Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD 5.0 Unleashed On the World

timothy posted more than 2 years ago | from the sir-this-encryption-appears-nearly-unbreakable dept.

Operating Systems 185

First time accepted submitter tearmeapart writes "A new version of the operating system that most of us would love to love, but probably hardly ever directly use, has been released. As scheduled, release 5.0 brings support for more hardware, network improvements, and OpenSSH 5.9. The links: changelog; download; main 5.0 page; and how to order your OpenBSD products!"

cancel ×

185 comments

Sorry! There are no comments related to the filter you selected.

BSD is dead (-1, Troll)

Anonymous Coward | more than 2 years ago | (#37908886)

BSD is dead. Use a real OS like Mac OS X you freetarded losers.

Re:BSD is dead (0, Insightful)

Anonymous Coward | more than 2 years ago | (#37908924)

Mac OS X is based upon BSD, you fucktard.

Re:BSD is dead (-1)

Anonymous Coward | more than 2 years ago | (#37908934)

whoosh!

Re:BSD is dead (0)

Anonymous Coward | more than 2 years ago | (#37908928)

I use OpenBSD on many devices. I wouldn't run anything else for a firewall. I have already got a copy of 5.0 and setting it up on my work desktop now.

Re:BSD is dead (1)

Mitchell314 (1576581) | more than 2 years ago | (#37910300)

Only a git uses Mac OS X. A real OS is Darwin BSD! (To those modding parent down, it's a sarcastic joke. A lot of OS X (user space and kernel space (and nested parenthesis space!)) is derived from BSD).

EPIC headline (2)

seandiggity (992657) | more than 2 years ago | (#37908892)

...no but srsly, OpenBSD is not actually a giant blowfish out to destroy our cities.

Re:EPIC headline (2)

daid303 (843777) | more than 2 years ago | (#37909006)

...no but srsly, OpenBSD is not actually a giant blowfish out to destroy our cities.

Which would be more exciting then an OpenBSD release. I for one, welcome our new blowfish overlords.

Re:EPIC headline (0)

Anonymous Coward | more than 2 years ago | (#37910292)

Which would be more exciting then an OpenBSD release.

As it should be.

There is an old BSD curse: "May your computer run an interesting operating system."

Re:EPIC headline (1)

ByOhTek (1181381) | more than 2 years ago | (#37909028)

Of course, it is to protect us from the space hackers trying to invade our networks!

It is a friendly (to us) giant blowfish!

I once was at a job interview, and they asked if I had any experience with "the OpenBSD variant of Linux".
I was silent for a moment trying to gain my composure, and then said "... Well, it isn't actually a variant of Linux. It's derived from the original Unix work that Berkley did in conjunction Bell Labs, and not Linus Torvalds independently written Kernel."

Needless to say, I didn't get a job.

Re:EPIC headline (2, Funny)

Moridineas (213502) | more than 2 years ago | (#37909096)

Well, no wonder--you didn't use a possessive apostrophe after Linus Torvalds! Amateur mistake...

Re:EPIC headline (1)

tqk (413719) | more than 2 years ago | (#37909132)

Needless to say, I didn't want that job.

FTFY. "Ah, a smartass know-it-all, eh?" It's always best to avoid managers who're easily intimidated by competence.

Re:EPIC headline (1)

perpenso (1613749) | more than 2 years ago | (#37910176)

Needless to say, I didn't get a job.

Somewhere in the conversation did you answer the question as to whether or not you had OpenBSD experience? :-)

Re:EPIC headline (1)

Jeremiah Cornelius (137) | more than 2 years ago | (#37910426)

You will never get hired, wearing a ComiCon T-shirt, and opening your sentences by saying: "Actually,..."

Re:EPIC headline (1)

perpenso (1613749) | more than 2 years ago | (#37910876)

You will never get hired, wearing a ComiCon T-shirt, and opening your sentences by saying: "Actually,..."

Actually :-), I got a job because when the interviewing manager asked how the programming test I had just taken went I told him how poor a test it was. He was very interested in my opinions regarding the matter. One of the first things I was assigned to do once hired was to create a new test. The manager was a business guy and knew nothing about programming but he understood rational arguments when he heard them.

Of course maybe I was hired because I wore a suit and tie for the interview.

obligatory (4, Informative)

nimbius (983462) | more than 2 years ago | (#37908898)

link to the 5.0 song, art and lyrics.
http://www.openbsd.org/lyrics.html#50 [openbsd.org]
it is recommended best practice to play the correct release song while upgrading your openbsd.

Re:obligatory (1)

unixisc (2429386) | more than 2 years ago | (#37909292)

Speaking of which, the pic on the OBSD DVD reminds me of the Smashing Pumpkins

Re:obligatory (0)

Anonymous Coward | more than 2 years ago | (#37910732)

link to the 5.0 song, art and lyrics.

