Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD 4.7 Preorders Are Up

timothy posted more than 4 years ago | from the so-you're-in-favor-then? dept.

Open Source 191

badger.foo writes "The OpenBSD 4.7 pre-orders are up. That means the release is done, sent off to CD production, and snapshots will turn -current again. Order now and you more likely than not will have your CD set, T-shirt or other cool stuff before the official release date. You get the chance to support the most important free software project on the planet, and get your hands on some cool playables and wearables early. The release page is still being filled in, but the changelog has detailed information about the goodies in this release."

cancel ×

191 comments

Sorry! There are no comments related to the filter you selected.

Most important free software project? (3, Funny)

Tiger4 (840741) | more than 4 years ago | (#31468588)

Just begging for it aren't you?

Prepare for incoming!!

Re:Most important free software project? (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31468606)

Duh. OpenSSH... ever heard of it? Redhat, Solaris, Ubuntu, Cisco, Apple, HP, IBM, and everyone else ships it.

Re:Most important free software project? (4, Insightful)

tzanger (1575) | more than 4 years ago | (#31468784)

Just because they created OpenSSH doesn't mean the OS is the most important open source project on the planet.

What? (-1)

Anonymous Coward | more than 4 years ago | (#31468850)

But Netcraft already confirmed OpenBSD to be dead!

It is the most important open source project. (3, Insightful)

Anonymous Coward | more than 4 years ago | (#31468872)

OpenSSH is just a small part of why OpenBSD is so important.

They're basically the only major operating system project that gives a damn about security. Sure, Linux, for instance, is better than Windows when it comes to security. But that's only because Microsoft has fucked up Windows' security so badly.

The OpenBSD developers, on the other hand, are proactive about security. Their coding practices and extensive code reviews prevent bugs and security problems in the first place.

OpenBSD is what you use when you need a system that's secure, stable, and will work for years without being touched. It's excellent for embedded systems, and is excellent for servers. We have some internal OpenBSD servers that haven't been rebooted in six years.

This utmost care permeates the entire OS. It makes it as close as we can get today to "perfect software". The only other project as close to OpenBSD in terms of quality and security is FreeBSD, which benefits a great deal from the code reviews and effort that the OpenBSD devs put in.

Re:It is the most important open source project. (2, Insightful)

DAldredge (2353) | more than 4 years ago | (#31469160)

What exactly is wrong with Windows Server security?

Re:It is the most important open source project. (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31469434)

What exactly is wrong with Windows Server security?

surely you are joking.

im not the parent, but they said

Sure, Linux, for instance, is better than Windows when it comes to security.

have you seen the statistics on the zombified machines that make up the botnet, in regards to what OSs the vast, vast, vast majority of them are running? now ok, one might say thats not a fair method of polling considering the fact that MS has the majority of the marketshare--- but lets try to see things on both sides here, how about the fact that the last several MS OS's didnt require you to set an administrator password when you installed the OS? i mean, really.....

what really troubles me is that with the amount of money that MS has, and the amount of really skilled and knowledgable people they have working for them, they by all far means should be doing a much, much, much better job at releasing secure OSs. im not some total unix zealot here, i usually end up managing windows based networks just because for most end users, its the most practical solution by far --- but i would never put an essential production server up between my network and the net that was running windows to 'secure' it. no way. no way ever. id (MUCH) rather have a >1ghz socket7 based mobo running freebsd 4.x and iptables with kernel options like tcp.blackhole in between my network and the net any day of the week instead of even the flagship MS Server OS and its top end recommended hardware.

MS does well what MS does well, and that is making OSs that even a not all that knowledgable person can, with some time in reading, and alot of trial and error, make work in a way that is easy to understand even to the not so computer literate person--- and this is where any decent *nix distribution fails.

but what MS does not do well is security. not at all.

Re:It is the most important open source project. (0, Troll)

DAldredge (2353) | more than 4 years ago | (#31469640)

Not that I expect a coherent respond from someone who can't type I'm correctly but here goes. You wrote 3 rather long paragraphs yet still didn't manage to name one Windows Server related security issue, would you like to try again?

Re:It is the most important open source project. (5, Insightful)

slimjim8094 (941042) | more than 4 years ago | (#31470044)

http://www.microsoft.com/technet/security/Bulletin/MS10-006.mspx [microsoft.com]

That's a month ago. Took about two minutes of searching - like I said, it was a month ago so I didn't have to look backwards very far.

Remote code execution on Server 2k3 (all versions), Windows 7, and Server 2k8. Of course, this presupposes that Windows has SMB (hint: yes)

Or do you not consider remote code execution a security issue?

Look. I don't despise Microsoft like most people around here - just a lukewarm pain-in-my-assness. But let's not go pretending that they don't have more holes than Swiss cheese. If you do, you're either too ignorant to comment, or being delibrately obtuse.

Re:It is the most important open source project. (0)

Anonymous Coward | more than 4 years ago | (#31470302)

Not that I expect a coherent respond from someone who can't type I'm correctly but here goes.

A coherent respond from someone who can't type I'm correctly? That's what she said!

Re:It is the most important open source project. (1)

cheezitman2001 (1397905) | more than 4 years ago | (#31469708)

For what it's worth, I consider myself to be a very adept Windows user, having started on DOS, and I don't have an Admin password in Windows 7. I'm the sole user of this computer, I don't run any shady software, and I don't visit any shady websites. I haven't gotten a virus yet. In the Linux world, the security of the admin account is much more important than it is in Windows, and I don't think there's anything wrong with not setting an admin password in Windows.

