Slashdot Mirror
OpenBSD 4.6 Released
pgilman writes "The release of OpenBSD 4.6 was announced today. Highlights of the new release include a new privilege-separated smtpd; numerous improvements to packet filtering, software RAID, routing daemons, and the TCP stack; a new installer; and lots more. Grab a CD set or download from a mirror, and please support the project (which also brings you OpenSSH and lots of other great free software) if you can."
OpenBSD is 14 as of today.
Today would be a great day for even a little gift. ;-)
Abuse of corpse.
OpenBSD just got Soft RAID support? What took you so long Theo? :P
I used OpenBSD as a router for awhile, I'm using FreeBSD now. I can't seem to filter packets from a natted jail to my LAN. I don't know if OpenBSD has jails, but I wonder if it would work under OpenBSD. I don't want packets getting from the 10.0.0.1 jail to my 192.168.0.0/24 network. But the jail has to access the internet. If someone could send me a pf.conf for that I would appreciate it.
I just want to give a huge Thanks to Theo and the rest of the OpenBSD developers. They're doing a fantastic job. I'll order my CD soon.
Doing what others only dream... a scheduled release, early!
I'm waiting for OpenBSD to give up on creating a modern kernel and focus on what they do best: create hardened network applications & a clean base system. A freebsd / openbsd fusion would give linux a run for their money.
They have lots of mirrors and they likely work well, but with a torrent I could help pass it around.
What is with projects not offering the option?
20 characters max for the password? How will I use my favorite poems as passwords?
Come on! FreeBSD has been releasing via bittorrent for a while now. Get with it OpenBSD!
Not trying to be a troll, but do any significant websites besides Yahoo! and Verio run BSD?
"The difference between genius and stupidity is that genius has it's limits" - Albert Einstein
Go tell him what you think of his vile dog rapes
Where's the song? There was supposed to be an earth-shattering song!
Anyone know of the preformace? Been using mdadm for a while and been liking it.
OpenBSD's FAQ explains their choices regarding ISO images.
I like to install OpenBSD from a floppy image - only 1.44 MB! I then choose an FTP mirror and install whatever parts I want on the fly.
For those who don't know, there's a BSD style linux distro that kills Gentoo in both, setup, design, and ease. It's virtually BSD with a linux kernel, and an apt-get killer.
"
Arch Linux is an independently developed, i686/x86-64 general purpose GNU/Linux distribution versatile enough to suit any role. Development focuses on simplicity, minimalism, and code elegance. Arch is installed as a minimal base system, configured by the user upon which their own ideal environment is assembled by installing only what is required or desired for their unique purposes. GUI configuration utilities are not officially provided, and most system configuration is performed from the shell by editing simple text files. Arch strives to stay bleeding edge, and typically offers the latest stable versions of most software.
Arch Linux uses its own Pacman package manager, which couples simple binary packages with an easy-to-use package build system. This allows users to easily manage and customize packages ranging from official Arch software to the user's own personal packages to packages from 3rd party sources. The repository system also allows users to easily build and maintain their own custom build scripts, packages, and repositories, encouraging community growth and contribution.
The minimal Arch base package set resides in the streamlined [core] repository. In addition, the official [extra], [community], and [testing] repositories provide several thousand high-quality, packages to meet your software demands. Arch also offers an [unsupported] section in the Arch Linux User Repository (AUR), which contains over 9,000 build scripts, for compiling installable packages from source using the Arch Linux makepkg application.
Arch Linux uses a "rolling release" system which allows one-time installation and perpetual software upgrades. It is not generally necessary to reinstall or upgrade your Arch Linux system from one "version" to the next. By issuing one command, an Arch system is kept up-to-date and on the bleeding edge.
Arch strives to keep its packages as close to the original upstream software as possible. Patches are applied only when necessary to ensure an application compiles and runs correctly with the other packages installed on an up-to-date Arch system.