<snip>
Little black flies
on a pile of GNU
With a Dairy Queen tip
And Imma comin' for you
</snip>

Install media? (1)

raydobbs (99133) | more than 2 years ago | (#37908940)

I remember trying to install this back in the 3.0 days, being thwarted by the fact that one of the authors of the software owned the copyright on the OS in ISO disc format, effectively making it impossible to get a version to install without paying him. After a few failed days of missing this or that file, and corrupt BitTorrent copies, I gave up, went back to FreeBSD (at the time).

Re:Install media? (3, Informative)

Richard_at_work (517087) | more than 2 years ago | (#37908972)

Not been the case for years, you can download the "install50.iso" image from the mirrors right now.

http://www.openbsd.org/ftp.html [openbsd.org]

Example:

http://mirror.bytemark.co.uk/pub/OpenBSD/5.0/i386/install50.iso [bytemark.co.uk]

Re:Install media? (1)

raydobbs (99133) | more than 2 years ago | (#37908992)

Sounds like something I might have to give a try then. The 'I own the copyright on the ISO image, so you have to pay me to get an installable copy' stuff was bullshit, to be honest.

Re:Install media? (2, Informative)

Richard_at_work (517087) | more than 2 years ago | (#37909008)

It was one of their main fundraising abilities - and to be quite honest, they never stopped other people putting together slightly different ISO layouts and going with those. Plus it was trivial to do an install from the tgz themselves.

Re:Install media? (1)

X0563511 (793323) | more than 2 years ago | (#37910470)

Perhaps I'm missing something, but how are you supposed to boot from compressed tarballs?

Re:Install media? (1)

LearnToSpell (694184) | more than 2 years ago | (#37910576)

You make a floppy bootdisk, which were always available, and do a network install?

Pre-built VMware Virtual Machines? (1)

billstewart (78916) | more than 2 years ago | (#37909802)

Does anybody know if there are pre-built VMware appliances with the new OpenBSD and VMware tools on them? Or will I need to do that from scratch?

Re:Pre-built VMware Virtual Machines? (-1)

Anonymous Coward | more than 2 years ago | (#37910650)

Yes.

Re:Pre-built VMware Virtual Machines? (-1)

Anonymous Coward | more than 2 years ago | (#37910836)

No.

Re:Install media? (0)

Anonymous Coward | more than 2 years ago | (#37908982)

What are you possibly talking about? OpenBSD has been free to download as long as it's been economical to(ie, the advent of broadband) and the CDs are fairly cheap. It's completely against their way to force you to pay for it, really.

Re:Install media? (1)

hedwards (940851) | more than 2 years ago | (#37909652)

I remember in the late 90s that it would be more efficient and cost effective to buy the discs and have them shipped, but that was more a matter of the cost of dial up service and the time it would take to deal with that.

I don't recall one ever having to pay for it as the BSD license does allow people to sell copies of it if they wish.

Re:Install media? (2)

tlhIngan (30335) | more than 2 years ago | (#37909032)

I think they offer a free "net install" CD, and many others have put together offline install versoins.

But yeah, that's the OpenBSD way - they sell the One True Install media to ensure you're getting a pristine copy and not something potentially hacked up with hidden vulnerabilities and such. After all, OpenBSD is about security - and having a way to distribute unmodified CDs is quite hard.

If you're testing, fine, netinstall or "unofficial offline install" CDs and DVDs work. But if you're wanting a secure installation, you probably sould buy the official blessed media.

Re:Install media? (0)

dolmant_php (461584) | more than 2 years ago | (#37909088)

No, they do it that way to to have money and operating funds. It has nothing to do with a pristine copy. The checksums are all online. As another poster mentioned, the full install ISOs are now freely available (and have been for some years), in addition to the net install ISOs.

Re:Install media? (0)

Raenex (947668) | more than 2 years ago | (#37909158)

But yeah, that's the OpenBSD way - they sell the One True Install media to ensure you're getting a pristine copy and not something potentially hacked up with hidden vulnerabilities and such.

They're just trying to extract money.

and having a way to distribute unmodified CDs is quite hard

No it isn't. All you need is a secure checksum for the image.

Re:Install media? (-1)

Anonymous Coward | more than 2 years ago | (#37909124)

Sounds like you are a very stupid individual. All you had to do was download the install floppy image and you were set. Yes, there are install cd images now. No, you should not try again. Stick to freebsd, we don't need any more idiots that can't read clogging up the mailing list with stupid questions that are answered in the FAQ.

Re:Install media? (-1, Offtopic)

Anonymous Coward | more than 2 years ago | (#37909196)

I realize others have probably told you this today, but you're a despicable human being.

