×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD 3.5 Released

michael posted more than 9 years ago | from the security-takes-work dept.

Security 345

pgilman writes "The word just hit the announce@openbsd.org mailing list: "We are pleased to announce the official release of OpenBSD 3.5. We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.5 provides significant improvements, including new features, in nearly all areas of the system" including security, hardware support, software ports, and lots more. Support the project if you can by ordering the cds, or grab it from the net (use a mirror!). Thanks to Theo and the whole team!"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

345 comments

But does it... (-1, Troll)

Anonymous Coward | more than 9 years ago | (#9025841)

Run Gentoo?

Amazingly, yes (4, Informative)

Anonymous Coward | more than 9 years ago | (#9025848)

It does [gentoo.org].

Re:Amazingly, yes (1, Flamebait)

Anonymous Coward | more than 9 years ago | (#9026020)

Don't want to start a flame war here... but,
while PF may be one of those tools that adds more
security than it takes away, that means *nothing*
if the underlying platform is swiss cheese.

OpenBSD is a philosophy, not just another
operating systems and that's something you may
well want to consider before just bandying about
PF for whatever operating system catches your
fancy this week.

Argh (0, Offtopic)

LooseChanj (17865) | more than 9 years ago | (#9025842)

Didn't even need /.'ing this time...

Excellent (5, Insightful)

mastergoon (648848) | more than 9 years ago | (#9025844)

I use Linux on almost all my systems, but nothing can cut the security I get using OpenBSD on my firewalls and routers. I can't wait for SMP support to be working.

Re:Excellent (2, Interesting)

Anonymous Coward | more than 9 years ago | (#9025858)

>> I use Linux on almost all my systems, but nothing can cut the security I get using OpenBSD on my firewalls and routers.

what about www.grsecurity.net [grsecurity.net]? IMHO, I think grsecurity is much more a better solution especially if it were ever integrated into 2.6 kernels. Face it, what other patch/modification/os could potentially protect you from flaws in the kernel itself??

Re:Excellent (0, Informative)

gnuman99 (746007) | more than 9 years ago | (#9025904)

chroot in OpenBSD is a joke - under grsecurity you at least can't easily get out of it. chroot restrictions are essential for a secure system.

well, this is at least my 2 cents

Re:Excellent (1, Troll)

Cecil (37810) | more than 9 years ago | (#9026161)

No. Lack of security holes are essential for a secure system.

If I write a daemon that prints "Hello World" it does not need to be chrooted to be secure. So should all daemons be. If a network-accessible program is accessing files, especially user-specified files, it needs to be god damned careful about it. End of story.

Chroot is a poor kludge of an attempt to turn a non-secure program into a secure one. I would prefer if it weren't in OpenBSD at all, it gives people a false sense of security. Even a perfect chroot leaves you open to all sorts of other vulnerabilities.

Re:Excellent (0)

Anonymous Coward | more than 9 years ago | (#9026192)

Exact same attitute that appears whenever someone trys to advance the state of the art in Unix "secuirty". chroot is a joke, it should never had been sold as a security feature. Its simply a halfassed hack done because it was easy.

If people like you were running the show, we would still be using non-shadowed passwords.

Re:Excellent (0)

Anonymous Coward | more than 9 years ago | (#9026172)

If the value of your comments is any indication, then your 2 cents is pretty much worthless in comparison to an openbsd cent. In other words, you're wrong.

Re:Excellent (0)

Anonymous Coward | more than 9 years ago | (#9025925)

firewalls in Linux is a joke - under OpenBSD you at least can't easily configure and manage it. Firewalls/iptables under linux are a mess to manage when compared to an ACL based config, like PF.

well, this is at least my 2 cents

Re:Excellent (0, Flamebait)

Anonymous Coward | more than 9 years ago | (#9025963)

That's the story in general with Linux. It's not well designed...

Re:Excellent (0)

Anonymous Coward | more than 9 years ago | (#9025991)

firewalls in Linux is a joke - under OpenBSD you at least can't easily configure and manage it. Firewalls/iptables under linux are a mess to manage when compared to an ACL based config, like PF.

So you think not being able to easily configure and manage something is a good thing? Well OK.

Another thing, if Linux's "iptables" interface to netfilter challenges you, then you have no business using computers at all.

If anyone really wanted pf syntax for Linux it wouldn't be difficult to implement.

Re:Excellent (1)

DashEvil (645963) | more than 9 years ago | (#9026025)

He never said it challenged him. He said that it was a mess. One would obviously prefer the easier to manage solution when the end result is the same. That is his point.

Re:Excellent (0)

Anonymous Coward | more than 9 years ago | (#9026109)

Then use a GUI front end to creating an IP tables script, like Firewall Builder.