To summarize: Arch Linux is a versatile, and simple distribution designed to fit the needs of the competent Linux® user. It is both powerful and easy to manage, making it an ideal distro for servers and workstations. Take it in any direction you like. If you share this vision of what a GNU/Linux distribution should be, then you are welcomed and encouraged to use it freely, get involved, and contribute to the community. Welcome to Arch!
" - http://www.archlinux.org/about/
What I like about OpenBSD is every six months I have to look at the upgrade guide to decide what new accounts to create and config files to synchronize with etcXX.tgz, then I "upgrade" with cp and tar. OK, the upgrades are a bit more painful than using aptitude on a Linux box, but the results are always good. :-)
The story points to plus46.html which isn't useful for a general distribution announcement like this. Here's a much better choice (which includes a link to the plus46.html page):
http://www.openbsd.org/46.html
or
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-announce/2009-10/msg00001.html
Make floor(3) round towards -inf instead of towards zero.
Floor? Really? Who was so bored they looked at a 20-year old function (the ANSI C standard was written in '89) and said: yes, there is room for improvement here!
At least they could have changed it to accept input in XML format :p
In 2000, chief *BSD developer Matt Damon left the project after penning a long, meandering suicide note, loosely based on a novel by renowned playwright Buzz Aldrin.
FreeBSD used to be fun. It used to be about doing things the right way. It used to be something that you could sink your teeth into when the mundane chores of programming for a living got you down. It was something cool and exciting; a way to spend your spare time on an endeavour you loved that was at the same time wholesome and worthwhile. It's not anymore. It's about bylaws and committees and reports and milestones, telling others what to do and doing what you're told. It's about who can rant the longest or shout the loudest or mislead the most people into a bloc in order to legitimise doing what they think is best. Individuals notwithstanding, the project as a whole has lost track of where it's going, and has instead become obsessed with process and mechanics.[edit] Netcraft Weighs In
Not long after Matt's suicide, the United Nations Commission for Wresting Control of the DNS Root Servers from the Imperialist United States ("UN-USA")'s Netcraft project weighed in with its final judgement. In typical Netcraft fashion, the writer kept to the facts and looked to the numbers:
It is now official. Netcraft has confirmed: *BSD is dying One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test. You don't need to be the Amazing Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood. FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying. Let's keep to the facts and look at the numbers. OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts. Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house. All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracleOpenBSD security is in large part overstated, and at worst, a myth.
Let us look at 3 main points, of which the last is the most important.
1. Secure by default. Yes, having services turned off by default is a good move. It also actually has nothing to do with the security of what you actually have running.
2. Auditing. Only the base system is audited. The ports are often quite far behind. Most attacks are not against "the base system".
3. Lastly...OpenBSD, by design, is not a secure system. A secure system is much, much more than just a lack of vulnerabilities. It is the ability to have controls and lock down things, to prevent unauthorized access. Instead, the OpenBSD approach does it's very best to assume that people don't get in, but does little to help when something does go wrong. Or, you know, if you even wanted to actually restrict access with more than just the user/group scheme. Hell, they don't even have a basic ACL. VMS was a secure system. Very recent editions of Windows are well on their way to becoming secure systems. OpenBSD is not.
In fact, as it stands, Linux is a far, far more secure system, because of access to things like SELinux and RSBAC. These frameworks allow you to lock down and control every aspect of your system. Anything you want to restrict and how, you basically can. It takes the "everything is a file" philosophy to the next step. These systems are more secure for one simple reason. You should be prepared in case someone does, not simply try to eliminate all bugs all together, which while noble, is a flawed attempt. Not to mention the inability to restrict legitimate users on the system in a limiting way...
Instead, if someone successfully gets root on OpenBSD..then they have root, This is getting better with privilege separated stuff, but Linux had this in 3rd party patches about 10 years ago. With SELinux and RSBAC, you can remove the concept of root. If someone hacks a webserver...well, the webserver does not need write access, except maybe to tmp, it won't need execute access, it won't need to initiate outgoing connections, and it won't need write access, only append access to /var/log. The attacker can't do anything, and you simply can't do something similar with OpenBSD.
