Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD 4.5 Released

timothy posted more than 5 years ago | from the belts-and-suspenders-and-guns-and-mines dept.

Operating Systems 118

portscan writes "OpenBSD 4.5 has been released. New and extended platforms include sparc64, and added device drivers. OpenSSH 5.2 is included, plus a number of tweaks, bugfixes, and enhancements. See the announcement page for a full list. OpenBSD is a security-oriented UNIX/BSD operating system." As per OpenBSD tradition, of course there's a song.

cancel ×

118 comments

Sorry! There are no comments related to the filter you selected.

A Linux user's perspective (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27784523)

A musty atmosphere of neglect pervaded the subbasement of University Library and the books on the shelves were covered in a fine layering of dust. There were dim lights over the small study cubicles at the end of each aisle between the towering shelves which produced only enough illumination for the top of the desks, leaving the surrounding stacks and central walkway shrouded in a perpetual twilight.

I had finally found the copy of the heavy API guide I needed for my work connecting my SQL database to the graphical front end I had been slaving over all weekend. However, the intricacy of the cover of the neighboring book drew my attention and I brought it along to the desk for better inspection under the light. The cover looked a lot newer than the heavily thumbed volumes beside it. Emblazoned across the front was the title "Linux - Unleash the Power of your PC" together with a picture of a fat cartoonish looking penguin. As I opened the book I felt a strange buzzing in my head that quickly passed. I shrugged it off as my attention was drawn to a CD which dropped out and landed on the desk in front of me. It bore the same title as the book, together with something about 'Ubuntu' which was a word I did not recognise.

I had heard of Linux though. The University ran Unix on some of their servers, although I rarely chose to interact with those systems. Perhaps I should broaden my horizons though. I liked to think I knew just about everything there was to know about using Windows, but you could never have too many strings to your bow. Almost without thinking I slipped the CD into my pocket and returned my attention to my work.

A date with my girlfriend Paige followed the work in the library. I was one of the few students on my CS course to actually have a partner since, although computers interested me and would one day be my means of making a living, I was careful not to get drawn into the weird geek subculture that seemed to pervade the department. Some of the guys with their nerdish glasses and unwashed t-shirts grunted at me strangely when I declined to join in their games of Counterstrike or attend Dungeons & Dragons sessions, but I reminded myself that while they were shut up in a grimy lab scoffing Cheetos I was getting laid on a regular basis.

That night in my dorm room while I was getting ready for bed, I remembered the CD in my pocket and fired up my laptop to take a look However I couldn't make out what the strange messages flowing across the screen meant. Perhaps if I sounded them out their meaning would become clear. I tried to phonetically pronounce the words but they disappeared too quickly to be replaced with a blank screen. I gave up, turned off the light and climbed into bed.

The erotic dream started with Paige slowly caressing my back and buttocks. The caressing transitioned into an incredibly gentle massage starting at my neck and shoulders and running down my back. My butt cheeks were being massaged apart and I spread my legs and raised my rear as her hand reached underneath me from behind to stroke my erection. Her hand was very warm and felt wonderful as I started to slowly thrust into her hand as she started jerking me off. A huge long warm and moist tongue started playing over my testicles and anus. It felt fantastic. No one had ever licked me there before. I never knew how sensual it felt.

As her hot hand was expertly running up and down my rigid penis something started probing my anus. It snaked its way into my anal opening and it started slowly expanding. Suddenly I had the urge to move my bowels, but I didn't care, as my attention was totally focused on my imminent orgasm. My penis was released as Paige suddenly grabbed my sides and jammed her hips against my butt.

I woke up to find myself with my rear in the air. Someone was grabbing my sides and hitting my butt. I jolted fully awake as I felt something expanding in my rectum and realized I was being fucked. The cock in my butt was still expanding and was becoming painfully large. I thought I could actually feel it moving around in my guts like some kind of writhing python. I looked over my shoulder and my heart nearly stopped. The fat penguin from the book I'd found this morning was screwing me with obvious delight.

He probably only stood about 3 feet high, but he was well proportioned. My shock wore off as I realized the cock in my guts was still expanding. I tried to stand up and fell off of the bed onto the floor as the penguin wrapped his flippers around my waist and planted his massive cock tightly into my rump. The long, disgusting thing invading my ass wiggled and slithered deep inside me. At times it hurt, at times it filled me to the breaking point and felt absolutely wonderful. With the help of my desk I managed to stand up with him firmly clasped to my backside and his legs wrapped around my hips. I tried to pry his flippers from around my waist, but again I failed. He was amazingly strong.

My rectum was on fire and still the bastard's cock continued to grow. I could actually see my abdomen move as his monstrous penis slithered through my intestines causing my stomach to cramp. I slammed my back into the wall to try to crush him. All this did was push him harder into my rectum as his beak stabbed into the muscles of my back. I felt my balls churn with a hot boiling liquid heat and gasped, clenching my ass muscles, but this only intensified the heat I felt in my ass. Suddenly I felt my cock spurting cum.

I pitched forward trying to get away from the pointed bill and ran into my desk. I could see the screen of my still open laptop. It was glowing and the lines of text which again flowed over the screen appeared to be written with florescent ink. Even in my panic and the delirium of my orgasm I thought I could make out the faint sound of chanting in the distance: "Linux r0x0rs my b0x0r! RTFM n00b!"

