Slashdot Mirror

← Back to Stories (view on slashdot.org)

Theo De Raadt Says FreeBSD Is Just Catching Up On Security

Posted by timothy on from the diplomatic-mission dept.

An anonymous reader writes "The OpenBSD project has no reason to follow the steps taken by FreeBSD with regard to hardware-based cryptography because it has already been doing this for a decade, according to Theo de Raadt. 'FreeBSD has caught up to what OpenBSD has been doing for over 10 years,' the OpenBSD founder told iTWire. 'I see nothing new in their changes. Basically, it is 10 years of FreeBSD stupidity. They don't know a thing about security. They even ignore relevant research in all fields, not just from us, but from everyone.'"

12 of 280 comments (clear)

  1. Quick Wiki Summary by fustakrakich · · Score: 5, Insightful

    "De Raadt has been criticized for having a somewhat abrasive personality..."

    --
    “He’s not deformed, he’s just drunk!”
    1. Re:Quick Wiki Summary by serviscope_minor · · Score: 5, Insightful

      I've personally exchanged emails with De Raadt on the OpenBSD mailing list. Actually, he weighed in on a conversation which didn't initially involve him. He wa calm, helpful and polite and the discussion was a productive one.

      Why was this? I didn't start off by being extremely rude to him. Because I did my homework and found out as much as I reasonable could with my knowledge and skills. Expecting someone like that to hold my hand and do my homework for me for free no less is exceptionally rude. Somehow many people are too dumb and selfcentred to realise this.

      --
      SJW n. One who posts facts.
  2. Re:so letting the nsa hire someone by EdIII · · Score: 4, Insightful

    to write your ipsec, thats the definition of security.

    Exactly.

    The NSA is the one you are protecting yourself against . Why would you EVER trust any cryptographic primitives designed by them at all?

    Being able to fully trust the cryptographic primitives on a system is not a new thing though... those NSA guys have tainted so much everywhere simply because it is their job description to decrypt sensitive communications for the intelligence community.

    Microsoft anyone?

  3. Re:Do these projects OpenBSD, FreeBSD matter anywa by Anonymous Coward · · Score: 4, Insightful

    ...Why should I care? Where in the world is serious stuff being done on any of these platforms? Just asking...

    When it comes to security, De Raadt is like House

    So I guess it matters if you care about security. Then again, since we don't really use secure software or systems, that point is kind of moot.

  4. Re:OpenBSD is better than the Slashdot Beta. by Anonymous Coward · · Score: 0, Insightful

    How the fuck is it spam? There's no commercial content in it. The only thing that may be slightly interpreted as "commercial" in nature is perhaps the continued existence of /. as a site that gets any visitors. But that's a real stretch.

    Besides, the message is 100% valid and correct regardless of whether it has or has not been posted before. Hell, it's a damn good message, and one we need to hear more and more often if /. has any hope of not becoming the next Digg.

  5. Re:Yeah by ArchieBunker · · Score: 5, Insightful

    And usually right.

    --
    Only the State obtains its revenue by coercion. - Murray Rothbard
  6. Re:so letting the nsa hire someone by EvanED · · Score: 5, Insightful

    ...those NSA guys have tainted so much everywhere simply because it is their job description to decrypt sensitive communications for the intelligence community.

    To play devil's advocate for a second (and from someone who is as opposed to the NSA's spying as anyone), they job is also to prevent adversarial spying on us. That presumably applies much more to government functions than day-to-day ones, but if, say, the military or state department actually follows the NSA's suggestions, there's a decent chance that those suggestions are pretty close to as good as it gets.

  7. Re:constructive criticism by Trepidity · · Score: 3, Insightful

    Well, he did produce OpenBSD, which could be seen as constructive criticism in a sense (instead of just complaining, build something). But yeah, if you mean constructively criticizing things in text, that's not really his strong point.

    --
    10 PRINT CHR$(205.5+RND(1)); : GOTO 10
  8. Re:Now, if... by cold+fjord · · Score: 5, Insightful

    ...only OpenBSD would catch up in every OTHER category...

    You can always port or build other software on OpenBSD.

    You can't really bring other operating systems up to OpenBSD security standards with just a compile or two.

    Make your pick: secure, or convenient.

    --
    much of left-wing thought is a kind of playing with fire by people who don't even know that fire is hot - George Orwell
  9. Re:Now, if... by Arker · · Score: 5, Insightful

    What method could possibly be more convenient, simple, and appropriate than opening the file with your text editor of choice and deleting the line?

    What do you expect? Some bulky "management interface" to hold your hand while you take 10 times as long as necessary to do the simple task of *removing an entry from a text file*? What is wrong with you?

    --
    =-=-=-=-=-=-=-=-=-=-=-=-=-=-
    Friends don't let friends enable ecmascript.
  10. Re: Now, if... by Anonymous Coward · · Score: 2, Insightful

    Complete aversion to documentation? Are you sure you're thinking of the OpenBSD folks? I think you might be confusing them with the Linux crowd.

  11. Re:Now, if... by Bert64 · · Score: 4, Insightful

    Still running default services and just hiding them behind a firewall is a stupid, not having them running at all is far more sensible.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!