Slashdot Mirror
OpenBSD 6.3 Released (marc.info)
OpenBSD announced on Monday that v6.3 update, which was slated to be released on April 15, is ready for download. From the announcement post: This is our 44th release. We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install. As in our previous releases, 6.3 provides significant improvements, including new features, in nearly all areas of the system. You can read about the changes and improvements here.
That they know of.
I'm pretty sure that *BSD is dying. I read that somewhere.
The base system has the C compiler and related tools, X11 with three window manglers (twm, cwm, and fvwm), xterm, and two text editors (vi and mg (for the emacs fans)). It has is own SSH, SMTP, and HTTP daemons, though these must be configured and enabled. You can do more than you think with a base install.
Among all the current Unix-like operating systems out there, OpenBSD remains the most true to the traditional Unix philosophy. Their level of commitment to code quality and good documentation is, frankly, foreign to the Linux world these days. They've done a huge amount of excellent work over the years and if their philosophy sounds interesting to you, I urge you to check it out and donate.
An hour ago, I randomly checked whether there was a new version. It was still at 6.2. Well, I guess such coincidence is bound to happen to someone anyway... Even to one of the three OpenBSD users out there. ;)
Ezekiel 23:20
Why does the submission link to someone’s “congratulations” email response instead of the original email announcement... or the web posting about the release itself?
https://www.openbsd.org/63.htm...
#DeleteChrome
What would currently be considered to be the most secure operating system and why ?
BTW, I am looking for actual answers and not a flame war. Thanks.
This is all fine and good but APK's hosts file engine doesn't run on it so it can't ever be secure.
Yep like OpenSSL which turned out to be well-audited and highly-secure code. The many eyes were doing a great job keeping all the bugs out of that project! LAWLZ!!
when Netcraft confirms it!
POSIX, motherfucker! Are you compatible?!
Much like the Linux world which is almost entirely based on two derivatives (Debian and Redhat), the BSD world is mostly the same, the two primary derivatives are FreeBSD and OpenBSD. FreeBSD has by far and away the largest user base of the two, and the most commercial support backing it as well.
two holes in an install with zero packages that can do nothing but ssh yay?
Actually a common use for OpenBSD is a firewall and/or router. Built-in packages accomplish these and other infrastructure roles. Thus making the internet a safer place to tread for Linux boxes with whatever is the fad-of-the-moment development stack. ;-)
systemd... nice troll!
Don't forget NetBSD, which is also a very good BSD.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
FWIW, the init part of systemd is fucking fantastic once people get their heads out of their asses. The rest of systemd is pretty mediocre, but then so is a lot of the software it's attempting to replace. A lot of the anti-systemd crowd is nothing more than greybeards bitching about change.
So they’ve doubled the assholes using it? Who besides Theo?
In my day there would be several by now. Iâ(TM)m so dismayed.
Can OpenBSD use more than one core at a time? As far a I know it can't do MP.
Or maybe it's like the dog that can walk on it's hind legs; it isn't that the dog does it well, but that the dog does it at all.
The second most popular distro on distrowatch.com is Manjaro, which is based on Arch. A challenger appears!
According to their info Manjaro is based on Arch Linux, which is probably the 3rd most popular branch of Linux right now.
They seem to be pretty proud of being able to keep two remote bugs for 20 years. One would think they'd fix them instead of boasting about them for so long. I mean, other OS's probably have more for longer to brag about.
It depends on your use case. For me systemD has no benefits, though, admittedly, few drawbacks as an init system. Unfortunately, it's difficult to uncouple the init system from the rest. And, e.g., I dislike logs that aren't text based (or have they finally fixed the bugs in that piece...last I heard it was "won't fix").
I think we've pushed this "anyone can grow up to be president" thing too far.
If I r00t your b0x the last thing I am going to do is leave evidence in /var/logs.
Binary logs are a feature for this reason
http://saveie6.com/
Are all BSDs created equally?
https://media.ccc.de/v/34c3-89...
Has some code review, fuzzing, runtime testing on all 3 major BSD distributions.