I grabbed the laptop and slammed the cover down. A flash of light blinded me and an electrical shock shot up my arms making them tingle. The penguin let go of my waist and hips and fell heavily onto the floor with a thud. Despite lying on the floor and me still standing his cock was still in my guts. I quickly stepped away from him before he could recover. This ended up pulling about another foot of cock out of my rectum. His gargantuan snake of a penis plopped wetly onto the floor like an empty fireman's hose. It was at least four feet long.

I picked up a pitching wedge from my golf bag against the wall and holding the club like a baseball bat walked slowly over to his still prone form. He didn't seem to be recovering very fast. In fact I soon realised that he was dead.

I ran to the light switch on the wall and turned the overhead light on. Using the golf club I lifted the covers on my bed up to look under the bed from a safe distance. Nothing there. I checked under my desk and then carefully opened my closet. Satisfied that there were no more intruders in my room I sat down in my chair and my arms and legs started shaking as the adrenaline rush slowly passed.

My back and rear end were aching. I got up and looked at my back in the mirror over my dresser. There was a puncture wound from the sharp beak but it wasn't bleeding anymore and didn't appear too serious. My anus was another matter. I couldn't see my rectum, so I put my hand to it. I was wide open. I could fit my fist into my asshole. If I squeezed down, I could barely feel my sphincter tighten.

I put on some underwear and then wrapped a towel around myself and went down the hall to the shower. I took a long hot shower and gently cleaned my backside. It seemed that my anus was slowly contracting and returning to normal. Once back in my room I didn't think I would be able to fall asleep, but I was so exhausted I fell into a dreamless sleep.

When my alarm started buzzing I reflexively jumped out of bed, turned it off, wrapped a towel around my waist and with my eyes barely open I marched off to the shower with my shampoo and soap. I didn't wake up enough to remember what had happened the night before until the steamy water hit my face in the shower. It seemed like some sort of horrible nightmare. But I could feel the wound on my back and my anus burned and still felt very loose. The dead penguin though had completely disappeared.

I wrote a song about it. Wanna hear it? Here it go (5, Funny)

BadAnalogyGuy (945258) | more than 5 years ago | (#27784551)

Oh BSD for server farms,
For blinking rows of lights.
For late night coke and deli runs
In those bitter winter nights!

NetBSD! FreeBSD!
Dick shakes his fists at thee
And hates much more the fact that you're
As dead as dead can be!

Re:I wrote a song about it. Wanna hear it? Here it (3, Funny)

onedotzero (926558) | more than 5 years ago | (#27784775)

Is this to the tune of 'O Caaaanada'?

Re:I wrote a song about it. Wanna hear it? Here it (1)

Nutria (679911) | more than 5 years ago | (#27784997)

Is this to the tune of 'O Caaaanada'?

Reminds me of "O Andy Tannenbaum".

Re:I wrote a song about it. Wanna hear it? Here it (1)

ArcherB (796902) | more than 5 years ago | (#27785335)

Is this to the tune of 'O Caaaanada'?

I was thinking "Jingle Bells".

Re:I wrote a song about it. Wanna hear it? Here it (1)

jgtg32a (1173373) | more than 5 years ago | (#27786093)

Jingle Bells, don't you mean Oh Christmas Tree

Just like Emily Dickenson's poetry (1)

SteveFoerster (136027) | more than 5 years ago | (#27785911)

It also works for "The Yellow Rose of Texas".

-=Steve=-

Re:I wrote a song about it. Wanna hear it? Here it (1)

larry bagina (561269) | more than 5 years ago | (#27786005)

I thought of America the Beautiful.

Seems like an interesting rorschach test.

Re:I wrote a song about it. Wanna hear it? Here it (1)

windsurfer619 (958212) | more than 5 years ago | (#27786097)

Nono, to the tune of this! [youtube.com]

Re:I wrote a song about it. Wanna hear it? Here it (1)

Bill_the_Engineer (772575) | more than 5 years ago | (#27785661)

For some strange reason I was thinking Camptown Races (the song)...

Not like that... (0, Troll)

Anonymous Coward | more than 5 years ago | (#27784553)

Security is something we should get on top of the other features, not with the cost of other features. I am talking about usability and features here.

Sure, the core OpenBSD software is probably the most secure in the world, but what can you really accomplish with it without getting gray hair. Good for routers and other network appliances, but once you start moving towards application servers and (*gasp*) desktop oriented usage it becomes obvious that OpenBSD is not really fit for the duty. In many areas it is practically where most of the Linux distributions were in the 90s.

Heck, you can't even select my native keyboard layout without actually creating the mappings manually. Hah!

Re:Not like that... (3, Interesting)

colonelxc (1467119) | more than 5 years ago | (#27784629)

It's a spectrum, and not all OSes are good for all applications. I for one am glad that there are people taking security seriously in an OS. Maybe it's hard to use for the average user, but in server and embedded environments, it excels.

You can also bet that other *nixes (especially other BSD flavors) take hints on how to secure themselves from OpenBSD.

Use whatever OS suits your needs best, just don't try to bring other distros down for not following your vision.

Re:Not like that... (1)

xorsyst (1279232) | more than 5 years ago | (#27784735)

You can run openBSD on a Spectrum [wikipedia.org] ?

Re:Not like that... (0)

Anonymous Coward | more than 5 years ago | (#27785265)

Yes, but you need the SPARC64 emulator for Spectrum 128k. Have a few microdrives ready to store the system and swap partition.
The only downside is a slow bootup and lack of support for accelerated USR graphics.