Re:It is the most important open source project. (0, Informative)

Anonymous Coward | more than 4 years ago | (#31469870)

do you know what you're talking about? I'll take a gander and tell you: you're a fucking idiot.

the ability to have an admin in windows without a password is the reason for the security risk *by itself*. It's bad enough that malware and the likes can escalate their own privileges, but now they don't even have to guess the admin password to do so?

In case you're wondering you can do the same things in windows as admin as you can in linux, generally speaking. This means: screw the computer in an instant, rootkit it, etc.

I haven't gotten a virus yet.

is a misnomer. You could (and very likely do) have one, and have no idea, specifically because you have an admin account with no password.

Re:It is the most important open source project. (1)

SgtAaron (181674) | more than 4 years ago | (#31470682)

I'll not write as causticly as the AC who also replied, but I'll agree in principal.

One thing that is obvious and well-known is that it doesn't matter that you don't visit "shady" web sites to end up being subject to potential malware infection. Ad companies are letting nasty ads get through whatever controls they have in place. Serious vetting and the talent to implement it costs money, no doubt. I just found this, http://news.cnet.com/8301-27080_3-20000353-245.html [cnet.com]

My 7 year old nephew's computer was chronically infested and he played games loaded via IE online. These free games sites have lots of ads. No windows virus scanner I tried could get rid of them. Had to use the Trinity Rescue Kit and ALL of its virus scanners to eliminate the infections on one occasion. I don't trust virus scans in windows much anymore. Oh, btw, they were letting him use an account with admin privs. I'm a years-long linux guy, and it's seriously tiring dealing with this, but I'll hazard a guess that you and others of us here are first responders for family and friends' computer issues, so won't get any sympathy :-)

Anyway, I think common sense applies. You're an experienced computer user, but why not be better safe than sorry? Your computer, your rules, certainly, but why take the chance? You have to make it as hard for the bad guys as possible, zero-day exploits and general windows vulnerabilities as common as they seem to be. I wonder if patch Tuesday will some day start a religion?

Re:It is the most important open source project. (2, Interesting)

CAIMLAS (41445) | more than 4 years ago | (#31470374)

but what MS does not do well is security. not at all.

I wouldn't argue against that, not even for a moment.

But despite the myriads of host, application, and server level exploits for Windows, the default security policies, and generally poor network server capabilities, there's one thing that sticks out in my mind: have there been any exploits for Microsoft's RDP implementation yet?

I realize that older versions of Microsoft products aren't able to upgrade to the newer versions, but I've never seen a "Terminal Services Root Exploit" as I have with OpenSSH. Maybe I've just not noticed it (I don't pay attention to MS land), but the tool does seem fairly useful.

Re:It is the most important open source project. (1)

duane534 (1431259) | more than 4 years ago | (#31469510)

The fact that home users are the ones least knowledgeable to adjust from defaults, the least likely to block ports, the least likely to consider other server options, et al., and Windows Home Server is based on Windows XP.

Re:It is the most important open source project. (1)

DAldredge (2353) | more than 4 years ago | (#31469618)

No Windows Home Server is based on Windows Server 2k3 SP2. Also modern Windows Servers and Clients come with nearly every port blocked by default.

Re:It is the most important open source project. (1)

duane534 (1431259) | more than 4 years ago | (#31469994)

I stand corrected. Still, however, WHS has the main security issue that XP had: users are all admin by default, as are applications. Just not SUCH a childish-appearing UI. Your common security issues aren't from inbound port scans. I've personally run XP SP3 for months with no antivirus or third-party firewall. No major problems, less you do something excessively stupid like running IE or Outlook Express unrestricted. Problem is, that is what anyone who is running a default installation of Windows prior to Vista is doing. It's generally a moot point, though. Any PC that is new enough to still be running its original power supply can run some incarnation of Windows 7. Any comparable Mac can run Mac OS/X. All of the above can run Linux 2.6. If the only way that a given executable file, including the OS itself, can break something is with user intervention, there is only one word: PEBKAC. Thus, not Microsoft's fault. Neither, Apple's (as much as it pains me). Nor .

Re:It is the most important open source project. (1)

CAIMLAS (41445) | more than 4 years ago | (#31470386)

That's a minor quibble of contention. Seriously. It's barely making note of, unless you can identify how Windows Server 2003 is different than XP (aside from the crippling of Terminal Services and the number of connections allowed). Otherwise, they are pretty much the exact same thing.

Re:It is the most important open source project. (1)

timmarhy (659436) | more than 4 years ago | (#31470784)

the fact that the user can migrate from one system to another without having to relearn the GUI and system management options isn't a fault, it's fucking technical victory linux BSD would do well to learn from.

Re:It is the most important open source project. (0, Informative)

Anonymous Coward | more than 4 years ago | (#31469852)

What exactly is wrong with Windows Server security?

Only a fool who has never used OpenBSD would ask such a question.

Re:It is the most important open source project. (2, Interesting)

DAldredge (2353) | more than 4 years ago | (#31469860)

Why can't anyone actually answer the question I asked?

Re:It is the most important open source project. (1, Informative)

Anonymous Coward | more than 4 years ago | (#31470048)

If you want one thing, how about this one: Long time between disclosures and fixes.

SSL renegotiation is still vulnerable in all Windows versions, something OpenBSD fixed in November last year.