Domestic spying is now "Benign Information Gathering"
I've used it since the late 90's. I'm sure there are more assholes than Theo and I using it.
Trolling is a art,
lame and unfunny.
Sure thing, Theo.
You're running ssh? Do you not care about security?!
“Common sense is not so common.” — Voltaire
You could write everything in Java. Would be time better spent instead of trolling.
Afaik systemd only provides binary logs, but also afaik redhat, debian and derivatives also installs rsyslog in the default install providing text logs. Curious to know what distro you've come across that has binary logs only?
Unfortunately, it's difficult to uncouple the init system from the rest. And, e.g., I dislike logs that aren't text based (or have they finally fixed the bugs in that piece...last I heard it was "won't fix").
It's not that "difficult" to remove systemd: a lot of Linux distributions do that, like Slackware, Devuan, and Gentoo, just to name the biggest three.
And, yes, binary logs suck, and systemd developpers are a bunch of whiny little bitches, with no understanding or appreciation for UNIX philosophy and history (hence, the appeal of the BSDs, where things are closer to what they used to be).
At this stage, honestly, I'd like to have solid numbers on, say, the number of times Debian has been downloaded vs Devuan, for instance, but I suspect the vast majority of today's sysadmins blindly go with whatever Red Hat/CentOS decides, because, hey, it's Red Hat, and no one has ever been fired for buying that crap. Hence the appeal, for a minority, of the BSDs.
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
https://www.youtube.com/watch?v=sen8Tn8CBA4
Absolutely! No one will ever be able to find any evidence you were on anything... until they look in /var/log/.
The best way is to write your software on a *BSD. Just pick one. Use the Single Unix Specification as your bible. After that, port your software to linux. That's much easier than the other way around, and now you have software that compiles and works on both. It's not difficult, if you get yourself the right tools. Like, oh, decent manpages and the actual specification, as opposed to "grepping the include files". Half a clue goes a long way here.
Another asshole here.
I would not use distro downloads as an indicator of systemd being used. I have been using my farm of Debian Linux servers in Debian 8 and 9 *without* systemd.
There are multiple Gentoo and Slackware derivatives as well. I've used and loved Gentoo for over a decade now. AFAIK, systemd is optional on both (though I don't think Gnome will run properly without it).
Nonaggression works!
No love for Suse?
Cheap storage VM.
... Except, of course, that if you are "root" on *any* box, systemd or not, you will be able to delete any logs you'd like, binary of plain text (journald anyone?).
So what was your point again? Ah, yes, displaying your total ignorance. Mission Accomplished!
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
> OpenBSD remains the most true to the traditional Unix philosophy And to the traditional Unix pace of development. Despite having much fewer committees.
The last time I checked there was a package that was supposed to produce text logs in addition to the binary logs, but it was broken. Not in all cases, but often enough. And the bug had been there for long enough to get marked "won't fix". I haven't followed the matter since then, however....
That "won't fix" rather soured me on the entire systemD approach. Since it provides me with absolutely no benefits, it didn't take much in the way of defects to cause me to wish it would just go away. (And there were a few other defects in the early days, but they eventually fixed those, or at least I stopped noticing them.)
But as far as I am concerned systemD is an overly complex "solution" the something that wasn't a problem to me. It's ancillary modules, however, have repeatedly been annoying, and occasionally caused severe problems. That I worked around them hasn't made me think highly of systemD, because it has absolutely no benefits to me.
I think we've pushed this "anyone can grow up to be president" thing too far.
Systemd does not produce text logs, and that would be a wontfix as they seemingly consider it a feature. Rsyslog is not part of systemd, produces textlogs and is installed by default in every distribution that I know of.
That may well be the reason, but it doesn't make me think any more highly of them.
I think we've pushed this "anyone can grow up to be president" thing too far.
Ignorance. Deleting it will show I hacked it. Editing the text file to hide my tracks won't.
Solaris has dumped text files as well years ago for this reason. Encrypted binary files are the only way to check