Re:Not like that... (1)

wisty (1335733) | more than 5 years ago | (#27784945)

Isn't it UNIX? Couldn't you just run Ubuntu, and switch the kernel, or isn't UNIX a standard?

Re:Not like that... (2, Informative)

SigILL (6475) | more than 5 years ago | (#27785059)

Isn't it UNIX? Couldn't you just run Ubuntu, and switch the kernel, or isn't UNIX a standard?

Not on the level of binary compatibility, no.

Re:Not like that... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27785091)

are you a fucking retard?

Re:Not like that... (4, Funny)

ciderVisor (1318765) | more than 5 years ago | (#27785195)

isn't UNIX a standard?

"It's a Unix system ! I know this !"

Re:Not like that... (3, Informative)

TheRaven64 (641858) | more than 5 years ago | (#27785267)

You might be able to. OpenBSD can run Linux binaries, although may not support some recent system calls. If you're using ext2/3 then OpenBSD should be able to mount it correctly. I don't think anyone's done this as a drop-in job, and I can't imagine many people wanting to (a large part of the attraction of OpenBSD is the clean and consistent, well-documented, userland. Replacing this with the cobbled-together userland from Ubuntu would not be an improvement). You can, however, install most of the software you would run on Ubuntu on OpenBSD.

Re:Not like that... (1)

dadragon (177695) | more than 5 years ago | (#27788845)

UNIX is a specification. It's defined by services the system offers and how user space programs access them. So, there's no guarantee that OpenBSD and Linux implement system calls the same way. There is just a chance that the same system calls exist on both systems.

Re:Not like that... (0, Redundant)

Antique Geekmeister (740220) | more than 5 years ago | (#27785461)

Is OpenBSD useful for anything _besides_ OpenSSH? Sparkling clean, secure code is wonderful, but when it's years behind the times in basic software kits. The same problem applies in various ways to enterprise software bundles such as RHEL, but there we at least have Fedora to provide access to the leading edge tools if we need to trade stability for features.

Re:Not like that... (1)

grub (11606) | more than 5 years ago | (#27785853)


Sparkling clean, secure code is wonderful, but when it's years behind the times in basic software kits.

Perhaps the "basic software kits" have overreached their bounds? Too many irons in the fire isn't necessarily a good thing.

Tortoise, hare, whatnot.

Re:Not like that... (0)

Anonymous Coward | more than 5 years ago | (#27785691)

Dead on. The animosity is a reflection of the Linux camp's frustration at failing in World Domination, you know, things like AutoCAD and Adobe CS and stuff. There's no middle ground for them; it's either the cathedral or the bazaar, you're for 'em or again' 'em.

You're doing a heck of a job Torvey...

Re:Not like that... (3, Interesting)

fadir (522518) | more than 5 years ago | (#27784705)

I don't think that there are many people out there that would claim that OpenBSD is comfortable to use and would make a good desktop system.

But it has its small niche market and lives there happily. Additionally we all benefit from this project one way or the other (OpenSSH, etc.)
It's a bit similar to Minix: interesting and certainly helpful in its own way. But nothing for everyday usage.

Re:Not like that... (3, Informative)

TheRaven64 (641858) | more than 5 years ago | (#27784799)

I don't think that there are many people out there that would claim that OpenBSD is comfortable to use and would make a good desktop system.

You might be surprised. OpenBSD has good ACPI support now, has DRI in 4.5 (had it in 4.4 but it wasn't enabled by default). Sound support is good, and 4.5 introduces a simple sound daemon for userspace mixing. ARM support has also improved a lot recently, so it makes a good choice for handhelds.

Re:Not like that... (5, Insightful)

ld a,b (1207022) | more than 5 years ago | (#27784843)

It's totally unlike MINIX. MINIX is a hobby OS that only works and has perfect security in the author's mind. OpenBSD is used in production where security matters and on real hardware.

I am willing to claim that OpenBSD is more than comfortable for its intended use in routers and servers.
OpenBSD doesn't use GUI config tools, and complex package managers, but that is because they are not needed. It is simple and elegant like that.

It has some rough edges like the lack of utf-8 support in the base system and utilities but it isn't bad as a Desktop OS either, most desktop applications don't use libc for their encoding support anyways.

My home server and my laptop both run OpenBSD and I don't miss your real OSes at all. After all whatever I cannot do easily in OpenBSD Linux does through binary blobs and proprietary software. At that point I could be as well running Windows 7.

Re:Not like that... (1, Insightful)

the_womble (580291) | more than 5 years ago | (#27784931)

After all whatever I cannot do easily in OpenBSD Linux does through binary blobs and proprietary software. At that point I could be as well running Windows 7.

So there is no reason to use Linux over Windows other than to have an entirely free software systems?

I hope you are using an open source BIOS and microcode as well, just to be consistent.

Re:Not like that... (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27785019)

There is a difference between binary blobs and firmware. And it is significant. Firmware is part of the hardware. Of course we all would rather completely open hardware, but software that runs in kernel mode is of higher priority to me. Also software encumbered by patents and proprietary undocumented formats.
I use Linux over Windows, but the version I use is unfree and I use it specifically for its unfree features(Namely Skype and legal DVD playback, not that I actually use the latter) so I really could use either at that point.

