional, accidental success for thirty years past its useful life. But of course you know this.

Re:Is there a transcript? (Don't have time to watc

[CarpetShark]

springs releases like pop quizzes.

So... he says "New Release: 5.7!!", and everyone looks around to see who knows what he's talking about?

Text version please ?

[Yvanhoe]

Video is for the english native too lazy to read. I want a quick scan through what he says and skipping his "ahhhh" "errrr"....

Re:Text version please ?

Says the one to lazy to write a transcript.

..says the one to lazy to log in.

Re:Text version please ?

[kelnos]

I look at it the other way around... I'm too lazy to watch a video, would rather read text.

Re:Is there a transcript? (Don't have time to watc

[GreatBunzinni]

How can you claim that "FOSS' generally decentralized model (and that damn egalitarian hacker ethic) works against this." and insinuate that FOSS projects doesn't have anyone steering the boat when at the same time you base your accusations on the management merits and successful steering of a FOSS project?

Are you really Theo?

The copyright notice wasn't the reason for Theo to go all Rita Hayworth and scream and shout and stamp his pretty little feet in a tantrum.

It was the code (who the copyright owner owned) was put in a GPL product and not dual licensed like the un-improved version.

They owned the copyright of the older version too.

And Theo doesn't mind being locked out of improvements of BSD code by closed source projects, but he went absolutely BALLISTIC over being locked out of the improvements of a BSD/GPL dual licensed code by a GPL project.

Tough shit, Theo. You still have the original BSD code, so you're still as 100% free by BSD lights as before.

What you AREN'T as free with this scenario is free-as-GPL-has-it. You know, that nasty GPL that forces coders to keep the code open so they original can be improved forever.

Didn't you find it strange that Theo wanted to be kept free-as-in-GPL rather than accept free-as-in-BSD?

I did.

OpenBSD enterprise use

[fialar]

As someone who had used Linux quite extensively for the past 11 years, I recently started rolling out OpenBSD servers at my job. Two OpenBSD firewalls power our production network (using CARP/pfsync) and they do it flawlessly.

In our office, an OpenBSD firewall connected to two DSL modems is able to load balance traffic out, and do proper asymmetric routing. All this thanks to the developers who make a lot of great, innovative code for pf, CARP, pfsync, etc..

I couldn't do any of this properly with Linux, especially not the asymmetric routing.

I've worked on OpenBSD ports to make them better. I've found the developers friendly and helpful. The code is quite solid.

Re:OpenBSD enterprise use

[kelnos]

Your post actually reminds me of a question I've always had. It seems -- and this probably has to do with random bias -- that whenever people talk out in favor of OpenBSD, it always starts with "I've been running OpenBSD as my firewall..."

What other things do people deploy OpenBSD as, and can we consider it just as secure in those applications?

Saying "secure in the default install" is fine, but may not be useful if your default install doesn't have what many people need.

I'm not trolling here or trying to respond negatively to what you said; I'm just genuinely curious.

Wrongo

"When someone says they run OpenBSD, you have a very clear picture as to what kernel, compiler and userland they are running. "

What? OpenBSD from 1994? OpenBSD from 1996? OpenBSD from 1998? OpenBSD from 2000 ? ....?

What about the OpenBSD on a router?

You ignore differences from OpenBSD because you love the OpenBSD and don't see any problems.

Yet you detest people who love Linux and don't see any problems because they ignore the differences that seem irrelevant to them.

Re:Is there a transcript? (Don't have time to watc

[HungryHobo]

He's saying it's unusual. Which can be true.

Re:Is there a transcript? (Don't have time to watc

[TheRaven64]

and springs releases like pop quizzes

I think if you are surprised by having a release sprung on you, when releases happen every six months (give or take a week or two) with a 1-2 month lead period, you probably shouldn't be writing OpenBSD core code, you should be writing a calendar application.

Mod Parent Up...

[TheVelvetFlamebait]

... for an informative and subtle point about the universal nature of fanboyism.

Sick of Debian fanboys

[petrus4]

The Debian fanboys are really out in force in the comments on this article.

I'm tired of the refusal to acknowledge just how chronically Debian sucks. It is the worst Linux/BSD distribution in existence, by a mile; the over-engineered garbage they try and add to virtually every application/package they get hold of is beyond belief. I was wrestling with adding configs to both vim and apache in Ubuntu the other day, when I finally realised that the Debian idiots have tried to make their own conf hardwired in, and then have another file somewhere else (with God only knows what name, in most cases) for "user" changes.