Re:Install media? (0)

tqk (413719) | more than 2 years ago | (#37909432)

Sounds like you are a very stupid individual. All you had to do was download the install floppy image and you were set. Yes, there are install cd images now. No, you should not try again. Stick to freebsd, we don't need any more idiots that can't read clogging up the mailing list with stupid questions that are answered in the FAQ.

I realize others have probably told you this today, but you're a despicable human being.

Sigh. Some people just can't handle the truth.

Re:Install media? (1)

jawtheshark (198669) | more than 2 years ago | (#37909166)

I don't get this "burn to CD". Who cares? I rarely, if ever, do that. Just use PXE and be done with it. All Linuxes and all BSDs, I know of, allow that easily. Apparently even Windows XP could be installed over PXE, but it was a series of hacks and not easy. I don't know about the more modern Windows versions.

OpenBSD always had a free install (1)

perpenso (1613749) | more than 2 years ago | (#37910384)

I remember trying to install this back in the 3.0 days, being thwarted by the fact that one of the authors of the software owned the copyright on the OS in ISO disc format, effectively making it impossible to get a version to install without paying him. After a few failed days of missing this or that file, and corrupt BitTorrent copies, I gave up, went back to FreeBSD (at the time).

OpenBSD always had a simple free install if you had a network connection. There were free bootable images available for download. You boot from one of these and it downloads components as needed during the install. The only thing you had to pay for was a CD that contained all components and could do an install *without* a network connection. At least for the current release, the full CD images for previous releases were available for download.

Netinstall: cd50.iso OR Base: install50.iso (1)

Artemis3 (85734) | more than 2 years ago | (#37911610)

This is how you install Openbsd [openbsd.org] . You can download a small iso for your usb/cd, and that will download anything needed thru the net.

Back in the version 3 days, you needed only a floppy or two to start such an install, nowdays is the same, but ppl mostly use usb sticks now (the floppy image still exists).

Going for randomly made iso images on bittorrent was a very stupid idea. The only reason i could see someone needing a whole iso is if they lack connectivity.

You can compare this install method to Debian netinstall [debian.org] , or Ubuntu minimal [ubuntu.com] iso images.

TIP: The installation and configuration guide is called "FAQ" [openbsd.org] for some reason.

How is this news? (-1, Troll)

WaterDamage (719017) | more than 2 years ago | (#37908976)

Why is this news on the main page? Ubuntu 11.10 is out too and Windows 8 will be out soon! In other news, Kim Kardashian got divorced after 72 days! Who gives a Beep!

Re:How is this news? (0)

future assassin (639396) | more than 2 years ago | (#37909022)

Ubuntu? I though eveyone has already switched to LMDE. Windows 8 my homework.

Re:How is this news? (2)

tqk (413719) | more than 2 years ago | (#37909284)

Why is this news on the main page?

Because OpenBSD matters?

Ubuntu 11.10 is out too and Windows 8 will be out soon!

... as compared to them.

In other news, Kim Kardashian got divorced after 72 days!

Who?

Seriously, I didn't know they'd released a new version, and I was just wondering what I should do with a presently mothballed system I have. Now, I can build an OpenBSD sandbox to play with. Woohoo! :-)

Wow! KDE 3.5 and Gnome 2.3 .... (1)

Jerry (6400) | more than 2 years ago | (#37908986)

It's Linux, direct from 2005!

Re:Wow! KDE 3.5 and Gnome 2.3 .... (4, Insightful)

AdamJS (2466928) | more than 2 years ago | (#37909044)

So it's not corrupted by the utter crap that is Gnome 3 and Unity? SIGN ME UP.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (5, Insightful)

cachimaster (127194) | more than 2 years ago | (#37909114)

It is crazy to think that shipping gnome 2.32, OpenBSD 5.0 has become much more desktop-friendly than Ubuntu.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (0)

Anonymous Coward | more than 2 years ago | (#37910256)

I don't like Unity, but I do like Gnome 3. For me, it is just as desk-top friendly as its predecessors. I haven't had any trouble with it, and I'm surprised that people do. There may be an aesthetic dislike of it, but in terms of usability and friendliness for the desktop it is on par with what came before.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (1)

cachimaster (127194) | more than 2 years ago | (#37911570)

I like gnome 3 too, I just found it too different and not really mature for the time being.
As every human, I need time to adapt, and gnome 3 do not provide for a good backwards-compatible interface (there is one but is a hack and it sucks) .
Even windows 8 has a fallback interface that looks exactly like windows 7.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (3, Insightful)

Medievalist (16032) | more than 2 years ago | (#37909168)

It's Linux, direct from 2005!

So it's not corrupted by the utter crap that is Gnome 3 and Unity? SIGN ME UP.