Re:Not like that... (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27785453)

After all whatever I cannot do easily in OpenBSD Linux does through binary blobs and proprietary software.

So how awesome are the nVidia drivers on OpenBSD? You have 64-bit versions, right? Oh wait, I guess not. You'll have to stick with sucky 3D performance I guess.

And what kind of virtualization software do you have? Real virtualization, that that jails shit. You can't run other OS's in a jail. VMware? VirtualBox? Oh that's right, you don't have anything.

Re:Not like that... (0)

Anonymous Coward | more than 5 years ago | (#27785869)

Why are factual statements a troll? Can't handle the truth?

Re:Not like that... (1)

jgtg32a (1173373) | more than 5 years ago | (#27786441)

It's modded troll because he's acting like one, all good trolls have a degree of truth in them. The use of profanity brought it down, if that was left out I'm sure it would have been up modded. I would absolutely love to move to OpenBSD but I don't really want to give up the 3d support.

Also I'm by no means a virtualization master, but why would you run a set up like that? You can run OpenBSD from VMware server, which can then run XYZ OS.

Re:Not like that... (1)

claytonjr (1142215) | more than 5 years ago | (#27787309)

"And what kind of virtualization software do you have? Real virtualization, that that jails shit. You can't run other OS's in a jail. VMware? VirtualBox? Oh that's right, you don't have anything."

OpenBSD has a QEMU package that allows virtualization of an entire PC. Last I heard the Linux/KVM project uses the same software to achieve this end.

So there is your virtual solution.

Re:Not like that... (1)

BobNET (119675) | more than 5 years ago | (#27789121)

It's modded troll because he's acting like one, all good trolls have a degree of truth in them.

He's trolling because while his statement is true, it's very selective. OpenBSD may not have 3D nVidia support, but as of 4.4 has hardware accelerated GL on Intel and ATI [undeadly.org] . No mention of either of those in the grandparent post though (and ATI has closed-source drivers on Linux, too).

Re:Not like that... (1)

Burkin (1534829) | more than 5 years ago | (#27788223)

So how awesome are the nVidia drivers on OpenBSD? You have 64-bit versions, right? Oh wait, I guess not. You'll have to stick with sucky 3D performance I guess.

Exactly what do you need 3d performance on OpenBSD with? I seriously doubt the person you were responding to was using OpenBSD as a gaming platform and as such they probably couldn't care less.

Re:Not like that... (5, Informative)

hhw (683423) | more than 5 years ago | (#27784935)

I would beg to differ. The package management is just as good if not better than what's available in Linuxland, so there's no great difficulty in setting it up as a good desktop system.

Having excellent support for many non-x86 platforms, as well as having a small footprint make it a great choice for older hardware. I currently have it installed on on my old UltraSparc and Alpha workstations.

OpenBSD contributes more than just OpenSSH to other OS'es. Aside from pushing hardware manufacturers to open up their documentation, they've also reverse engineered drivers that have made their way into the other BSD's and even Linux (remember the whole Atheros? issue last year). Whereas many Linux distributions and the other BSD's have made compromises with proprietary drivers and binary blobs, OpenBSD still pushes for true open source.

PF and CARP also make OpenBSD a superior router platform to any IPTables based setup any day. You may be surprised how popular it is in the data centre.

Unlike Minix, OpenBSD's niche has a place in real world usage.

Re:Not like that... (2, Insightful)

larry bagina (561269) | more than 5 years ago | (#27785145)

Yep. GPL talks the talk, but BSD walks the walk. Thanks and congratulations to all the BSD contributors throughout the years. This is a more FREE world thanks to your time and efforts.

Re:Not like that... (1)

drinkypoo (153816) | more than 5 years ago | (#27785879)

Nice Flamebait. If you look at kLOC (in actual use, mind you) under BSD and GPL you will see the real story. We all owe thanks to Berkeley for BSD and the BSD license under which the -lite versions came, and the BSD is still relevant today, but the GPL is the present and may well be the future (unless we find another more clever way to unfuck copyright law.)

Re:Not like that... (2, Insightful)

andrewd18 (989408) | more than 5 years ago | (#27786599)

kLOC == Popularity.

That does not necessarily mean that GPL is the right solution for all open-source software, and please don't suggest otherwise. Each project determines which license is right for them.

Re:Not like that... (1)

Burkin (1534829) | more than 5 years ago | (#27788333)

There is no flamebait. Pretty much any of the most important, open protocols in use today had their implementation released under a BSD/MIT-like license. Care to name anything remotely approaching the importance of things such as Berkeley sockets, Kerberos, etc that are both widely accepted and released as a GPL implementation? I'm guessing not.

Re:Not like that... (2, Insightful)

idiotnot (302133) | more than 5 years ago | (#27785289)

The package management is just as good if not better than what's available in Linuxland,

When's the last time you used Linux? Keeping systems up-to-date, both base system and userspace stuff, is much easier on Debian-based systems, IMO. It's straightforward on the BSDs, yes. But I wouldn't call it better. In fact, when I do setup an OpenBSD systems, I normally end up using pkgsrc over OpenBSD ports.

so there's no great difficulty in setting it up as a good desktop system.

No, there's not. But even a Windows-only imbecile can get Ubuntu with GNOME running in less than an hour, and I don't think you can say that about any of the BSD systems.

Don't get me wrong, I prefer NetBSD and OpenBSD to pretty much everything else out there, but it's still not for beginners.