Re:Excellent (0)

Anonymous Coward | more than 9 years ago | (#9026144)

OpenBSD can. The kernel is compiled with propolice.

Re:Excellent (2, Informative)

klasikahl (627381) | more than 9 years ago | (#9026226)

I think you're forgetting about the NSA funded SELinux project. It's also a kernel level MAC security patch. I prefer SELinux over GrSec for many reasons, one of which is the fact a team of well trained NSA kernel hackers coded SELinux. (As opposed to GrSec whose head coder and inventor is a punk who uses his security knowledge to keep his exploits as 0days. Sounds pretty fishy to me; I won't trust anything that has his name on it.) SELinux is in the official 2.6 kernel branch. Check it out here [nsa.gov].

Re:Excellent (4, Interesting)

Lord Kano (13027) | more than 9 years ago | (#9025929)

How much traffic are you handling if you really need SMP on a firewall/router?

LK

Re:Excellent (1)

mastergoon (648848) | more than 9 years ago | (#9025940)

Probably not so much that it matters...but all my boxes are SMP, so why not take advantage of it when you can :)

Security (2, Interesting)

Anonymous Coward | more than 9 years ago | (#9025849)

The ports & packages collection does NOT go through the thorough security audit that OpenBSD follows

So if I want optimal security, how do I choose which packages to use?

Re:Security (5, Insightful)

Anonymous Coward | more than 9 years ago | (#9025877)

Chose only the packages you will be using, not the ones you might use some day but aren't absolutely needing it. Usually a port that has an absolutely horrible track record might not make it in, or if it has a gaping security problem it might be marked as BROKEN.

Use common sense, chose packages of software you have faith in to not suck.

For the trolls, out there... (-1, Offtopic)

FrYGuY101 (770432) | more than 9 years ago | (#9025859)

[Obligatory]
BSD is dying.
Yeah, but does it run Linux?
Imagine a Beowulf cluster with these!
Natalie Portman uses BSD. Shouldn't you?
In Soviet Russia, BSD releases you!
Darl McBride is not amused.
Yeah, but Linux has a higher kitsch factor.
[/Obligatory]

There. They're made. Happy? You made me do this... It hurt me *way* more than it hurt you. Go to your room.

Re:For the trolls, out there... (-1, Offtopic)

FrYGuY101 (770432) | more than 9 years ago | (#9025871)

And a note, in case it wasn't perfectly clear by the end. It was a (Very poor) attempt at humor.

Those aren't trolls (-1, Troll)

Anonymous Coward | more than 9 years ago | (#9025876)

Those are just things that stupid Slashbots like to huaglhalghlauhglauhgaul about

pfsync/CARP (4, Interesting)

ArbitraryConstant (763964) | more than 9 years ago | (#9025879)

OpenBSD is the Cisco killer.

It's now suitable for replacing a lot of the Cisco gear out there.

Re:pfsync/CARP (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#9025892)

Even Monty Python's agree [secsup.org].

Re:pfsync/CARP (4, Insightful)

astrashe (7452) | more than 9 years ago | (#9025912)

Isn't a lot of Cisco's appeal on the hardware side?

I haven't had a router in a few years, but when I did have a couple, they were rock solid. I always assumed that a big part of it was the fact that they didn't have any moving parts.

Wouldn't the computer architecture make an OpenBSD router less stable?

Re:pfsync/CARP (5, Interesting)

ArbitraryConstant (763964) | more than 9 years ago | (#9026007)

I haven't had a router in a few years, but when I did have a couple, they were rock solid. I always assumed that a big part of it was the fact that they didn't have any moving parts.

OpenBSD (and all the rest) don't need moving parts, except for the power supply fan. VIA Eden chips can run without a fan, and there are other chips from other architechtures with similar specs. The hard drive can be replaced by a flash IDE drive if your space requirements are small enough.

Cisco still wins on speed when all you're doing is routing, and in many other situations, but the firewall isn't that impressive.

Wouldn't the computer architecture make an OpenBSD router less stable?

Not necessarily, it runs on a lot of different architectures... Xeon's, Opterons, PowerPC, MIPS, etc. If you didn't have to patch, uptimes of years wouldn't be a problem.

Re:pfsync/CARP (0)

Anonymous Coward | more than 9 years ago | (#9026201)

www.soekris.com / www.opensoekris.com

Re:pfsync/CARP (1)

mistermark (646060) | more than 9 years ago | (#9026220)

>Wouldn't the computer architecture make an OpenBSD router less stable? Well, choose a stable computerarchitecture :-) I use a (in other terms) obsolete Sun Ultra1 on OpenBSD/Sparc64, runs like a dream ... hardwarecost: $40 softwarecost: $0 (though I should buy the CDs, just for the stickers!) It feels criminal, so much quality for so less money, even beats the cheaper craprouters...

