Slashdot Mirror

← Back to Stories (view on slashdot.org)

Theo De Raadt Says FreeBSD Is Just Catching Up On Security

Posted by timothy on from the diplomatic-mission dept.

An anonymous reader writes "The OpenBSD project has no reason to follow the steps taken by FreeBSD with regard to hardware-based cryptography because it has already been doing this for a decade, according to Theo de Raadt. 'FreeBSD has caught up to what OpenBSD has been doing for over 10 years,' the OpenBSD founder told iTWire. 'I see nothing new in their changes. Basically, it is 10 years of FreeBSD stupidity. They don't know a thing about security. They even ignore relevant research in all fields, not just from us, but from everyone.'"

3 of 280 comments (clear)

  1. Framing the debate by Anonymous Coward · · Score: 4, Informative

    As usual:

    - Theo is a complete asshole, but also quite correct about most things. OpenBSD is rather behind the
    times in general, but very good at what it does do. And their stance on BSD license and making BSD tools is great.

    - FreeBSD really is stupid about some things.
    Let's take for instance their complete refusal to implement any strong security in their distribution chain.
    You can't verify their ISO's or packages back to their source in any way. Their repo is ancient svn, not
    git or monotone, so they have no signable hashes in their repos. There's no deterministic builds. etc.
    And when you bring it up, they just handwave about process and workflow as reasons to continue
    doing the same. FreeBSD is pretty damn good as an OS, but their standing on these things is BULLSHIT.

    1. Re:Framing the debate by styrotech · · Score: 5, Informative

      - Theo is a complete asshole, but also quite correct about most things. OpenBSD is rather behind the times in general, but very good at what it does do. And their stance on BSD license and making BSD tools is great.

      Yeah the bit that struck me here was that Theo was relatively complimentary about Linux and Linux devs. eg mentioning Linux also did this stuff ages ago and that OpenBSD used some research from Ted Ts'o (and others) in their implementation.

      So the complaint wasn't about credit for who was first, just about how FreeBSD got a bunch of Snowden related media coverage for something practically everyone else did ages ago as if it was something new to worry about.

  2. Re:Do these projects OpenBSD, FreeBSD matter anywa by utkonos · · Score: 4, Informative

    You may want to pose that question to Netflix. They account for about 1/3 of the traffic on the internet and all that traffic is served from FreeBSD servers.

    Also, Mac OS X is essentially a fork of FreeBSD.

    The OS on all Juniper equipment is a modified version of FreeBSD.

    The Playstation 3 and 4 OS are both modified FreeBSD.

    Plus more.