Re:Not like that... (2, Interesting)

Just Some Guy (3352) | more than 5 years ago | (#27786929)

Keeping systems up-to-date, both base system and userspace stuff, is much easier on Debian-based systems, IMO.

I upgraded to 4.5 this morning, and the package upgrade instructions [openbsd.org] were to run pkg_add -ui -F update -F updatedepends. Now, I'm typing this on Ubuntu, and I use FreeBSD on most of "my" servers, but that just about as convenient as it gets.

Re:Not like that... (1)

Tubal-Cain (1289912) | more than 5 years ago | (#27787829)

apt-get dist-upgrade

Re:Not like that... (1)

Just Some Guy (3352) | more than 5 years ago | (#27787913)

Bzzt! You forgot to run apt-get update first.

Re:Not like that... (1)

value_added (719364) | more than 5 years ago | (#27788313)

I upgraded to 4.5 this morning, and the package upgrade instructions were to run pkg_add -ui -F update -F updatedepends.

Odd. Why the hell doesn't FreeBSD's version of pkg_add support any "update" option?

Re:Not like that... (1)

Just Some Guy (3352) | more than 5 years ago | (#27788391)

Odd. Why the hell doesn't FreeBSD's version of pkg_add support any "update" option?

Probably because we have portupgrade, which I like even better.

Re:Not like that... (1)

MichaelSmith (789609) | more than 5 years ago | (#27785325)

I would beg to differ. The package management is just as good if not better than what's available in Linuxland,

I am not sure I agree. I use netbsd and ubuntu. I can see the benefits in the debian approach of being able to upgrade the whole system through packages. With openbsd and netbsd you have to run current for that which means the user has to do a lot of integration work to stay up to date.

Re:Not like that... (1)

claytonjr (1142215) | more than 5 years ago | (#27787371)

OpenBSD contributes more than just OpenSSH to other OS'es. Aside from pushing hardware manufacturers to open up their documentation, they've also reverse engineered drivers that have made their way into the other BSD's and even Linux (remember the whole Atheros? issue last year). Whereas many Linux distributions and the other BSD's have made compromises with proprietary drivers and binary blobs, OpenBSD still pushes for true open source.

Agreed. According the the OpenBSD project, NDA and blobs are _never_ considered acceptable.

Re:Not like that... (2, Informative)

MichaelSmith (789609) | more than 5 years ago | (#27785051)

I don't think that there are many people out there that would claim that OpenBSD is comfortable to use and would make a good desktop system.

Depends on what you mean by a desktop. I run ubuntu on my laptops but I have an amd64 machine running netbsd for serious work. I use it for network administration and software development. The environment is simple: X11, fvwm, aterm and applications like firefox and nedit. Its not gnome, but for some purposes it is much better. I haven't used openbsd at all but I am pretty sure it would be similar on the same hardware.

Re:Not like that... (1)

tordon (176098) | more than 5 years ago | (#27784721)

Cancel mod

Re:Not like that... (2, Insightful)

bconway (63464) | more than 5 years ago | (#27786635)

Security is something we should get on top of the other features, not with the cost of other features. I am talking about usability and features here.

Security is not a feature. Thinking it is has led to most of the Internet's larger failings as present today.

Re:Not like that... (1)

BobNET (119675) | more than 5 years ago | (#27789339)

Security is something we should get on top of the other features, not with the cost of other features.

Famous OpenBSD developer Ben Franklin once said "they who can give up essential security to obtain a few features, deserve neither security nor features."

Or something like that.

NET-BSD? FREE-BSD? OPEN-BSD? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27784591)

What's the difference? If they're immune to Conficker and Ghost-RAT programs; count me as a convert. Otherwise, shutup! Unix is nearly dead. Or is it?

Re:NET-BSD? FREE-BSD? OPEN-BSD? (1)

Narcocide (102829) | more than 5 years ago | (#27784875)

Nearly dead is still partly alive!

Re:NET-BSD? FREE-BSD? OPEN-BSD? (0)

Anonymous Coward | more than 5 years ago | (#27785025)

Given that they are immune to Conficker and *ALL* other Windows-specific malware, does that mean you are now a convert and we can expect to see "Windows is dead!" trolls from now on?

Same day as Solaris 10u7 (3, Informative)

BestNicksRTaken (582194) | more than 5 years ago | (#27784593)

Title says it all: http://www.sun.com/software/solaris/get.jsp [sun.com]

Re:Same day as Solaris 10u7 (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27784669)

I doubt that there was any intention to that. OpenBSD releases are usually released very regularly from year to year.

Re:Same day as Solaris 10u7 (1)

drinkypoo (153816) | more than 5 years ago | (#27785813)

And yet, the summary said so much more, like what was new in this release of OpenBSD, and why someone would want to involve themselves with it. I don't mean to troll, but there's even less reason to mess around with Solaris now than there was before the announcement of the Oracle acquisition, and unless you were in a SPARC shop there was little reason to mess with it before. Your link doesn't make it immediately apparent, so, what's new in this Solaris, and why should anyone bother with it?

oh goody (4, Insightful)

kv9 (697238) | more than 5 years ago | (#27784595)

NetBSD 5 yesterday, OpenBSD 4.5 today and a three day weekend ahead.