In fact, despite Theo being staunchly opposed to such attempts, there was one. Systrace. It was nowhere near as powerful or flexible as the aforementioned frameworks, but it was a start. Instead, The developers decided to use an insecure technique, system call interposition, shown to be insecure. After this they gave up.
OpenBSD is an extremely quality codebase, and it is more secure for small stuff and does make a good router or firewall. It is by no means a secure system though, and should not be hailed as one.
If you ignore ACs because they are anonymous - you're an idiot.
wwW.anti-sLash.org
When I looked at the release notes sent out by email, I saw this under "New functionality":
"httpd(8) can now serve files larger than 2GB in size."
I'm very surprised by this.
Rock solid, thought through and very conservative.
They have their niche and do their best to serve it as good as they can. I'm very glad that this project exists even though I don't use OpenBSD but various of its offsprings (OpenSSH/SSL, etc.) only.
Theo is a very controversial person but at least he keeps the project on focus and going. Congratulations for that and best of luck for the future.
I don't see myself using OpenBSD anytime soon but I know a few people that do and they are happy with it. So keep going, the community needs you!
FreeBSD is already at 7.2! No way they can catch up now, unless they pull a Windows.
Apparently, softraid is also included in the GENERIC kernel. This means that, unlike with the old RAIDframe, you don't have to compile your own kernel before you can use it.
Please correct me if I got my facts wrong.
Setup a user? (enter a lower-case loginname, or 'no') [no]
yes
No really, what is the lower-case loginname, or 'no'? [no]
... yes since you can close it. It is a threat to optimal open source code. Namely, the open source code is not optimal and you must buy the closed/improved version. The GNU GPL has a better balance for open source has it forbids fake open source like what we have with darwin/macos. Personnally the BSD licence would be great if it was protecting against closing the source.
> please support the project (which also brings you OpenSSH Is it possible to support OpenSSH without the money being wasted on OpenBSD?
I love the idea of OpenBSD, but I've found it lacking in hardware support, even when a driver exists in FreeBSD/Linux.
I know Theo has a thing against binary blobs (and that's adorable), but even hardware that is well supported by hte manufacturer is notably absent.
For example, does this version of OpenBSD support the SUPERMICRO AOC-SAT2-MV8?
This is a popular card because it is extremely cheap and works in pretty much any modern PCI port.
The source code for the driver comes with the card on a CD (although I'm not certain what license).
The driver on the CD can be compiled for Windows or Linux (and I think the driver is in most base Linux distros).
Also, FreeBSD has supported this card for some time. (So even if there is a licensing issue, there is still some BSD licensed code that they can steal.)
whoop de fucking dooo!
OpenSSH is developed solely for OpenBSD, to not bloat the code, then they have a separate team working on making it portable to other OSes
Dyslexics are teople poo
Comparing the latest OpenBSD to the Ubuntu Server, what are the security advantages of OpenBSD that would warrant it's usage over Ubuntu Server? Ubuntu Server home page boasts quite a lot of security features and I presume it's faster than OpenBSD as well.
Can someone recommend a good platform on which to run OpenBSD which will consume the lowest possible power and let me run a Wireless-G and a Wireless-N NIC in master mode at the same time? I also need 100baseT[x]. Ideally it would run from fairly broad DC power (8-18VDC). I want to spend minimal money :) So far in the running are PC Engines, Mikrotik, and Soekris, in my current order of preference from most to least. I'm willing to have my mind changed, though. SD, USB, or CF storage, I don't care.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
When I last tried to use OpenBSD, package management was a big barrier to entry. In those days, I yearned for apt-get like ease to set updates and even distribution upgrades automatically. I noticed that OpenBSD added pkg_add several years ago, but I haven't really tried it in the enterprise. How is the package management system today? How easy is it to do hands-off administration of tens if not hundreds of these servers?
So true. Either the person writing the library or the person writing the program has no mathematical training or little concern over disregarding conventions long associated with quality software.
The authors of APL back in 1963 worked very, very hard to define the computational equivalents of common mathematical notation to preserve and obey the maximal set of mathematical identities. Perhaps they worked harder at this than other language teams because identities are none too compelling expressed in Lisp notation.