I can't decide whether to mod you "funny", "insightful", "flamebait", or "sad".

Maybe we need an "all of the above" category.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (1)

AdamJS (2466928) | more than 2 years ago | (#37909304)

If it makes you feel any better I'm using Lubuntu, Xubuntu, CentOS and various Windows installs in VMs between work and home. Just calling a spade, a spade.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (1)

Medievalist (16032) | more than 2 years ago | (#37909506)

Oh, I wasn't disagreeing.

I don't think I've ever seen OpenBSD with a GUI installed in the real world. I usually see it in DNS/DHCP and firewall roles... deep infrastructure for highly secure nets.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (-1)

Anonymous Coward | more than 2 years ago | (#37909436)

Yeah, yeah... wake me up when the requisite "everything new is shit" phase is over. Some of us don't consider the Windows 95 GUI the absolute pinnacle of useful user interfaces.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (0)

Anonymous Coward | more than 2 years ago | (#37909544)

And not everyone thinks that change for the sake of change is good. Secondly foisting tablet UIs on desktop users is fucking stupid.

Desktops bonanza... (2)

unixisc (2429386) | more than 2 years ago | (#37909608)

From the Distrowatch site, looks like the list of destops supported by BSD include AfterStep, Blackbox, Enlightenment, Fluxbox, GNOME, IceWM, KDE, Openbox, WMaker, Xfce. And as CarsonChittom pointed out below, it's offering 2 choices of KDE - 3.5.10 and 4.4.5. Chances are that when their Gnome 3.2 is ready, it'll be offered alongside 2.32. My favorite aspect - it offers both AfterStep & WindowMaker - two GNUSTEP based DEs.

As an aside, even Firefox 3.5.19 and 3.6.18 are included. As well as version 5 - thay ain't up to 7.x as yet.

Linux distros would do well to do what the BSDs do - offer a wide choice of desktops, so that everyone can pick their own w/ minimum heartburn. All 3 BSDs - Open, Free & Net offer the wide choice of desktops. Wonder how widespread is the driver support for OBSD, particularly for Wi-Fi?

Re:Desktops bonanza... (0)

Anonymous Coward | more than 2 years ago | (#37909798)

Now all they need are graphics drivers!

Re:Desktops bonanza... (2)

Anne Thwacks (531696) | more than 2 years ago | (#37910388)

Driver support is usually better than any other OS, IME.

As others have commented, the graphics drivers are an exception, and may may be a bit behind the curve. I don't know, cos all my OBSD machines are headless.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (-1)

Anonymous Coward | more than 2 years ago | (#37911660)

No, but there are a heap of driver and performance issues, poor package management (compared to Debian at least), and they want to charge you for an iso image. Between NetBSD, FreeBSD, and Linux, there's not much reason to choose OpenBSD, especially when the best parts have been ported to the others.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (1)

dolmant_php (461584) | more than 2 years ago | (#37909118)

Some [slashdot.org] people [ibiblio.org] don't even like Gnome 3.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (1)

CarsonChittom (2025388) | more than 2 years ago | (#37909236)

It's Linux, direct from 2005!

It's not Linux. It's not even related to Linux. It's a completely different UNIX-like operating system. I'm pretty sure you knew that already, but I thought I'd mention it just in case.

Both KDE 3.5.10 (the last in the 3-series, released August 26, 2008 [kde.org] ) and 4.4.5 (released June 30, 2010 [kde.org] ) are in the -stable ports tree (i.e., available in OpenBSD 5.0). The default GNOME version is 2.32; the release announcement [gnome.org] doesn't give a date, but I think is about a year old. Support for GNOME 3 is being tested in both the -stable and -current trees, and eventually will become the default GNOME, when it's ready.

OpenBSD is, amongst other things, about stability. That means it's not going to contain the absolute latest, bleeding-edge packages. Put another way, things get tested before they become the default. Castigating OpenBSD for being out-of-date is to seriously misunderstand its goals.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (0)

Anonymous Coward | more than 2 years ago | (#37909774)

Thank you, Captain Obvious.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (0)

Anonymous Coward | more than 2 years ago | (#37911356)

You missed his point; he knows that BSD is not Linux, he was saying that this is just like Linux from 2005.

Re:Wow! KDE 3.5 and Gnome 2.3 .... (0)

Anonymous Coward | more than 2 years ago | (#37909330)

The jury is still out as to whether KDE and Gnome from 2011 is an improvement over KDE and Gnome from 2005. Last I heard, Linus Torvalds was urging people to drop KDE and Gnome in favor of Xfce. As is typical in these GUI-centric times, you are confusing the GUI with the OS itself. If your first priority is the latest candy-coated GUI goop, then by all means stick with Ubuntu. If you're more concerned with stability, security and code correctness, then any of the BSD flavors may be for you.

