Slashdot Mirror

← Back to Stories (view on slashdot.org)

Are the BSDs Dying? Some Security Researchers Think So (csoonline.com)

Posted by msmash on from the closer-look dept.

itwbennett writes: The BSDs have lost the battle for mindshare to Linux, and that may well bode ill for the future sustainability of the BSDs as viable, secure operating systems, writes CSO's JM Porup. The reason why is a familiar refrain: more eyeballs mean more secure code. Porup cites the work of Ilja von Sprundel, director of penetration testing at IOActive, who, noting the "small number of reported BSD kernel vulnerabilities compared to Linux," dug into BSD source code. His search 'easily' turned up about 115 kernel bugs. Porup looks at the relative security of OpenBSD, FreeBSD and NetBSD, the effect on Mac OS, and why, despite FreeBSD's relative popularity, OpenBSD may be the most likely to survive.

9 of 196 comments (clear)

  1. The *BSDs have the most intelligent mindshare. by Anonymous Coward · · Score: 1, Interesting

    The BSDs have lost the battle for mindshare to Linux

    I think that this is a laughable idea. The *BSDs have the best mindshare possible. They have the mindshare of the most intelligent and forward-looking software developers, IT specialists, and executives.

    Linux's mindshare is closer to that of Windows. It's not so much based on technical excellence or intelligence or foresight as it is based on hype and name recognition.

    The mindshare that the *BSDs have is the best there is.

  2. MacOS X? by Kenja · · Score: 4, Interesting

    While not an "official" BSD, OS X is based on NeXT which is based on BSD and it uses the MACH kernel.

    --

    "Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
  3. No by DaMattster · · Score: 5, Interesting

    "Some" researchers are saying the BSDs are dying so it must be true, huh? "Read it on the internet, hot damn, must be true then." Bullshit! The BSDs have a large community that is passionate about their choice of operating system. I have been using OpenBSD since 1998 and I will only stop using it once the community completely collapses, development ceases, and the foundation folds. The day that happens, I will have to find another hobby altogether and just keep a smartphone and tablet handy. Learning and using OpenBSD has made me far more knowledgeable about computers, operating systems, networks, and security than any other platform out there. If it weren't for my college roommate introducing me to OpenBSD, I believe I would just be another Microsoft wanker. OpenBSD taught me how the internet works and opened a wealth of knowledge. OpenBSD turned me from a computer power user into a true System Administrator. Ever since that day when I asked my roommate just what the heck OpenBSD was, my life would never be the same.

  4. If true, it's a shame by walterbyrd · · Score: 4, Interesting

    IMO:

    BSDs have a superior architecture in many respects. This is especially true since the systemd takeover.

    Administration on BSD servers just makes more sense. Linux seems to be all over the map. I think there are over 1000 Linux distros. Many distros want to change around the directory structure. Simple things, like starting services on bootup, and setting up static IP, become difficult with Linux because everybody wants to pull Linux in different direction - often for no good technical reason.

    Linux certainly has advantages over BSD. But I think BSD gets a lot of stuff right.

    Again: all JMHO.

    1. Re:If true, it's a shame by geek · · Score: 5, Interesting

      1000 distros sure, but you can completely ignore 990 of them. The other Of the remaining 10, probably 6 are copies of the major 4, Debian, RedHat, Gentoo, Arch.

      People keep bringing up the many distro thing but honestly, no one really gives a shit. Those are hobbyist toys and they almost universally die out after a few years. In those few years a handful of people learn a lot and contribute to the community.

      The BSD's are fine. I used them once upon a time. The problem is they are inflexible and all they want to do is emulate a long gone era of computing that just isn't functional today. Linux will at least adapt to peoples needs, BSD's will stand there and bitch about you being on their lawn.

  5. Re: "more eyeballs mean more secure code"?! by Anonymous Coward · · Score: 3, Interesting

    Give us links to each and every one of those bug reports so we can judge the severity of these alleged bugs on our own. If the BSD devs aren't fixing them it's probably because they're very minor bugs, or perhaps aren't even valid bugs to begin with.

  6. Is it just that the pie is growing? by Voyager529 · · Score: 5, Interesting

    First off, I submit that BSD is finding its home in appliances. FreeNAS and pfSense are both fairly popular, and both BSD based. Commercially, the Nintendo Switch is based on BSD, and Cisco, McAffee, and Juniper all have appliances using BSD at their core. Also, as others have pointed out, OSX.

    That said, there are so many copy/paste tutorials for Debian and its derivatives like Ubuntu and Raspbian. With BSD lagging behind severely, for every person who prefers BSD and can successfully use it to do what they need, there are five more less-technical users who are able to fall into the pit of success with a Bitnami or Turnkey Linux distribution.

    BSD may well be superior for certain tasks, especially networking, but the fact of the matter is that expecting BSD to simultaneously be competitive in the numbers game against Linux when Linux has an ecosystem which BSD lacks. That ecosystem encourages users looking to get something done to use that product, rather than adhere to principles which otherwise have little effect on them. I know systemd is hated in these parts, almost universally, but if I need to spin up a Wordpress instance, it takes me ten minutes to grab Turnkey Linux and start addding my content, rather than the half hour or more it would take to spin up BSD, manually install an AMP stack, figure out the BSD equivalent of /var/www, Google all the MySQL commands to create the database at the CLI since I don't have Adminer or phpMyAdmin to do it, and then add Wordpress. As a non-developer and non-distributor, the BSD vs. GPL vs. MIT license situation affects me very little, so the fact that both Debian and BSD are free-as-in-beer means that they compete on how much of my time they take to spin up.

    This is why I use pfSense and FreeNAS. It's also why most of my appliances are Turnkey Linux based.

  7. Re: BSDs dying? by rl117 · · Score: 5, Interesting

    systemd was what pushed me into trying out FreeBSD seriously for the first time, three years ago, after 15+ years of Debian as a user and develop. So many stupid problems. FreeBSD was like a breath of fresh air, and I wish I'd tried it out years ago. Today, I'm using FreeBSD increasingly, contributing to the ports here and there, and finding it to be mostly pretty good. Not as polished as Debian in every respect, but the package manager is continually improving and it's on a par with apt at this point. And being able to install straight onto ZFS is huge; Debian and Ubuntu need to get this into their installers.

  8. *BSD = Elitism by duke_cheetah2003 · · Score: 2, Interesting

    You know, some 20 years ago, I used to be a huge supporter of FreeBSD. I swore by the OS, and wouldn't touch anything else. A diehard fanboi. Then I asked for help with some legacy hardware and discovered the hostile elitism of BSD community.

    They basically told me to make my own drivers and to fuck off. Yeah, not very helpful. I switched to Linux cuz it worked with my legacy hardware and never looked back.

    Today I have zero respect for *BSD people and software. They can jump off a cliff and I'd just smile. I would sooner touch a Mac than a *BSD system. Treat people like shit, they might just be totally alienated from your offerings.