The answer isn't simply to use another distribution if I don't like it, either. Debian offends me to the point where I want it stopped. The horrible mess of perl glue that they refer to as their custom kernel build framework is yet another example. Good luck trying to compile a custom kernel in Ubuntu; there's just so many minor perl snags that it can fail on, that it is virtually impossible.

I savagely, passionately hate Debian, and even more, I hate the system's developers and users continuing to insist on how wonderful it is, because as long as they continue to do that, the system's problems will not get solved.

Debian is suffering from the same fundamental issue that most alcoholics do. You need to be willing to acknowledge that a problem exists before you can begin solving it.

Re:Sick of Debian fanboys

Can you please elaborate on these "minor perl snags" and "hardwired" vim/apache conf files? I also used to think Debian sucked, but after spending some time learning how it works I find it a very useful system.

What's the advantage?

[fmaresca]

I am sysadmin for a number of boxes running some of the three Debian variants (mostly stable and testing in production).

Can someone explain what's the advantage of getting a new release exactly every N months (or days, or years or whatever time unit you like)?

I'm much comfortable with updates and security fixes that gets in my current system whenever the need for them dictates an upgrade for some piece of software (i.e. packages in Debian), in a non-disruptive manner and the most automatically possible, and complete new releases of the distro as a whole when something *really* different is going to get into stable. This barely occurs every six months, and not so frequently every year, in Debian nor in any other system I'm aware of.

This six month release cycle is artificial: what are the "milestones" in those 25 6-months releases?

I think this is only a marketroid artifact.

(Note for Debian haters and illiterates: if you're about to argue that stable release cycle is too long, and need backports for new software, drivers, etc., let me say that for a long time now testing has had security updates too; you're able to get backports or make your own, and even run a mixed stable-testing system if you want, but I don't think the scenario for such a need would be very common having testing with security updates available. If that's the case, you're probably in a situation where every distro or system will need hand tweaking and maintenance too).

Re:What's the advantage?

[1s44c]

This six month release cycle is artificial: what are the "milestones" in those 25 6-months releases?

Things are constantly changing. The point is to get the changes tested and out to the users in a smooth controlled way. This is something most software vendors are really bad at and something that the OpenBSD project is really good at.

If you want to know exactly what changes between released read the huge change logs on openbsd.org. Hardware support alone causes a large number of changes each six months and there are always plenty of other improvements too.

Re:What's the advantage?

[fmaresca]

Things are constantly changing.

Exactly: that's my point. If things are _constantly_ changed, IMHO it's better to get them when they change, not every N [time unit].

My question (above milestones in releases) was a rhetoric one ;-)

My point is that the 6-month release cycle is artificial, because is a self imposed restriction to outcast the image of being efficient and scheduled responsible development team, aimed mostly at decision-maker management persons, who knows nothing about technology or software development. This release cycle makes not better system in any way I can think of.

There were are probably _some_ of these releases that carried out some innovation or change in such a way that required or merited to put them as a new "release" or "version" of the system (say you're changing the default FS or some system-wide default or policy) or the kernel has changed in a way that's not anymore backwards-compatible with other parts of the system, or may be a big chunk of the software are about to pass-out as obsolete. These changes happens from time to time and at certain point a new release is a good thing.

What I say, is that these changes are not evenly distributed in time (and IMHO nor that frequent), so there is no point in adhere to a schedule.

Let's put this straight: this release cycle serves only the purpose of getting a feel of innovation (-hey, look, I'm running version 204.54.678, where you're merely running 4.05) and up-to-date status, which I don't say there isn't on OpenBSD, but if this innovation exists, it's certainly not due to the release cycle.

I'm not against OpenBSD in any way, I'm only not convinced of this particular issue is a good one.

Cheers.

Re:Is there a transcript? (Don't have time to watc

[QuantumG]

Watch the video deadshit.

You fail at IQ forever

IQ is a measure of learning ability with a context, not a general thing like "intelligence".

lesson learned?

[recharged95]

Don't overload your releases with latest and greatest features (compare the feature list of openBSD vs. Debian, RedHat, or Ubuntu).

No need to release often, but always release consistently.

From my experience, big industry (aerospace, power plants, mission critical apps) have been doing this since the 70's--with both average and exceptional developers working together...

Also, having no pressure (from competition) and a big backer (Apple via FreeBSD) does have its advantages.