Re:pfsync/CARP (5, Informative)

PatJensen (170806) | more than 9 years ago | (#9025921)

When you can do the following, OpenBSD will be a Cisco IOS killer.
  • Configure, maintain and secure your routing protocols and interfaces in one easy to read and edit configuration file.
  • Store the configuration in solid-state flash memory.
  • Upgrade the entire OS by TFTP'ing a single file.
  • Provide support for many types of LAN and WAN interfaces (DSx, hardware accelerated ATM segmentation and reassembly, etc.)
  • Provide support for layer 2/3 QoS packet tagging in hardware (on ALL WAN interface types i.e. ATM, Frame, DSx) to reduce CPU load on distribution routers.
  • Handle IPv4 traffic routing in hardware, with the OS just maintaining flow state information.
  • Provide support for the plethora of legacy protocols that are on corporate networks (DLSw, X.25, etc.)
When the only tool you have is a hammer, everything looks like a nail.

-Pat

Re:pfsync/CARP (0)

Anonymous Coward | more than 9 years ago | (#9026071)

Here's a little surprise for you:

I have a cisco 2600 gathering dust in the corner
because I could't get the TAC to provide me with
their "free" IOS upgrade for the last couple
disclosures.

Guess what's shuffeling packets in it's place?

That hardware/NVRAM equation is not such a hard
nut to crack. Even a modest amount of cisco
equipment uses PCMICA cards to store their IOS.
Take a *CLOSE* look at the latest VIA EISA
offerings.

The fact that I have a well understood underlying
BSD operating systems with thousands of dedicated
fanitical BSD hackers working on upto the moment
solutions for me is nothing more than *GRAVY* and
make the solution space for standard off the shelf
packet shuffeling problems extremely obvious.

Stick that in your 50x earnings pipe and smoke it.

Re:pfsync/CARP (-1, Troll)

Anonymous Coward | more than 9 years ago | (#9026237)

Here is a little surprise for you:

There are not "thousands of dedicated fanitical
[sic] BSD hackers working...".

Most of the self proclaimed kernel gurus who
actually did anything in the early 90's now just
sit on their asses flaming anyone who question
them, and pat each others backs about how much
better they are than Linux.

And there aren't even many of them left... a
handful maybe. The rest are thousands of
dedicated, fanatical BSD *zealots* who do much
the same thing.

Stick that in your BSD zealot pipe and smoke it.

Re:pfsync/CARP (1)

ATomkins (564078) | more than 9 years ago | (#9026084)

Yeah, OpenBSD needs a few more of these [slashdot.org], too!

Everybody knows that security flaws are what makes a system popular.

What? (1, Informative)

Anonymous Coward | more than 9 years ago | (#9025880)

"The word just hit the announce@openbsd.org mailing list..." You act as if this is big news. New versions are always released in May and Nov.

Wait a second.... (-1, Troll)

nil5 (538942) | more than 9 years ago | (#9025882)

You mean it's not really dead?

Sometimes you can't trust slashdot, can you.

Monty Python clone??? wtf? (3, Interesting)

Billly Gates (198444) | more than 9 years ago | (#9025883)

Eagerly, awaiting the openbsd 3.5 theme song I ftped into one of the mirrors [openbsd.org].

Anyway I downloaded the 3.5 song and found it about a protest on cisco patents on rundantant firewalling and vrp in a monty python format.

Strange but somewhat ammusing to say the least. Go download it [openbsd.org].

yea (3, Informative)

Anonymous Coward | more than 9 years ago | (#9025884)

seems main ftp server is down. remember there are the mirrors if you guys want to get it. http://openbsd.org/ftp.html

and OpenBSD Rocks!

Every Hacker's Wet Dream (0, Flamebait)

INeededALogin (771371) | more than 9 years ago | (#9025885)

We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install.

Every Hacker dreams of finding a way to hack the 5 people who use it:-)

Seriously, how many people use OpenBSD... I got one of those cool wire daemon shirts that they put out, but I wouldn't dare run it:-P

Not trolling... just that I have never met anyone IRL that runs this.

Re:Every Hacker's Wet Dream (1, Interesting)

Anonymous Coward | more than 9 years ago | (#9025895)

From what I understand, Earthlink has a lot of OpenBSD machines that are currently in production.

Re:Every Hacker's Wet Dream (2, Interesting)

no reason to be here (218628) | more than 9 years ago | (#9025923)

my formerly slackware-lovin', now debian-lovin' former roommater, despite his love of Tux and all things penguin, has started using OpenBSD for his router/firewall. If he's using it, i imagine their must be at least another dozen out there that use it. :)

seriously though, just check netcraft. there are lots of sites hosted on OpenBSD.