Re:It is the most important open source project. (1)

randallman (605329) | more than 4 years ago | (#31470286)

I quit using Windows a few years ago, but does IIS still run as LocalSystem? At the time I thought it was ridiculous to run IIS for that reason alone.

They focused on Security to distinguish themselves (2, Interesting)

doodlebumm (915920) | more than 4 years ago | (#31469346)

I have great respect for the OpenBSD folks. Their focus on security was a result of needing to distinguish themselves in the free marketplace. Back in the late 90's it was necessary to focus on something to keep from being lost in the fray. I don't believe it was their altruism that pushed them to that focus as much as they had some good expertise and made the most of it for marketing. Like I said, I have great respect for them, but let's not put them up on a pedestal that is too high. They have made some security mistakes in the past, and they've fixed them pretty well, too. They are human just like the rest of us.

Re:They focused on Security to distinguish themsel (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#31470566)

They 'focused on security' because they didn't have many experienced programmers, and 'auditing the codebase' for simple mistakes was easier than writing new code.. Then they got a reputation for having security issues fixed in advance of advisories that affected other systems and the 'focus on security' meme was born, and then they got a massive grant from DHS but fucked it up and had to give it back. Still, the meme persists.

In the spirit of openness I have looked for their code audit procedure or any kind of code audit summaries and didn't find it, which leads me to think that perhaps it was just a bunch of hackers chopping around. Hint: When the IRS audits you, their procedures are documented and their summary is documented so that nothing is missed. Of course, the IRS probably keeps it secret but OPENbsd wouldn't do that, right? (No, CVS logs are not enough because they tell you what changed, not what was looked for)

Re:It is the most important open source project. (-1, Troll)

Kitkoan (1719118) | more than 4 years ago | (#31469372)

They're basically the only major operating system project that gives a damn about security. Sure, Linux, for instance, is better than Windows when it comes to security. But that's only because Microsoft has fucked up Windows' security so badly.

The OpenBSD developers, on the other hand, are proactive about security. Their coding practices and extensive code reviews prevent bugs and security problems in the first place.

OpenBSD is what you use when you need a system that's secure, stable, and will work for years without being touched. It's excellent for embedded systems, and is excellent for servers. We have some internal OpenBSD servers that haven't been rebooted in six years.

This utmost care permeates the entire OS. It makes it as close as we can get today to "perfect software". The only other project as close to OpenBSD in terms of quality and security is FreeBSD, which benefits a great deal from the code reviews and effort that the OpenBSD devs put in.

That's half the reason they are secure. The other half is who really knows much about OpenBSD? It's a small niche, much smaller then Linux and OSX and those 2 are considered so secure do to the lack of people knowing how to take advantage of them and their small user base. OpenBSD, while is very secure, does owe some, if not a lot, of it's security to security through obscurity. While I'm not saying no one understands OpenBSD, it's just a small user base that can and/or does use it.

Re:It is the most important open source project. (0)

Anonymous Coward | more than 4 years ago | (#31469652)

This is the stupidest thing I've read in a while. "Half of it" isn't because people don't understand how to use OpenBSD. If you've used any type of Unices before, you wouldn't find OpenBSD that much different. People don't like going the extra mile to chroot services, setup jails and properly configure things from a top-down perspective. THAT is why OpenBSD isn't popular. Thinking that somehow it's magically safer because nobody uses it is just plain backwards.

Re:It is the most important open source project. (5, Insightful)

e9th (652576) | more than 4 years ago | (#31469694)

OpenBSD, while is very secure, does owe some, if not a lot, of it's security to security through obscurity.

Security through obscurity? What are you talking about? Name a better documented OS or distro.

New (and not so new) users are well-advised to keep the FAQs [openbsd.org] bookmarked, but the man pages shipped with the distribution are the most comprehensive I've ever seen. Terse, maybe, but complete, and the developers treat errors/omissions seriously.

Maybe you meant security due to small market share? Don't you think that every wannabe cracker out there wants to make a name for himself by rooting a properly configured OpenBSD box?

Re:It is the most important open source project. (-1, Troll)

Kitkoan (1719118) | more than 4 years ago | (#31470372)

Security through obscurity? What are you talking about? Name a better documented OS or distro. Maybe you meant security due to small market share?

No, I mean security through obscurity. That means that part of the power of the system is a lack of users having a solid knowledge of the OS and it's finer details. That do not mean it's not well documented, it does not mean it doesn't have FAQ's, that does not mean that the information can't be found. It means that not many people know of the information. That is why I was highly advised to learn how to use BSD, not because it had a lack of information, but because it had a lack of qualified people who can properly utilize it. It's like things like quantum physics. Yes the information is out there about it, yes it can be learn, yes it is documented, yes there are text books well explaining the subject... doesn't make it a simple walk in the park to understand and most people don't have a solid grasp on it. It can be learned, but most people just don't know how to.

If you would like to better understand security through obscurity, here's the wiki link: http://en.wikipedia.org/wiki/Security_through_obscurity [wikipedia.org]

Do you read your own sources? (1)

Mathinker (909784) | more than 4 years ago | (#31470596)

If you would like to better understand security through obscurity

"Security through obscurity" is a "term of art" in the security field, and for sure you're wrong when you say

That means that part of the power of the system is a lack of users having a solid knowledge of the OS and it's finer details.

The particular demographics which you claim exist are not, as you point out, caused by an attempt to use secrecy of design or implementation to increase security (as the WP article you linked to explains is the meaning of "security through obscurity").

