Slashdot Mirror

← Back to Stories (view on slashdot.org)

Theo De Raadt Says FreeBSD Is Just Catching Up On Security

Posted by timothy on from the diplomatic-mission dept.

An anonymous reader writes "The OpenBSD project has no reason to follow the steps taken by FreeBSD with regard to hardware-based cryptography because it has already been doing this for a decade, according to Theo de Raadt. 'FreeBSD has caught up to what OpenBSD has been doing for over 10 years,' the OpenBSD founder told iTWire. 'I see nothing new in their changes. Basically, it is 10 years of FreeBSD stupidity. They don't know a thing about security. They even ignore relevant research in all fields, not just from us, but from everyone.'"

2 of 280 comments (clear)

  1. Re:Framing the debate by Anonymous Coward · · Score: 5, Interesting

    How is OpenBSD any different in that regard? They rewrote CVS (OpenCVS) for heaven's sake, so they didn't have to move to SVN, let alone Git.

    And Git's hashes are not for the sake of security. Linus made that abundantly clear when he refused to allow SHA-2 to be used, even after people were able to manufacture a Git collision using SHA-1.

    People misunderstand what makes OpenBSD secure. OpenBSD is about being conservative and simple. Lots of the things they do seem backwards or antiquated. In this case, XORing your random bit streams is as conservative as you can get. And when Theo talks about following the research, it's not to jump on fancy new technology, but in tracking the evolution of software and cryptographic exploits and trying to preemptively get out of those paths. That's opposite of Linux and FreeBSD, where they're constantly chasing new features, new optimizations, and new technologies.

  2. Re:Do these projects OpenBSD, FreeBSD matter anywa by Anonymous Coward · · Score: 5, Interesting

    A new 10x faster network stack is coming to Linux via FreeBSD, enjoy your 10gb routing speeds with a 1ghz cpu and in user mode, not kernel. Nginx, that's BSD, Varnish, that's BSD. Actually, most OS research is done on FreeBSD, then ported to Linux. Anecdotally, several large datacenters are claiming they're seeing a rise in BSD services and VMs and some major customers with millions invested, switching to BSD from Linux.

    One corp claimed to have over 10,000 VMs and paid RedHat for enterprise support for those VMs with a 5 year contract. They're still locked into contract, but they switched to FreeBSD because they can cut down their number of VMs by 30% and get the same performance. They also found it easier to manage FreeBSD. They're paying for that contract, but not using it. I bet that was a fun sell to management.