Major release? (0)

Anonymous Coward | more than 2 years ago | (#37909090)

Is 5.0 meant to be a major release? Looks like it is only the next version in the regular schedule. Why don't use 4.10 then?

Re:Major release? (1)

unixisc (2429386) | more than 2 years ago | (#37910376)

How does one differentiate 4.10 and 4.1? Mathematically, they are equal. Either, the creators should have marked the first minor rev as 01, making it 4.01, which mathematically allows for up to 99 minor revs before the next major 1. Or have something like 4.9.x, and keep rev'ing x until they're ready for 5.x. I like it being 5.0, that way, it's not buggy like every other x.0 software normally is.

Oh boy. (1)

Hatta (162192) | more than 2 years ago | (#37909180)

I get to rebuild my firewall from source yet again.

Re:Oh boy. (1)

CarsonChittom (2025388) | more than 2 years ago | (#37909346)

I get to rebuild my firewall from source yet again.

What, are you running Gentoo on your firewall? This is an OpenBSD release: binaries are available from the mirrors. The OpenBSD developers don't provide binary updates for errata, and maybe they should, but your comment is simply invalid for a release.

Though I feel sure they wouldn't turn down your offer of help to provide binary updates.

Re:Oh boy. (1)

Hatta (162192) | more than 2 years ago | (#37909620)

Fair enough. I forget, because I generally follow CURRENT. It's hard to know what's best with OpenBSD. Check out this bit from the FAQ:

In fact, as our hope is to continually improve OpenBSD, the goal is that -current should be more reliable, more secure, and of course, have greater features than -stable. Put bluntly, the "best" version of OpenBSD is -current.

Most users should be running either -stable or -release.

If I want the best version of OpenBSD I have to run CURRENT, which means I have to rebuild my system from source often. It's a real pain in the ass, but I think that's intentional. Someday I'll just switch over to pfsense.

Re:Oh boy. (1)

bill_mcgonigle (4333) | more than 2 years ago | (#37910560)

Someday I'll just switch over to pfsense.

C'mon in, the water's warm. pfSense 2.0 is an excellent improvement over 1.2.3, which I thought was pretty grand itself. You might wait for 2.1, though, if you're in no rush, as it will have some new infrastructure and better IPv6 support.

Great dev. team and community, and they're finally starting to push most of their BSD patches upstream.

Re:Oh boy. (1)

the_brobdingnagian (917699) | more than 2 years ago | (#37910642)

Just install from snapshots every few weeks.

Prehistoric (-1)

DinoZaurus (660724) | more than 2 years ago | (#37909306)

"OpenBSD"??? WTF,what does it take to go extinct? DinoZaurs!!!

Re:Prehistoric (1)

hedwards (940851) | more than 2 years ago | (#37909682)

Larry hasn't yet gotten around to buying them out.

All you lowly people! (0)

Anonymous Coward | more than 2 years ago | (#37909350)

I have been using it for 3 days! I ordered the CDs and they arrived early! I installed it to test out, plus I upgraded my works subversion server to this.

Hardly ever use? (1)

Ptolom (2191478) | more than 2 years ago | (#37909466)

My server runs OpenBSD. It has a really good firewall, and it's absurdly secure. I'm not enough of a masochist to run it on a desktop but if you configure it properly it makes an excellent server OS.

Re:Hardly ever use? (2)

sleepy_weasel (839947) | more than 2 years ago | (#37909932)

You should... you aren't forced to use GNOME or KDE (I use sctrotwm), and I can run gimp, vlc, mplayer, libreoffice (or openoffice.org, because choice=freedom). Most all of the software you use is available on OpenBSD, and if not, the ports system is pretty easy to use to create software ports and packages in OpenBSD.

plus, as long as you do your homework before posting something to the list, you'll generally get some great people to help you...

Re:Hardly ever use? (0)

Anonymous Coward | more than 2 years ago | (#37910314)

The worst part about FreeBSD and OpenBSD is that every piece of software that's not in the base system needs to be compiled from source fairly regularly because the binary packages are usually so out of date. I shouldn't have to recompile Firefox (or any other piece of software that is in the ports tree) regularly to get security updates... I love BSD, but package management is so far behind Debian, Fedora and Arch that it gets frustrating.

Re:Hardly ever use? (1)

unixisc (2429386) | more than 2 years ago | (#37910436)

Is there anything that prevents the BSDs from adapting apt, yumm or other such installation software?

Re:Hardly ever use? (-1)

Anonymous Coward | more than 2 years ago | (#37910590)

If someone actually did port apt or pacman Theo would probably call them a faggot on a public mailing list and refuse to adopt it.