Re:It is the most important open source project. (0)

Anonymous Coward | more than 4 years ago | (#31469862)

OpenBSD servers that haven't been rebooted in six years

Excuse me, but I call bullshit. If you'd like to post a link to a monitor image with the output of "w" or "uptime" it would be a Good Thing. I like OpenBSD as much as the next guy (I'm a FreeBSD person myself) but this sort of nonsense needs to stop. The OpenBSD people themselves would probably tell you to upgrade and screw the uptime. (As an aside, my personal best is 719 days, but I try and keep it under control.)

Re:It is the most important open source project. (0)

Anonymous Coward | more than 4 years ago | (#31469866)

Theo, is that you?

Re:Most important free software project? (3, Informative)

evilviper (135110) | more than 4 years ago | (#31470228)

Just because they created OpenSSH doesn't mean the OS is the most important open source project on the planet.

OpenSSH was a huge improvement in the security of networks the world over, but it's not at all the only thing OpenBSD has contributed to the world.

Certainly, OpenBSD's development of W^X security led to Microsoft doing the same, and Intel/AMD including instructions to make this easier...

OpenBSD's focus on code correctness and licensing has caused them to lead, and have Linux and other BSDs follow... They announced their dropping of Xfree86 in favor of Xorg before anyone else, and very soon after Xfree86 was no longer found on any OSes. Their objections over the performance, code complexity, and licensing of GCC4 led to them pushing alternative compilers forward, and other projects (like FreeBSD) followed suit, pushing hard to move their favored alternative compilers forward.

There's many more, but you'll have to wait for someone else to come up with a list...

Re:Most important free software project? (1)

jgrahn (181062) | more than 4 years ago | (#31470324)

Just because they created OpenSSH doesn't mean the OS is the most important open source project on the planet.

OpenSSH was a huge improvement in the security of networks the world over

Well, we already *had* the original ssh, but it was being weakened by the original author's effort to build a company around it. OpenSSH saved it,

Re:Most important free software project? (1)

evilviper (135110) | more than 4 years ago | (#31470432)

Well, we already *had* the original ssh, but it was being weakened by the original author's effort to build a company around it. OpenSSH saved it,

SSH1 was cryptographically weak, wasn't remotely as exploit-free, and much more than that, it wasn't being widely adopted... No SSH in Solaris, Cisco routers, etc., until OpenSSH matured, and showed everyone where the future undeniably was.

Perhaps the biggest thing OpenSSH had going for it, was that it was adopted into the OpenBSD base system immediately, and RSH protocols were removed. That definitely got the ball rolling.

Re:Most important free software project? (1)

randomsearch (1207102) | more than 4 years ago | (#31470634)

Agreed on the "most important" hyperbole.

It's a daft and provocative statement. If running the internet is what matters, then Linux or Apache would be more obvious candidates. Still, daft thing to state.

RS

Re:Most important free software project? (2, Funny)

Jose (15075) | more than 4 years ago | (#31468698)

pffft! don't you read the Financial Post? it has been screaming about Rely on the BSDs [financialpost.com] for a while...

Re:Most important free software project? (1)

heidaro (1392977) | more than 4 years ago | (#31468808)

But *BSD is dying.

Re:Most important free software project? (1)

elfprince13 (1521333) | more than 4 years ago | (#31468948)

Actually, last I heard, it's got more than 11% laptop/desktop market share in the US.

Re:Most important free software project? (0, Offtopic)

Anonymous Coward | more than 4 years ago | (#31469042)

No. MacOS isn't BSD.

Re:Most important free software project? (1)

elfprince13 (1521333) | more than 4 years ago | (#31469572)

No, but Mac OS X is. Darwin is BSD with a Mach kernel, and a pile of Obj-C libraries.

Re:Most important free software project? (1)

eugene2k (1213062) | more than 4 years ago | (#31469890)

"BSD with a Mach kernel" - so umm... what makes it a BSD then?

Re:Most important free software project? (1)

Sancho (17056) | more than 4 years ago | (#31470002)

It's the BSD userland.

People in the Linux mindset probably don't understand how BSD is structured. FreeBSD is a kernel and userland, whereas in GNU/Linux, Linux is the kernel and GNU is the userland.

Whether this makes it a BSD is up for discussion, just as is any denotation. More accurately, it is "built from BSD."

Re:Most important free software project? (1)

Rogerborg (306625) | more than 4 years ago | (#31469208)

True dat, but you know who knows that? Me, thee, and Steve Jobs.

Re:Most important free software project? (-1)

Anonymous Coward | more than 4 years ago | (#31468768)

Are you gay?
Are you a nigger?
Are you a gay nigger?
If so, then GTFO.

Re:Most important free software project? (-1)

Anonymous Coward | more than 4 years ago | (#31468854)

That's racially insensitive of you. Perhaps it's you who should GTFO.

Re:Most important free software project? (-1, Troll)

Anonymous Coward | more than 4 years ago | (#31469100)

just to be clear: you're cool with 2 dudes sucking each other's dicks, giving each other rimjobs, and fucking the shit out of each other (literally!) as long as neither one is a darkie?

Re:Most important free software project? (0)

Anonymous Coward | more than 4 years ago | (#31469810)

And it seems he's fine with straight black males too. How odd.