BSD forks: events and timeline:

[tlambert]

...sorry to correct you, but...

BSD forks: events and timeline:

UCB CSRG didn't want to create a bootable distribution.

FORK1: Jolitz went off and did 386BSD because he disagreed about the bootable distribution.

(1990) Jolitz releases 386BSD 0.0 to a smal group.

BSDI started.

Many of the principals in BSDI were from UCB CSRG, so there was some financial conflict of interest vs. 386BSD there.

(1991) Linux released Linux - there is no lawsuit incentive for him to have done a different code base at this point.

(1991 - October) Jolitz released 386BSD 0.1

BSDI used the trademark "UNIX" in their "1-800-ITS-UNIX" phone number and their advertising.

USL sends cease and desist use of UNIX trademark to BSDI - the lawyers are now awake.

Jolitz promises a 386BSD 0.1 "real soon now".

Time drags out... I write a 386BSD unofficial FAQ with a patch in it for the VM system for sytems with an option-base-0 BIOS base memory size so it'l boot.

People start sending me patches for the FAQ. Too many patches. I create the 386BSD "patchkit", with Jolitz's blessing, on the promise of a 386BSD 1.0 "real soon"

USL, sensing competition in the UNIX marketplace, sues BSDI, initially nominally over the trademark.

I convinced Jolitz to trademark "386BSD" to keep BSDI from claiming "BSD" was too similar to their trademark to avoid BSDI doing to 386BSD what USL was doing to BSDI.

The patchkit serialized application of patches rather than going for a full SCCS mechanism. As a result, only one entity could patch at a time, to maintain dependency ordering.

A group set up a bunch of patches at a really high ordinal value because they felt their patches were not being integrated quickly enough. These patches ignored the "one entity" conflict avoidance mechanism.

FORK2: A fight ensued over control of the "patch sequence number" integer. The patches of the first group and the second group moved to SCCS. NetBSD was born.

Jolitz had family issues and there was a flame war between Lynne and the patchkit people, who were still waiting for a 386BSD 1.0.

FORK3: Permission to use the 386BSD trademark was revoked. The original patchkit work moved to SCCS rather than throw away work in progress. FreeBSD was born.

BSDI hid from USL behind UCB.

The other BSDs got "ceases and desist" notices from USL because of that (not before we mirrored archives to non-Berne signatory countries, though).

UCB filed countersuit.

MIT offered to back UCB vs USL with their full patent portfolio, which would have shut down USL cold.

UCB declined MITs offer (no reason was given).

UCB, BSDI, and USL "settled" permitting BSDI to continue binary-only distribution of their products until they rewrote a number of critical files.

This appeared to be a "complexity" gambit, i.e. a way to freeze out the other BSDs by diking out code that USL expected could not be rewritten by "amateurs".

The other BSDs were not extended the same distribution offer.

A number of Novell employees, myself included, camped out in Mike DeFazio's office on the second floor of the building in Sandy, Utah, to get the same deal for the other BSDs (Novell owned USL at that point, and Mike Defazio was the VP in charge of the "UNIX Systems Division" of Novell). We got the deal extended.

UCB CRSG released 4.4-Lite2 (the sources for 4.4., minus the critical files).

The other BSDs rewrote the files that BSDI and USL thought couldn't be rewritten.

Theo, then an obnoxious know-it-all kid who had yet to prove his stones, pointed out a security hole in NetBSD.

NetBSD ignores them.

Theo locks the NetBSD folks out of their project systems using an exploit based on the security hole he had previously pointed out.

FORK4: Theo is booted out of NetBSD. OpenBSD is born.

FORK5: I was around for the DragonFly fork from FreeBSD, as well, but it had a lot to do with design philosophy, and the practical unwo

Re: I declare flaming troll-fest Friday night!

[iggymanz]

The OS to run for utter reliability from HP isn't VMS, it's NonStop. And for those not-from-HP products from IBM mainframe OS can beat VMS reliability on a single machine. VMS is just a minicomputer OS from the past, fairly good uptime if cluster as a whole considered, but for any individual machine not so quite so great. File-11 filesystem is prone to fragmentation too.

And OpenBSD does have distiguishing characteristics among the BSD, unlike FreeBSD, which put out unreliable SMP locking that siezed up under load for years, OpenBSD emphasizes correctness, and so was a better choice (and I'm still skeptical if FreeBSD team has fixed their shit). DragonFly looks promising, they forked from before the point FreeBSD went down the crapper.