Re:Hardly ever use? (1)

the_B0fh (208483) | more than 2 years ago | (#37910638)

You do know that packages exist right? Why would you make pain for yourself?

Re:Hardly ever use? (0)

Anonymous Coward | more than 2 years ago | (#37910804)

The packages exist, but the packaged version is often behind the version that is in ports because they're lacking the resources to keep the packaged version up to date. For example, it's fairly common that the packaged version of Firefox has known security vulnerabilities while the version in ports does not.

Not provably secure (1, Flamebait)

kriston (7886) | more than 2 years ago | (#37909486)

OpenBSD is only perceptually secure. There is no unbiased audit process. There is no verification by a third party. There's just narcissism. The only reasons we think OpenBSD is secure are:

1) OpenBSD supporters said so.

2) Few people who say they use OpenBSD actually use OpenBSD. As a result, few security holes are found and published.

Please prove this wrong. All I'm seeing are various forms of cognitive distortion and fallacies when people try to prove to me that OpenBSD is truly more secure.

Re:Not provably secure (1)

Ptolom (2191478) | more than 2 years ago | (#37909542)

It's quite tricky to prove you wrong, but easy to prove you right. (if you are right) Just find a remote exploit or two.

Re:Not provably secure (0)

Anonymous Coward | more than 2 years ago | (#37909568)

All but the most trivial programs are not provably secure.
I guess you're right, but not for your troll reasons.

Re:Not provably secure (1)

hedwards (940851) | more than 2 years ago | (#37909702)

You're wrong, because of the claims and the track record, finding a vulnerability in the base install is a great way to make a name for oneself as a security researcher. In the last decade only one has been found. Which is pretty damn impressive by any standard.

Probably the only better way of ensuring that level of security would be paying out a million dollars for such an exploit.

Re:Not provably secure (1)

EETech1 (1179269) | more than 2 years ago | (#37911618)

The kiddie porn sites that anonymous took over were BSD. I had to laugh again when I saw that!

Cheers!

Re:Not provably secure (3, Informative)

MikeBabcock (65886) | more than 2 years ago | (#37909840)

If its security is important to you, you're fully capable of funding your own audit from a third party, either solo or as a group effort. Put together a requirements list, find out a price, and start asking others to chip in until you can afford it.

You're also free to Google for "OpenBSD exploit" and look at all the (very few) results for actual remote exploits.

OpenBSD has always had much more intelligent (secure) default settings for its installed services and packages than Linux or Windows, but I don't administer any OpenBSD boxes regularly myself because its a bit of a pain for day to day patches and updates compared to Linux. There's a trade-off to be made between security and hours available in the week.

Re:Not provably secure (1)

Anonymous Coward | more than 2 years ago | (#37910130)

...did you use SSH today?

Re:Not provably secure (-1, Troll)

metrix007 (200091) | more than 2 years ago | (#37910258)

Not to mention the lack of any kind of advanced access controls or mandatory access controls, or even auditing. OpenBSD has a very, very narrow definition of security and good advertising to hide the fact.

Re:Not provably secure (4, Insightful)

Uberbah (647458) | more than 2 years ago | (#37910274)

The only reasons we think OpenBSD is secure are:

1) OpenBSD supporters said so.

So we should all realize that OpenBSD is overrated. Because you said so.

Re:Not provably secure (0)

Anonymous Coward | more than 2 years ago | (#37910312)

OpenBSD brags that there have only been a few remote holes in the default install in so many years. But if that is the metric of overall security, Ubuntu is the most secure OS out there. By default, there are ZERO listening ports on an Ubuntu installation. The only possible remote exploits would have to be in the IP drivers themselves.

On the other hand, if you look at architecture and coding practices, OpenBSD probably is tops. It only has one listening port by default, and its developers use secure coding practices for everything they do. But this is harder to quantify.

Re:Not provably secure (1)

bill_mcgonigle (4333) | more than 2 years ago | (#37910598)

OpenBSD brags that there have only been a few remote holes in the default install in so many years. But if that is the metric of overall security, Ubuntu is the most secure OS out there. By default, there are ZERO listening ports on an Ubuntu installation

Default install or default installation set. I thought OpenBSD claimed the latter, which is something quite different.

Re:Not provably secure (0)

Anonymous Coward | more than 2 years ago | (#37910850)

OpenBSD brags that there have only been a few remote holes in the default install in so many years. But if that is the metric of overall security, Ubuntu is the most secure OS out there. By default, there are ZERO listening ports on an Ubuntu installation. The only possible remote exploits would have to be in the IP drivers themselves.

Yeah, well, MS-DOS 3.0 doesn't even have IP drivers, so that makes it even more secure than Ubuntu, right?