Subjective summary is subjective (1, Funny)

PFAK (524350) | more than 4 years ago | (#31468596)

"You get the chance to support the most important free software project on the planet"

What? This sounds like something Theo or a GNU zealot would write ...

Re:Subjective summary is subjective (1)

Beelzebud (1361137) | more than 4 years ago | (#31468660)

To me it just sounds like someone enthused about something they enjoy being a part of...

Re:Subjective summary is subjective (4, Informative)

bsDaemon (87307) | more than 4 years ago | (#31468892)

OpenBSD is also responsible for, among other things, OpenSSH, OpenBGPD, and OpenNTPD -- all three of which are widely adopted and used far, far beyond the sphere of influence of even OpenBSD itself. OpenSSH accounts for some 90% of all SSH deployments world-wide. Whether you know it or not, OpenBSD-related software enables quit a bit of the internet infrastructure.

Re:Subjective summary is subjective (1)

Hurricane78 (562437) | more than 4 years ago | (#31469562)

Two words: Linux kernel!

Re:Subjective summary is subjective (2, Insightful)

onefriedrice (1171917) | more than 4 years ago | (#31469874)

As good as the Linux kernel is, there are viable replacements with arguably better licensing terms. On the other hand, the likes of OpenSSH are so good (and so widely used) that most people couldn't name a single ssh alternative.

Re:Subjective summary is subjective (2, Insightful)

MrNaz (730548) | more than 4 years ago | (#31469884)

11 words.
The Linux kernel would not be securely accessible remotely without OpenSSH.

Re:Subjective summary is subjective (0)

Anonymous Coward | more than 4 years ago | (#31470424)

Wrong.

Telnet + IPSec would do it.

Re:Subjective summary is subjective (0)

Anonymous Coward | more than 4 years ago | (#31470656)

Two words: Linux kernel!

Two things in that:
System V
BSD

Might research where your code comes from (the basics, not the fancy add-ons).

Re:Subjective summary is subjective (1, Insightful)

Anonymous Coward | more than 4 years ago | (#31469896)

I don't think anyone's saying that OpenBSD is useless. But to call it the "most important" project is to invite criticism.

What compiler/toolchain do open source projects use? Gcc & binutils. Now, there's pcc, and the much-more-promising clang, and there is work on replacing binutils. But even if GNU gets replaced by those, you can't deny that GNU was/is instrumental in free software projects.

OpenSSH is used in tons of places, but so is Apache. So is Apache one of the most important projects? Firefox has become pretty popular. Is it one of the most important projects? FreeBSD is much more widely used than OpenBSD. Is it more important? And so on. The fact that OpenBSD has contributed to free software doesn't mean that others haven't, or that OpenBSD is somehow superior.

Re:Subjective summary is subjective (1)

deniable (76198) | more than 4 years ago | (#31469932)

How does OpenSSH do without GCC?

Re:Subjective summary is subjective (1)

onefriedrice (1171917) | more than 4 years ago | (#31470042)

How does OpenSSH do without GCC?

Err... fine. Do you think OpenSSH only compiles on the gnu compiler?

Re:Subjective summary is subjective (1)

ftobin (48814) | more than 4 years ago | (#31470326)

After looking into a replacement for NTPD, OpenNTPD was a terrible option. If I recall correctly, all it did was a very simplistic setting of the time from what the server says. No slewing, no safety mechanisms, etc. I remember reading that it was simply designed for simplicity, not features, but it went way overboard.

Re:Subjective summary is subjective (3, Informative)

OttoM (467655) | more than 4 years ago | (#31470484)

Not true. It is simple, but it does slewing and rules out bad servers etc.

Re:Subjective summary is subjective (0)

Anonymous Coward | more than 4 years ago | (#31470744)

Still doesn't mean the OpenBSD itself is relevant.

Re:Subjective summary is subjective (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#31468990)

"You get the chance to support the most important free software project on the planet"

What? This sounds like something Theo or a GNU zealot would write ...

It's normal for commercial software companies to run advertisements making claims like "the best" or "easiest to use" or "most important in industry" etc. Yet you call someone associated with a free software project a zealot for doing something similar. Face it, you're being a douchebag. That alone isn't so bad unless you make some lame excuse for it. I think you're a zealot yourself, and your zealotry consists of accusing others of zealotry based on the flimsiest of evidence. I don't get it. There are enough real zealots out there that there's no need to make shit up in order to speak against them.

I used my last mod point to mark your post Flamebait. That's what it deserves.

Re:Subjective summary is subjective (1)

timmarhy (659436) | more than 4 years ago | (#31469128)

spend some time on the mailing list, you'll see why it's a marginalised project.

the funny thing is i really really wanted to like openbsd, i tried it on some production systems. lack of hardware support, problems with upgrading combined with the 6 month release cycle forcing you into the upgrade senario just made the whole thing too hard.

Re:Subjective summary is subjective (1)

mwvdlee (775178) | more than 4 years ago | (#31470572)

How does a 6 month release cycle force you into an upgrading scenario any more than the release/patch cycle of any other OS does?

Re:Subjective summary is subjective (3, Informative)

timmarhy (659436) | more than 4 years ago | (#31470828)

because after 2 releases they stop making security updates. other OS's go a hell of a lot longer before they EOL their releases.

i've had this arguement with openbsd people before. what it comes down to is openbsd is their toy and they like constantly updating rather then doing mundaine shit like patching old versions.

all well and good, it's their project they can do as they please, but don't pretend that it's a superior server OS, because it simply doesn't cut it if you don't have patch support after just 12 months. there's plenty of secure systems with more features and longer EOL's that make openbsd more trouble then it's worth.