You dislike Theo because of his insistence on excellence, you think of him as "socialpath" because you're threatened by his accomplishments. but he's just a tough boss. You can see what happens in inverse relation to toughness of boss, Hurd went nowhere, Linus made a kernel but GNU tools had to provide the rest, while Theo has a whole distribution to head.

Re: I declare flaming troll-fest Friday night!

[gavron]

What is it about OpenBSD nutbars that makes everything personal to the point they lose all reason?

> The OS to run for utter reliability is...
I'll stick with the proven winner. My post already indicated not only why that is, but showed the evidence. Just naming something different with no comparison, criteria, or any evaluative points is just a strawman argument.

> File-11 filesystem...
I know it's hard to research things that you can't google, but trust me -- you should research before you speak -- especially if you're going to be judgmental about something not being as good as something else, and you have no knowledge of one of them. There is no such thing as what you said.

> You dislike Theo because of

You have no clues as to whether I dislike Theo (I do not dislike him) nor why.
I care nothing about him.

> you think of him as "socialpath"
Yes, because he's met the standard for being a sociopath. It's not what "I think". It is what it is. DSM is now online. Feel free to use it.

> You can see what happens...toughness of boss...Hurd...Linus...Theo...

I'm sorry I disrupted your church. I was discussing operating systems, not people. It so happens OpenBSD is associated with a known sociopath. That has nothing to do with Linus, Hurd, or anyone else you care to bring up.

Best regards,

Try not to froth at the mouth when your religion or prophet are painted in the colors they selected themselves.

Ehud

Re: I declare flaming troll-fest Friday night!

[iggymanz]

http://en.wikipedia.org/wiki/Files-11

So you don't know name of VMS filesystem, tsk, tsk.

Any real VMS admin such as myself knows Files-11 is prone to fragmentation, and it's such a problem this product has been making money for a couple decades: http://www.diskeeper.com/products/vms-vax/about-diskeeper.aspx

OpenBSD isn't my religion, I like many OS.

I do work at an HP Elite VAR, most OpenVMS is running on Alpha, the last of which was sold new in 2007. Whether they go to Integrity platform remains to be seen.

Re: I declare flaming troll-fest Friday night!

[gavron]

Sorry, but diskeeper HAS been taking money out of peoples' pockets for ages. Before they sold diskeeper its makers sold a caching product. Either product was useless and together double-useless. ODS is what deals with file section windows. I appreciate your pointing out there's A thing called Files-11 and a wiki article. Why don't you point out FMS and RMS while you're at it. They are all irrelevant. ODS is the real issue and it's fine. Fragmentation is a red herring.

> I like many OS.

So do I.

> Any real VMS admin such as myself

Sorry to disappoint, but unlike admins, engineers (or a kernel coders) have to understand the internal workings, and if you get there, you'll be more apt to see what I'm saying. Still, I don't want you to think I'm talking down to you, and Slashdot isn't about you and I having a conversation.

ODS - On Disk Structure - defines how a structure (you could think of this as a file if you were so limited) is stored. It includes extents and lists of extents. Disk defragmenters like that ripoff product diskeeper attempt to make use of ignorance of how this works to get people to buy software that does not help. In reality the extent windows are cached by the filesystem so having parts of the structure on different platters/heads/cylinders doesn't do ANYTHING to performance on reads or writes. ("Doesn't do anything"=does not affect performance of reads or writes.)

Glad you work at a VAR. It's good to have a job these days. If you want to know more, study up on ODS, extents, windows, caching, and don't read any more wikipedia on FMS, Files-11, RMS, or anything else which is not low-level.

There's nothing wrong with being an admin. Best not to confuse it with being an engineer.

Best regards,

Ehud

Re: I declare flaming troll-fest Friday night!

[iggymanz]

Funny, the experts of VMS, HPs engineers who are still writing the stuff, say differently in the hp openvms forums, that excessive fragmentation can kill VMS performance and so HP themselves also sell defragmentation tools. They must know something you don't?

any caching obviously only helps in certain cases, when what is being sought is available in the cache.

as a real degreed engineer of things electrical and nuclear who has designed and built real things, I find the use of "engineering" by those in the software realm a little humorous, as they are not nearly so rigorous, and push things out the door with built in causes of catastrophic failures, read the vms patch comments sometime. At least in the last 5 years the thing looks pretty stable and good, finally.