You're being silly. OpenBSD is a server OS; you can't compare it with a desktop setup. Open a port or two in your Ubuntu, as you must if it's to be a server, and the picture changes.

Re:Not provably secure (1)

UnknownSoldier (67820) | more than 2 years ago | (#37910664)

Well, at least the OpenBSD guys admit on their _own_ homepage the last time they were vulnerable. What other OS manufacturer does that at _all_ ??

I appreciate the honesty and public disclosure -- not trying to sweep it under the rug like almost every OS does.

Re:Not provably secure (0)

Anonymous Coward | more than 2 years ago | (#37910698)

> 2) Few people who say they use OpenBSD actually use OpenBSD. As a result, few security holes are found and published.

Few people who say that oranges are orange have actually seen oranges. As a result, oranges are not really orange.

Re:Not provably secure (0)

Anonymous Coward | more than 2 years ago | (#37911020)

Man, when did the good trolls come back to slashdot? Last time I was here it was all the boring cut&paste crap. Thank you kriston for upholding the glorious tradition of the real slashdot troll!

Re:Not provably secure (1)

optymizer (1944916) | more than 2 years ago | (#37911072)

Since Halloween was yesterday:

Kriston, if there are no candies at the store, the store has no candies for sale. That's not to say there couldn't be any candies left in a drawer by accident, but, no one knows if they exist, hence the above still holds true: the store has no candies for sale. There is no need for an external audit, because, even if you found some candies in a drawer as a result of the audit, the store still had no candies for sale at the time when they claimed they didn't have candies for sale (unless the audit finds tons of candies not disclosed to the public, which is not the case here).

Your argument about the community doesn't hold either. Here's a counter-example: I'm part of an extremely small group of people dealing with a specialized web application. There are only about 20 people in the world using it. I've found at least 10 critical security holes in the default install, just by using it. I've patched about 20 minor bugs, and I'm just a user, I'm not on the developer/QA team. When a product has issues, the community (regardless of size) will still find a percentage of the total issues available. The fact that OpenBSD had 3 issues found in the default install in a decade is impressive, especially since they have _way more_ than 20 users in the entire world AND OpenBSD, as a package, is enormous, with hundreds of utilities and dozens of services waiting to be exploited. But, where are the exploits? That's right.

So, in that context, it's a hell of a lot more secure than other OSes. q.e.d.

BSD is dying (0)

Baloo Uriza (1582831) | more than 2 years ago | (#37909706)

It is now official. Netcraft has confirmed: *BSD is dying

One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test.

You don't need to be the Amazing Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood. FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.

Let's keep to the facts and look at the numbers.

OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Re:BSD is dying (0)

Anonymous Coward | more than 2 years ago | (#37910614)

Do you have any citations for your claim that FreeBSD is dead? From what I know, it's the largest of the BSDs out there.

OBSD 5, F YEAH!!! (0)

Anonymous Coward | more than 2 years ago | (#37909720)

I dunno what crack these ppl are smoking, but not only is OBSD more secure than most other OSes and makes an excellent server/netapp, but is an awesome desktop and/or HTPC. Been using OpenBSD as my primary desktop for years.

Im proud to celebrate another major BSD release and props to Theo for being a stubborn prick and stickin to his purist ways.

-HasH

Not had a good experience (1)

Staticharge (2497386) | more than 2 years ago | (#37910400)

I keep wanting to try one of the BSDs out on a preliminary basis to see how it compares to Linux, but honestly every one of them has irked me from the point of installation. I've tried FreeBSD, OpenBSD, and PC-BSD.

The former two were somewhat cryptic to me, despite 10 years of Linux experience. I've done everything from manage servers to develop for embedded systems, and I always managed to figure things out. But FreeBSD, for example, gives me this somewhat counter-intuitive menu to go through, most of which I figured out, despite my lack of understanding of BSD partition types and all that. The problem though came from the packages. If you don't do anything, it just defaults to a console installation. And that's fine for some situations, sure. But actually trying to install the GUI was another story. I felt like a complete idiot trying to figure out their menus. It wasn't smart enough to just realize that the packages it might need aren't on the basic install CD, so initially I couldn't even find Gnome to install it. Immediately I was turned off by this seemingly primitive package system. But even when you get into the menu to select an internet source, it's a huge mess. I tried to pick Gnome, but it seemed that no matter what I did, I ended up with a plain CLI installation without even basic X. I had no idea where I was going wrong. I tried sysinstall afterward, read some stuff online, but I could not make the damn thing work. So I ended up trying to do it from the command line instead, which in fact was a million times more straightforward than their interface. But without knowing what all packages I actually needed for a full install without digging around, and upon realizing I still would have to manually edit my config files to make X launch with Gnome and all, I just threw my hands up and said forget that mess. If I wanted to go to that much trouble just to try something out, I'd install Arch or Gentoo or something. It's also worth pointing out that pkg_add is a very ugly tool, and not nearly as informative of progress as, say, APT. Perhaps I'm spoiled from all of my Linux use, though.