But I want it now (3, Insightful)

MichaelSmith (789609) | more than 4 years ago | (#31468644)

Thats how people think these days. They don't care about having the three CDs in their soft shell case. The T shirt probably won't fit (I have a NetBSD shirt which would fit two of me).

So charge for an ISO download. Get'em out the door. Save money on CD burning, etc.

Re:But I want it now (0)

Anonymous Coward | more than 4 years ago | (#31468676)

It's the artwork, the posters and the security of an official CD set. These things are collector items. Some of the old versions sell for hundreds of dollars. Just because no one does it this way anymore makes it even more special. In fact, that is the main reason why OpenBSD stands out. They find good ways to do things and stick with it.

Re:But I want it now (1)

icebraining (1313345) | more than 4 years ago | (#31468692)

You can choose the TShirt size from S to XXXL. I really hope that some of those sizes fits you :)

Re:But I want it now (1)

deniable (76198) | more than 4 years ago | (#31468712)

What definition are they using? I'm a large 'Made in India,' but an XL/XXL 'Made in China.'

Re:But I want it now (5, Funny)

Anonymous Coward | more than 4 years ago | (#31468774)

is this still about t-shirts?

Re:But I want it now (0, Troll)

techno-vampire (666512) | more than 4 years ago | (#31468776)

And then again, there's SF fandom, where XL is considered medium. Says a lot about how fat some of them are, doesn't it?

Re:But I want it now (1)

contrapunctus (907549) | more than 4 years ago | (#31469814)

I think if you stopped with the first sentence it would have been funny. Adding the second sentence made it mean and trolly.

Re:But I want it now (1)

techno-vampire (666512) | more than 4 years ago | (#31470452)

I'm not fat, but I am involved in SF fandom. Believe me, some of them are very, very fat. And, I must say, they joke about it instead of getting offended if you mention it.

Re:But I want it now (1)

Xipher (868293) | more than 4 years ago | (#31469220)

If you want to do it that way you could just donate money and grab the ISO when it's available, or build your own off the stable branch.

Re:But I want it now (0)

Anonymous Coward | more than 4 years ago | (#31469326)

So charge for an ISO download.

Can't one just download it [openbsd.org] and give a donation?

Problem solved.

Re:But I want it now (1)

aztektum (170569) | more than 4 years ago | (#31469720)

(I have a NetBSD shirt which would fit two of me).

Obviously you are not the target audience. I suggest an immediate increase in the consumption of Mtn Dew, Cheetos and pizza, followed by a rigorous session of WoW

Re:But I want it now (1)

evilviper (135110) | more than 4 years ago | (#31470096)

You'll get the CDs BEFORE you can download the ISO. That should be sufficient incentive for those who can't wait to pony up some cash.

Re:But I want it now (1)

that this is not und (1026860) | more than 4 years ago | (#31470478)

What if I just want the CVS update instead?

Is ugrading OpenBSD still kind of a mess? (3, Interesting)

flydpnkrtn (114575) | more than 4 years ago | (#31469018)

See the upgrade guide for upgrading 4.5 to 4.6... it's a 280 line upgrade guide:
http://www.openbsd.org/faq/upgrade46.html [openbsd.org]
 
...on RedHat and CentOS, to go from RHEL 5.3 to RHEL 5.4 I did "yum -y update". That's it.

Can we get there with OpenBSD? At my current place of employment we were using OpenBSD, but the upgrade process was an argument that was made (by other members of my team) to move to RHEL...

Re:Is ugrading OpenBSD still kind of a mess? (2)

MichaelSmith (789609) | more than 4 years ago | (#31469064)

The BSD projects have a great packaging system but it is only used for layered applications. It could certainly be used for the whole system but I think that defeats the "as simple as possible" approach they try to use.

You can install from source and update with cvs if you want.

Re:Is ugrading OpenBSD still kind of a mess? (1)

CAIMLAS (41445) | more than 4 years ago | (#31470420)

Much of how the BSD systems do things is very "clean" in principle, but in practice sucks the tits right off a cow.

It's so goddamn simple and straigh-forward that it requires an administrator to do one (or more, in combination) of the following:

a) devise an atypical, custom build process for dealing with simple systems administration tasks, upgrades, installs (partially due to the 'simple' approaches not working consistently or being all too finessed).
b) writing custom package/kernel/whatever administration scripts in $language (probably csh) to implement $core_function available on $other_os
c) not upgrading, ever. just put a new version on when you get new hardware.

Case in point: package management on FreeBSD. Everyone does it differently, so scripts (or even the 'package' tools they talk to) you used at a previous job are useless (needing a serious rewrite). And then you've got to contend with the 'hacks' someone put into a package to "make it work" every time you upgrade - usually dealing with a non-trivial daemon process failure, or the like.

Re:Is ugrading OpenBSD still kind of a mess? (4, Informative)

flydpnkrtn (114575) | more than 4 years ago | (#31469092)

To follow up on my own post, they have a draft upgrade guide up it looks like (they recommend that it not be used yet though):
http://www.openbsd.org/faq/upgrade47.html [openbsd.org]

Looks like they include a utility to make life easier when upgrading... looks similar to what Gentoo Linux does when config files are upgraded... new configs are diff'd, and can be interactively merged, etc:
"OpenBSD now includes the sysmerge(8) utility, which helps administrators update configuration files after upgrading their system. Sysmerge(8) compares the current files on your system with the files that would have been installed with a new install, and gives you the option of keeping the old file, installing the new file, or assisting you in the manual merging of the old and new files, using sdiff. For past upgrades, we've presented a list of files that are usually copied over "as-is", and a list of files which should be changed, and a patch file that applies those changes to what might be in those files on your system. You may opt to use sysmerge to make the changes, or you may wish to use the patch file first, and then follow up with a sysmerge session to clean up any loose ends."