*fap*

Re:oh goody (4, Funny)

alienunknown (1279178) | more than 5 years ago | (#27784699)

Good idea! But my hands are already blistered from all the ubuntu 9.04 fapping :(

Re:oh goody (5, Funny)

Anonymous Coward | more than 5 years ago | (#27784701)

This, dear reader, is an example of when the male brain gets its priorities mixed up.

Re:oh goody (0)

Anonymous Coward | more than 5 years ago | (#27784749)

My god you are pathetic.

Re:oh goody (0)

Anonymous Coward | more than 5 years ago | (#27784953)

Perhaps in Europe. May Day is Loyalty Day in the US. Labor day falls on the first Monday of September in the US.

Re:oh goody (3, Informative)

cperciva (102828) | more than 5 years ago | (#27786277)

FreeBSD 7.2 is coming out on Monday, too. (The release source code has been tagged; now it's just a matter of waiting for ISOs to build and bits to propagate to the mirrors.)

Re:oh goody (1)

dadragon (177695) | more than 5 years ago | (#27788659)

Interesting.. I have a cron script to update /usr/src to the latest on the RELENG_7 branch, and it's still sitting there as "7.2-PRERELEASE". But looking at the CVS log, RELENG_7_2 is newer than RELENG_7. Weird that 7-STABLE is behind 7.2 Updating to the 7.2 point now :)

Re:oh goody (1)

grub (11606) | more than 5 years ago | (#27786483)


NetBSD 5 yesterday, OpenBSD 4.5 today and a three day weekend ahead

Better use that long weekend to secure your home against the zombie horde. No telling when FreeBSD will release their brain-eating abominations.

application security? = fail (2, Interesting)

Anonymous Coward | more than 5 years ago | (#27784647)

The one area where OpenBSD is let down on the security front is the packages/ports - basically the applications you might want to use. Those are not kept updated over the lifetime of a release. The only way to get the patches and security fixes is to run -Current, which may not be the best for most people.

Given the frequent updates needed for some apps, especially on the security front (looking at you Firefox!) - it seems a bit odd for a security focused project to expect it's users to run the same old static version for circa 6 months till the next version arrives.

Re:application security? = fail (0)

Anonymous Coward | more than 5 years ago | (#27784717)

If you're supposed to be keeping patches and fixes in your system, you have to be on the bleeding edge, so you're going to have to be running -current anyway.

Re:application security? = fail (3, Interesting)

Anonymous Coward | more than 5 years ago | (#27784757)

Actually, they do provide a patch branch of the core release for 1 year post release, they just don't provide any application updates during that time. What they advise against is running a stable branch for the core OS, and running a current ports (don't cross the streams - that would be bad?).

Re:application security? = fail (2, Insightful)

Anonymous Coward | more than 5 years ago | (#27784987)

it seems a bit odd for a security focused project to expect it's users to run the same old static version for circa 6 months till the next version arrives.

Well... The thing is if you're running a jailed version of Firefox on OpenBSD the probability that someone could jailbreak it is really, really low.

Sure, I'd love to see faster/easier app patches release on OpenBSD, but the system is so secure to begin with that it's really giving headaches to any OpenBSD-malware-wouldbe-author.

Heck, on Linux my stateful firewall disables everything by default and then only allow what is really mandatory. User "firefox" (and user Firefox only) has the right to emit trafic to ports 80 and 443. That user cannot SSH, cannot have a shell, etc. The only right he has is to run a Firefox and to start trafic to ports 80 and 443. That's already quite a safety net and I don't give much sh*t about security update (that I do, but it's not like I'm concerned about being hacked when I didn't install the update in the minutes it was out).

Imagine what you could do on OpenBSD to prevent unpatched app from breaking havoc, should they prove to be insecure...

Re:application security? = fail (0, Troll)

larry bagina (561269) | more than 5 years ago | (#27785199)

Well... The thing is if you're running a jailed version of Firefox on OpenBSD the probability that someone could jailbreak it is really, really low.

especially since OpenBSD doesn't have jails. Oh, wait, they have fake jails which are implemented in userland and are vulnerable [wikipedia.org] to race conditions and other attacks.

Re:application security? = fail (4, Insightful)

Lord Ender (156273) | more than 5 years ago | (#27786139)

Who cares if your browser is jailed? Someone who owns your browser also owns your online banking, stock trading, webmail... you get the picture.

security and ports & packages (4, Informative)

rs232 (849320) | more than 5 years ago | (#27785633)

"The one area where OpenBSD is let down on the security front is the packages/ports"

"The ports & packages collection does NOT go through the thorough security audit that the OpenBSD base system [openbsd.org] does. Although we strive to keep the quality of the packages collection high, we just do not have enough human resources to ensure the same level of robustness and security"

"Only" two remote holes in 10 years? (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27784655)

Excuse me, but this sounds like a bad track record, given that they are talking about a quite useless "default install" with only ssh enabled. Why don't you just turn ethernet off in the default install and you'll have 0 remote holes in +infty years? This hole thing is a little bit ridiculous as are the songs and don't make me want to try OpenBSD at all. They really should work on the marketing angle. Arrogance is not the way to go, especially if it doesn't seem to be warranted at all.

Re:"Only" two remote holes in 10 years? (1)

skyride (1436439) | more than 5 years ago | (#27784769)

Any other software installed besides the default would like be written by third parties and thus, any security that would cause is not the fault the OpenBSD dev's, i.e. if someone found a huge security hole in Apache, thats not OpenBSD's fault.