PC-BSD is supposed to be the most friendly, yet not only did it contradict itself in how much space it would require between two different install attempts, but the first time it failed after the install began, and the second time it said it needed more space than I had allocated in the partitions (and that was both with auto-allocate as well as me doing it manually). Considering there's absolutely nothing different you can choose at that stage of the installation to affect disk space or anything (selecting basic stuff like keyboard type), I have honestly no idea why it was different on each attempt. The third time, when I gave up and just created a bigger virtual partition than I wanted to originally allow it, it then appeared to start downloading a single huge image rather than separate packages. I canceled it after realizing it would take a million years to get from their slow server.

I heard that the release candidate for FreeBSD 9 had a friendlier installer, but a) it seemed pretty much the same text-based one to me, and b) none of the download mirrors in the installer would acknowledge the version I had and wouldn't let me download any packages.

I'm sure many BSD veterans will simply think I'm a moron, am too impatient, or maybe I just had a string of bad luck. And maybe you're right on all counts! And sure, I could go read tutorials on how to do it "properly." But honestly, after using so many variations of Linux over the years, all the way back to the much more cryptic Red Hat installations of yesteryear, you'd think I would be able to figure out BSD no problem. Instead, I just gave it a big sigh, threw my hands up, and said forget it. I haven't needed it so far, so I probably won't need it anytime soon either.

And yet the (stubborn) geek in me still wants to know if it's any better once it's actually up and running, because I know the kernel is supposed to be much cleaner and more optimized than Linux, so I doubt this will be my last attempt.

Re:Not had a good experience (1)

the_B0fh (208483) | more than 2 years ago | (#37910666)

And what the fuck does anything you said have to do with OpenBSD?

Hint: OpenBSD is NOT Linux. It's *UNIX* so you have to understand slices.

Re:Not had a good experience (1)

sleepy_weasel (839947) | more than 2 years ago | (#37911260)

Real Admins know and love the powerful command line.

GUIs are for Windows lovers...

Here's the steps to run a GUI on OpenBSD

1. Install openbsd (use the FAQ on www.openbsd.org to install)
2. After install, reboot
3. After reboot, login as a user (you should have set one... NEVER use root)
4. type 'man afterboot' and read it
5. to get a GUI, type 'startx' at the prompt, this is cwm, but you can install any of the other excellent window managers (I use scrotwm)
6. If you require a bloated GNOME or KDE, you can install it using pkg_add (follow the instructions on the FAQ)

Really, all it requires is 5 minutes of work to read the FAQ. Everything is in the FAQ, or in the well written man pages. OpenBSD even treats misspellings in man pages as bugs, and with the same severity as other bugs...

If you still have a question, e-mail openbsd-newbies@sfobug.org... you can also e-mail misc@openbsd.org, but be sure to have done your homework if you ask a question...

Re:Not had a good experience (1)

Staticharge (2497386) | more than 2 years ago | (#37911788)

I don't run a GUI on any of the servers I've ever managed, and BSD won't be run on any of those, so that isn't the problem. I do however run GUIs on machines which monitor those systems, because it doesn't take a "Windows lover" to acknowledge the usefulness of an efficient interface (which I also develop). Implying that only someone with less intelligence or skill would use one is rather childish and isn't a good way to begin a response.

The problem was that neither GNOME or X were installing to begin with, despite my attempts to use their menu during the install to do so. Even when I figured out the CLI package interface, I didn't know all the packages I would need for a complete GNOME system, since it apparently does not get all dependencies (such as Xorg itself). I know how to manually start and configure X as I've done it many times in the past (back when it was actually still necessary), but at the time I didn't feel like reliving years ago and dig around on the web on a different machine just to try the thing out. OpenBSD's install may have been different (I don't recall the details now), but the experience was essentially the same.

I do appreciate your offer for help, but if I do try again, I will likely do my homework first. My point was simply that after experiencing so many years of Linux evolving, BSD was not a very intuitive experience. When I need a FAQ just to install it properly considering my background, then I feel I'm within my right to be a grumpy nerd about it.

But hey, this is OpenBSD 5, so maybe it's better now. Maybe I'll get past the installer without it complaining about a lack of packages for the version, as the RC of FreeBSD did.

I plan to upgrade sometime in the near future (1)

BigDaveyL (1548821) | more than 2 years ago | (#37911472)

I run OpenBSD/amd64 on a small Intel Atom box as a firewall.

It is lightweight, fast and reliable - so it's served me well.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>