So it looks like they're at least making an effort to make it less painful

Re:Is ugrading OpenBSD still kind of a mess? (1, Insightful)

bertok (226922) | more than 4 years ago | (#31469596)

To follow up on my own post, they have a draft upgrade guide up it looks like (they recommend that it not be used yet though):
http://www.openbsd.org/faq/upgrade47.html [openbsd.org]

Looks like they include a utility to make life easier when upgrading... looks similar to what Gentoo Linux does when config files are upgraded... new configs are diff'd, and can be interactively merged, etc:
"OpenBSD now includes the sysmerge(8) utility, which helps administrators update configuration files after upgrading their system. Sysmerge(8) compares the current files on your system with the files that would have been installed with a new install, and gives you the option of keeping the old file, installing the new file, or assisting you in the manual merging of the old and new files, using sdiff. For past upgrades, we've presented a list of files that are usually copied over "as-is", and a list of files which should be changed, and a patch file that applies those changes to what might be in those files on your system. You may opt to use sysmerge to make the changes, or you may wish to use the patch file first, and then follow up with a sysmerge session to clean up any loose ends."

So it looks like they're at least making an effort to make it less painful

Are you kidding me? The upgrade process is for the administrator to manually merge the configuration files!?!?

And this is the improved version? Wow. Just... wow.

I can't believe people here whine about how the Windows 'registry' is somehow the root of all evil, even though the vast majority of Windows apps (and Windows itself) handle version upgrades automatically.

It's like I've time travelled back to the 70s.

Re:Is ugrading OpenBSD still kind of a mess? (0)

Anonymous Coward | more than 4 years ago | (#31469698)

I can't believe people here whine about how the Windows 'registry' is somehow the root of all evil, even though the vast majority of Windows apps (and Windows itself) handle version upgrades automatically.

It's like I've time travelled back to the 70s.

The registry is the root of all evil. For example: Outlook ignores the domain policy which defines the location of the .ost-file. So you have to write a program/script, which modifies the mail profile of every user in the registry to ensure Outlook writes to the right place. And we're not talking about a "normal" plain text string, but obfuscated registry crap which you have to write in a key named like "0234ddfe5edee378".

Re:Is ugrading OpenBSD still kind of a mess? (2, Informative)

BeardedChimp (1416531) | more than 4 years ago | (#31469096)

This is very disingenuous. The upgrade guide contains all possible contigency plans incase you have altered system files, or have chosen not to upgrade the kernel etc.

For example look at the debian lenny [debian.org] upgrade notes. They are way longer but generally debian based distros are considered some of the best for upgrades.

Re:Is ugrading OpenBSD still kind of a mess? (1)

flydpnkrtn (114575) | more than 4 years ago | (#31469122)

I applaud OpenBSD for having good documentation, but again with Debian I remember just doing "apt-get dist-upgrade" and apt "figuring everything out"

Upgrading OpenBSD still looks to be a very manual process, to me anynway....

Re:Is ugrading OpenBSD still kind of a mess? (1)

orient (535927) | more than 4 years ago | (#31469204)

Upgrading OpenBSD is a complicated process, but I was able to complete the upgrade following the instructions step-by-step, without even understanding what every command was doing and why. I never found an OS providing such a correct and exact upgrade guide.

Re:Is ugrading OpenBSD still kind of a mess? (1)

crazybit (918023) | more than 4 years ago | (#31469684)

You never found such OS? You should try CentOS, the whole upgrade guide is just 'yum -y update'. It rarely fails, specially if you never did something dumb like installing libraries from sources or such.

Re:Is ugrading OpenBSD still kind of a mess? (0, Offtopic)

orient (535927) | more than 4 years ago | (#31469780)

No offence, but I used Fedore once, after two days it upgraded the kernel (automatically, security update), then it could not boot anymore. Never used Fedora/RedHat/CentOS since. *buntu upgrades never worked flawlessly either, though.

Re:Is ugrading OpenBSD still kind of a mess? (0)

Anonymous Coward | more than 4 years ago | (#31470310)

Your anecdotal data about Fedora does not change the fact that CentOS' "yum -y update" is far easier than anything OpenBSD has.

Re:Is ugrading OpenBSD still kind of a mess? (1)

Magic5Ball (188725) | more than 4 years ago | (#31470736)

Yes. Something dumb like using taking advantage of the "open" part of open software to do something the software publisher had not explicitly approved.

Re:Is ugrading OpenBSD still kind of a mess? (0)

Anonymous Coward | more than 4 years ago | (#31470638)

So tempted to call troll, but you probably don't know the lack of truth and aren't one.

So you'll say you only used debian stable and the free repositories. No nvidia card, or at least no nvidia card with 3d support--get your system broken every single kernel update--can't even get video to work after the reboot. Oh, and there's three year old bug with the hardware detection that requires an extra reboot that's undocumented and people keep claiming it doesn't exist.