Re:"Only" two remote holes in 10 years? (2, Informative)

Alioth (221270) | more than 5 years ago | (#27787283)

That's a bad example - Apache is shipped as part of the core OpenBSD system and therefore a hole in Apache as shipped with OpenBSD *would* count.

Re:"Only" two remote holes in 10 years? (0)

Anonymous Coward | more than 5 years ago | (#27789321)

No, it wouldn't, since it isn't activated in the _default_install_. Do you start to see why this "2 remote exploits in 10 years" thing is actually an embarrassingly bad track record? I mean if you can't even secure something as trivial as the password login of a shell terminal - how can you say that your OS is secure? The mind boggles...

Re:"Only" two remote holes in 10 years? (2, Insightful)

sleepy_weasel (839947) | more than 5 years ago | (#27789523)

except that the Apache that comes installed with OpenBSD is far different than the one you'll find on apache.org. Last I heard, there are about 4000 lines of code difference. They maintain that as part of the base. It is more secure than the stock apache you'd find elsewhere.

And this isn't coming from some AC. I've used OpenBSD since 3.4. I've seen the implementation of wireless, bluetooth, WPA/WPA2 without the "linux_supplicant" bullshit. Massive changes to PF, bioctl for raid, sound upgrades, DRI for 3D, OpenBGPd, OpenOSPFd, our own implementation of mail (ripping out the modified sendmail). All without an NDA.

We are the tortoise, not the hare. Linux/FreeBSD are the prison bitches of companies by signing NDAs just so they can "support" the latest technology. Video cards blobs may work, but when they go tits up, the companies either take forever to fix them, or it's just tough luck... "you don't have enough market share"

It's a popularity contest. OpenBSD won't win it, but we don't need to. I am happy to be sitting at the adult table, not eating the table scraps of the corporate world.

Re:"Only" two remote holes in 10 years? (1)

Fatalis (892735) | more than 5 years ago | (#27784849)

I'm not sure why the OpenBSD people bother with marketing at all. It's most likely just tradition. From my experience, the type of audience they're interested in are hardcore enthusiasts or dedicated and thick-skinned newbies. They don't want users who can be persuaded to go with OpenBSD instead of, say, Ubuntu by a catchy tag-line. They just don't give a fig about newbie-friendliness, and I'm not saying that as a criticism. It seems to work for a lot of people who can break the barrier and become proficient with OpenBSD. The stuff that matters, like well-written man-pages, is there. What's not there are pretty GUIs and wizards. In the end, what else would you expect from a group lead by someone with the personality of Theo de Raadt.

Re:"Only" two remote holes in 10 years? (1)

timmarhy (659436) | more than 5 years ago | (#27785033)

it's the kind of marketing nonsense we have come to expect from zealots. 2 remote holes in 10 years would be impressive if their main customers were webservices and everything was turned on by default. but on a system which has no services turned on by default? give me a break. by that logic microsoft can claim DOS has had zero remote holes in 20 years.

Re:"Only" two remote holes in 10 years? (2, Informative)

Anonymous Coward | more than 5 years ago | (#27785077)

A default OpenBSD install includes OpenSSH open on port 22. I assure you there is no shortage of script kiddies looking for exploits in OpenBSD. And even more trying to exploit OpenSSH. Usually they are able to escalate privileges from root to root using a bug in grep from a version released 5 years ago and then they give up.

Re:"Only" two remote holes in 10 years? (1)

DaleGlass (1068434) | more than 5 years ago | (#27786399)

How do you escalate privileges by exploiting grep?

Re:"Only" two remote holes in 10 years? (0)

Anonymous Coward | more than 5 years ago | (#27786659)

Yeah, fascinating. GP was gibberish devoid of any meaning that didn't even try to address the point of GGPs post and yet - got modded up. I wonder if GPs post was meant to be a test (troll?) or whether the poster is really that incoherent...?

Re:"Only" two remote holes in 10 years? (0)

Anonymous Coward | more than 5 years ago | (#27786683)

*WHOOOOOSH*

The 80's called (1)

Any Web Loco (555458) | more than 5 years ago | (#27784693)

The 80's called - they want their cock-rock back!

full-disclosure? = fail (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#27784835)

Another thing where they fail miserably is their so-called full-disclosure. What a joke.

I do believe in the security of OpenBSD, but I find it intimidating that the community is unable or unwilling to maintain proper information channels for security-related maintenance.

Another thing is that when anything comes from the Infosec community -- the community who actually write exploits for living -- it gets almost always downplayed by the OpenBSD community. A very different attitude than the one found in other BSDs (and Linux).

The third part where they fail security-wise is the six month release cycle. The whole idea that you have to update operating systems every six months (or every year) is ridiculous in any context where security really matters.

Cheers, keep up the good work anyways.

security related channel (2, Informative)

rs232 (849320) | more than 5 years ago | (#27785561)

"I find it intimidating that the community is unable or unwilling to maintain proper information channels for security-related maintenance"

You could try looking over on the Bug Tracking System [openbsd.org] or the openbsd-bugs mailing list [kerneltrap.org]

Seems to be full of old stuff with known bugs? (3, Informative)

canix (1176421) | more than 5 years ago | (#27784889)

A version of KDE that no longer gets any love from upstream; old Firefox, old Thunderbird. Hopefully there are security updates for the latter two and that someone is giving some TLC to the former.