Later, when I learned many ideas about program correctness and defensive programming from Dijkstra, his notions of program correctness were highly APL compliant. People don't understand the full gravity of Dijkstra's lament APL is a mistake, carried through to perfection. The only language consistent with his notions of programming elegance was a failed enterprise out of the starting gate. His implied converse also interests me: X, for X != APL, is a valuable step forward, borked beyond all recognition.
The people who brought you floor() truncating toward zero also brought you modulus operators where mod (x,N) == -mod(-x,N) Good luck using that to write an elegant loop dealing with possible negative values of x while ensuring that an array subscript is within the viable range [0..N)
And how about malloc(0) aborting your program on the assumption that a program which correctly handles the empty set (a rare condition indeed) deserves to have multiple extra lines of conditional statements to permanently clutter code review, when falling through the primary code path could have been completely safe. ["rare condition" resolves twice: once for sarcasm, once for cynicism. Lisp notation ruins everything.]
Too many OSes out there refuse to differentiate progress from borkage. Once you inflict enough paper cuts, one begins to think that bugs are a fact of life. Yet a few people out there who refuse to tolerate paper cuts manage to write large chunks of software near to entirely bug free. Mostly individuals, as it happens.
OpenBSD is a bit of a sore point for many people out there who like to crow about their progress unsullied by their borkage. The deep issue here is what ultimately happens to the rotting pea under the mattress? Do all the layers of straw and cotton mask the problem from the princess on top? Or does it just fester down there causing endless problems and sleepless nights?
This came to mind concerning the indicted IBM executive. I was thinking about the common career strategy of presiding over short term success, leaving at the top before the stink catches up with your actions, taking credit for a few brilliant quarters, then repeating the cycle with your next employer (who likely hired you after boning up on sharp trading practices). Our progress detectors are easily fooled.
I think in larger projects, one generally has to burn a few boats to hit the release date. Nothing stops a project from pausing after the release cycle to clean up the mess. I've noticed, however, that several projects that took a significant hiatus to get things right were severely punished by the nattering nabobs of negativism (don't look now, if you're reading here, you're surrounded). Postgres, Mozilla, Perl 6, Snow Leopard all come to mind (as a list, that's a bit of a Lewis Carroll Sesame Street: three of these things aren't not like the other. The yin/yang of car/cdr.).
Since I'm inclined to be dangerously open minded, I haven't made up my mind on Perl 6 yet, especially since the Python people have already released a darn good Perl 5.9
Are there no parallels here between Parrot and OpenSSH? "Man, I don't know what those guys are doing over there, but *just look* at the tools they leave lying around, and the man page *actually explains* how to use it. Too bad about their misguided agenda / abject ind
You/kestasjk make it sound like OpenBSD had to play catch-up implementing NX. FYI, OpenBSD 3.3 was actually the first OS to ship with it (except they called this W^X, "write XOR execute"), 6.5 years ago.
I'll give you that the new "in a heck of a long time" wording in their tagline is unfortunate. It must be ~11 years now, a pretty strong track record I'd say, but feel free to convince me otherwise...
Solaris supported Ultrasparc NX in the late 90s. OpenBSD's innovation was to enforce NX pages on i386 which doesn't have any such hardware support. OpenBSD supports hardware NX of course.
POKE 36879,8
Welcome TO Our Website:
Http://www.tntshoes.com
Hi friend, we are a prefession online store, you can see more photos and price in our website which is show in the photos
if you are interested please email me by , hellow we have run a online shiping mall for many years, our website is pls see our website in the photos attached attached, we have all kinds brand new shoes,clothing, handbag,sunglasses,hats etc for sale, 6000000% best quality with the amazing price. our website is pls see our website in the photos attached attached, You will find more pictures and the price for our product in our website, please see below of the nike shoes we have, we take paypal as payment, . shoes SB dunk $28-42 free shiping.
OUR WEBSITE:
YAHOO:shoppertrade@yahoo.com.cn
MSN:shoppertrade@hotmail.com
Http://www.tntshoes.com