And then there's the old packages, apt-get autoremove is needed. And then there's what happens if you install even *one* bad package and it ends up partial, and you need to rebuild your repository index... I can't even remember the command it was so convoluted.

Then there's the fact that in Debian you're on a kernel nearly a year old most of the time. What's that--you still can't ship me a system that will let me watch hulu on an AMD64? Oh, I need non-free and more contrib. Oh...yeah, your special version of flash won't let me act normally.

Oh, no 64 bit thunderbird either, or if I can get it, I have to recompile to load enigmail extensions.

What's that you say, don't use 64 bit? And I need to manually specify an SMP kernel to get my multi core to work? Oh, you fixed that. But now I need to manually specify PAE in order to address all of my RAM...

And this won't persist across the last distribution upgrade I did...

Look--Debian doesn't work. Sure, it's great, it's easy. If I want to live in the stoneage of computing. Otherwise, it's customize, tweak, install, look up community hacks, and have them all break horribly every upgrade.

Thanks, I'll stick with the manual process--at least they indicate the parts I should try to understand in advance, instead of dying silently and kicking me back to a shell.

Re:Is ugrading OpenBSD still kind of a mess? (4, Informative)

Just Some Guy (3352) | more than 4 years ago | (#31469176)

The funny thing (to me) is that the upgrade process looks a lot harder than it actually turns out to be. On our servers, it usually amounts to running the installer, running patch to update files in /etc, running a single command to upgrade all the installed 3rd-party software, and rebooting a last time to make sure it comes back up cleanly.

In practice, the things that OpenBSD doesn't automatically upgrade with the above steps are the kinds of things you wouldn't want a script to attempt, such as upgrading the firewall configuration to use new features. The process certainly isn't slick or pretty, but it does the job well and safely.

Re:Is ugrading OpenBSD still kind of a mess? (1)

flydpnkrtn (114575) | more than 4 years ago | (#31469214)

Hmm... it's entirely possible you're right. I'm not someone who's been using OpenBSD for years, so I was basing my opinion mostly on what I'd seen in the docs.

The way you put it, the upgrade process doesn't sound that bad

Re:Is ugrading OpenBSD still kind of a mess? (1)

Niten (201835) | more than 4 years ago | (#31470448)

I agree. The thing generally missed by people who criticize the OpenBSD upgrade process without having actually tried it themselves, is that OpenBSD is so cleanly designed and well documented that it's actually possible to hold a thorough understanding of the operating system in one's head, so to speak. It's like the Arch Linux philosophy [phraktured.net] :

Relying on complex tools to manage and build your system is going to hurt the end users. [...] "If you try to hide the complexity of the system, you'll end up with a more complex system". Layers of abstraction that serve to hide internals are never a good thing. Instead, the internals should be designed in a way such that they NEED no hiding.

except applied to an entire operating system, built from the ground up and maintained as a cohesive package.

The result of this is that, unlike with Windows or even most Linux distributions, there's little need for automated upgrade utilities because there's really quite little going on under the hood in the upgrade process. This means little chance of things breaking. And if something does break, you'll know precisely what it was and how to fix it.

I've been burned by even the best of the automated upgrade tools (Debian's). Frankly, OpenBSD is the only operating system I ever try to upgrade in place between major versions any more, because the upgrade process is so straightforward and transparent.

Re:Is ugrading OpenBSD still kind of a mess? (0)

Anonymous Coward | more than 4 years ago | (#31469542)

Instead of following all of this guide, which is partly for an upgrade without booting from the installation media, you could boot from the CD and select "upgrade", which takes care of installing the news files, including the kernel, and creates the new device files. You'll still have to update your configuration files, though. But this is mostly less painful. As the syntax of the files seldom changes, I run the diff program on my notebook only every few updates, unless I know that some configuration file needs work.

All in all, the upgrade process of the base system takes perhaps 10 minutes, if you can (or dare to) leave your /etc/ files alone. The packages can then later be updated by a single command, like "pkg_add -vui"

As for the magic of single-line-updates: Over the years each of SuSE, Debian and Ubuntu at least once destroyed some of my configuration files automagically. Gentoo and OpenBSD never did that.

Re:Is ugrading OpenBSD still kind of a mess? (3, Informative)

evilviper (135110) | more than 4 years ago | (#31470050)

See the upgrade guide for upgrading 4.5 to 4.6... it's a 280 line upgrade guide:
http://www.openbsd.org/faq/upgrade46.html [openbsd.org] ...on RedHat and CentOS, to go from RHEL 5.3 to RHEL 5.4 I did "yum -y update". That's it.

You can just do the OpenBSD upgrade without reading those instructions... as you did with RHEL.

If you'd actually started to read those instructions, you'd have seen they outline basically all feature changes between the previous and current release. See:

scrub in all no-df max-mss 1440

can be replaced with a rule using the new "match" action:

        match in all scrub (no-df max-mss 1440)

Did the yum upgrade automatically make all necessary syntax changes in all corner cases in your config files to adapt them for the newest versions of the software? Obviously not... You're left to figure those out yourself. If the new version of iptables uses different options for some obscure option, you're screwed. Oh well, guess you should have read the RHEL 5.4 errata, which happens to be SEVERAL THOUSAND LINES http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5.4/html/Release_Notes/index.html [redhat.com]

So tell me... (0)

Anonymous Coward | more than 4 years ago | (#31469454)

What advantages does this operating system have over say, a train, which I could also easily afford?

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>