Old, but scrutinized. That's the point. (4, Insightful)

geekmux (1040042) | more than 5 years ago | (#27785297)

A version of KDE that no longer gets any love from upstream; old Firefox, old Thunderbird. Hopefully there are security updates for the latter two and that someone is giving some TLC to the former.

OpenBSD is on a 6-month development release, and remember the auditing and code-screening that goes into each release. Patches for these "optional" packages (OBSD default install primary use is a stripped down server environment) can be updated immediately. Just like any other installer, there WILL be updates available, even on day 1.

Re:Old, but scrutinized. That's the point. (2, Informative)

makomk (752139) | more than 5 years ago | (#27786877)

Except that - as someone pointed out in an earlier comment - the optional packages like Firefox and KDE don't get the auditing and code screening [openbsd.org] . Hell, allegedly they don't even get prompt security updates [slashdot.org] when upstream fixes something.

Re:Seems to be full of old stuff with known bugs? (1)

ciderVisor (1318765) | more than 5 years ago | (#27785317)

Hopefully...someone is giving some TLC to the former

That would get you TiCKLED.

Re:Seems to be full of old stuff with known bugs? (1)

drinkypoo (153816) | more than 5 years ago | (#27785841)

Frankly, if you're running your desktop on OpenBSD, you are either crazy or simply more concerned about security than the latest and greatest. I consider desktops disposable and think that Linux is therefore a better choice; OpenBSD is a more-than-rational choice for a network and/or security appliance, or for most servers.

Where OpenBSD falls down... (5, Interesting)

metrix007 (200091) | more than 5 years ago | (#27785301)

Is the lack of RBAC and MAC, or any decent non discretionary access controls.

Solaris has RBAC, Linux has RSBAC and SELinux. OpenBSD staunchly refuses to add anything similar, and no, a system call interceptor does not count.

It's all well and good to have quality code and aim to get rid of vulnerabilities at the core, but a really secure system would be able to protect from attack, in the event it did happen.

As it stands, a system with SELinux or RSBAC is far, far more secure than OpenBSD, because of this fact.

Re:Where OpenBSD falls down... (0)

Anonymous Coward | more than 5 years ago | (#27785401)

For the only places OpenBSD should used, such as firewalls and routers, this is not really an issue.

People who are using it for servers and such because they think it is secure, don't understand security.

Re:Where OpenBSD falls down... (2, Interesting)

Anonymous Coward | more than 5 years ago | (#27785787)

Except most large apps and all the expensive consultants immediately go "Turn off SELinux" as soon as _anything_ goes weird or not-as-I-remember-from-class, which teaches admins to also turn off that pesky security as soon as something important breaks. Then you reinforce that idea further, "SELinux is fine, especially when turned off" and you still end up choosing between the "far more secure" system that makes your boss want to fire you for not getting the app work, or a "normal" unsecure linux without any extras.

shi6t (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27785539)

BSD vs. Linux (1)

teknopurge (199509) | more than 5 years ago | (#27786653)

Watch this +10 Flamebait:

Men use BSD - boys use Linux.

Period. Next to trusted OS's(TrustedBSD, TrustedSolaris, etc.) OpenBSD is the only thing out there I would put on the public internet with confidential data. Not only that, OpenBSD is the _only_ thing I would trust to protect my internal networks.

Most security appliances have some Linux baked in - no thanks.

Re:BSD vs. Linux (1)

teknopurge (199509) | more than 5 years ago | (#27786663)

Another thing: Theo may be a dick, but that is exactly the kind of person I want writing my kernel. Theo is sharp though he's not afraid to remind you.

Re:BSD vs. Linux (3, Informative)

Just Some Guy (3352) | more than 5 years ago | (#27787763)

Another thing: Theo may be a dick

I have to say that I've never had problems with him or the other OpenBSD maintainers. I'm not part of their "in crowd" by any measure, but everyone's been decent to me when I've had problems or questions.

Bad approach: I can't do $foo. How do I do it?

Good approach: I RTFM about how to do $foo, but step 5 gives different results for me than the man page says it should. What should I try next?

They're busy people, and when I've been respectful of their time, they've been respectful of mine.

Using OpenBSD on my laptop (1)

cptnapalm (120276) | more than 5 years ago | (#27787409)

I've got a UltraSparc IIe laptop and the only OSes that will run on it are Solaris and OpenBSD. Newer versions of Solaris give an awful user experience no matter what you do; the machine does only have a 650Mhz processor. It had gotten so bad it was looking like I might actually have to buy a new laptop, instead of waiting like I want to for relatively inexpensive mobile quad core.

The OpenBSD guys, for whatever reason, decided that supporting this oddball laptop was something they wanted to do. No idea what prompted this, but it has been a godsend for me. I did have to do some hand X configuration stuff, but it was easy enough. Initially, I ran XFCE, but now use awesome (because it is awesome, obviously) and I really like the set up.

Aside from a web browser, a PDF reader (epdfview), freecell and ummm, nothing else I guess; I don't really use that many GUI apps on my laptop. While I'd prefer to use Midori (the laptop is slow), firefox performance is still in the acceptable range.

I'm using the shell a lot more, obviously, than I do on my Ubuntu desktop and I'm liking it well enough.

The OpenBSD team decided to actively support my Tadpole Sparcle 650SX and they have my gratitude for this.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>