Re:Every Hacker's Wet Dream (0)

a whoabot (706122) | more than 9 years ago | (#9025965)

My comrade uses it for a combo router and webserver. And that's the only person I know who runs a server, or uses anything other than those D-Link or Linksys things as a router.

Re:Every Hacker's Wet Dream (5, Funny)

TheHonestTruth (759975) | more than 9 years ago | (#9026050)

Be at the Burlington Mall in Burlington, MA tomorrow, in the Food Court near Quiznos at 5 PM EDT. I'll be the guy shaking your hand. Then we can end this "I never met anyone IRL that runs this" farce.

-truth

Re:Every Hacker's Wet Dream (0, Offtopic)

Monistat7 (663761) | more than 9 years ago | (#9026077)

I prefer the chinese food places bbq pork... but I suppose I need to use up this coupon for a free sandwich after they jacked up my order. See ya there. ;) haha and that mall sux... just moved out here and its pathetic.

Re:Every Hacker's Wet Dream (0, Offtopic)

Fnkmaster (89084) | more than 9 years ago | (#9026127)

Dude, the Quiznos rocks the crappy Chinese food in Burlington, don't let anyone say otherwise. Anyway, don't go there anymore since I don't work in Lexington these days. But my memories of the Food Court are fond indeed.

Re:Every Hacker's Wet Dream (3, Interesting)

manifest37 (632701) | more than 9 years ago | (#9026151)

http://uptime.netcraft.com/up/today/top.avg.html [netcraft.com]
The sites with the longest uptime run OpenBSD
thats who uses it

Re:Every Hacker's Wet Dream (3, Interesting)

prockcore (543967) | more than 9 years ago | (#9026236)

http://uptime.netcraft.com/up/today/top.avg.html
The sites with the longest uptime run OpenBSD
thats who uses it


That's not a valid list.

$ uname -sr
SunOS 5.7
$ uptime
12:11am up 1585 day(s), 8:41, 1 user, load average: 0.27, 0.27, 0.26

That puts us in the top 10, and we're not the only ones. The problem is the uptime solaris reports to netcraft rolls over every 495 days.

As a recent convert let me say (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#9025888)

OpenBSD rocks the labia, bitches!

Only one remote hole... (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#9025899)

yes, a hole in the ground far,far, away that is where the body of BSD lies....

my favorite comment from the changelog (4, Funny)

imac.usr (58845) | more than 9 years ago | (#9025901)

- Enable bus mastering on fxp(4). Oh yes.

I don't know what it means, but I approve.

Re:my favorite comment from the changelog (1, Offtopic)

Deraj DeZine (726641) | more than 9 years ago | (#9025930)

Asked for comment, the Kool-Aid Man responded: "OH YEAH!!!!"

HEY MODS, RTFA (Scoré: 5, Informative) (0)

Anonymous Coward | more than 9 years ago | (#9026043)

RTFA [google.com]

Re:my favorite comment from the changelog (4, Informative)

Gogo Dodo (129808) | more than 9 years ago | (#9025960)

fxp [openbsd.org] is the driver for the Intel PRO/100 Ethernet adapters.

Re:my favorite comment from the changelog (0)

Anonymous Coward | more than 9 years ago | (#9026115)

OpenBSD has full hardware support for a 8 year old card. oh yes.

Re:my favorite comment from the changelog (0)

Anonymous Coward | more than 9 years ago | (#9026110)

Apparently, bus mastering is the technique of writing directly to memory and bypassing the motherboard's CPU which is used by video cards (overlay), nics, etc. So I think it's a speed thing.

Happy user since 2.7 (4, Insightful)

Daimaou (97573) | more than 9 years ago | (#9025910)

I would like to offer my thanks to the OpenBSD team here on Slashdot, where it will promptly be lost in hundereds of other posts.

I have used OpenBSD since 2.7 as a firewall, a web server, and a file server. There are a lot of unix-like operating systems out there, but for me, nothing can beat the simplicity and security of OpenBSD in these areas.

I'm also extremely happy with the ease of applying patches on OpenBSD. It makes remote management the easiest thing in the world (well, from a unix perspective anyway).

If you haven't tried OpenBSD, and are looking for an excellent server OS, I highly recommend giving it a try. I would recommend supporting the effort by buying a CD too.

Re:Happy user since 2.7 (-1, Troll)

Anonymous Coward | more than 9 years ago | (#9026140)

*BSD faces a very bleak future. I've seen the same boring cut-n-paste "BSD is dying!" trolls for years now too, so don't dismiss what I have to say as another one of those. I researched many compartive points about all the various flavours of *BSD after my comptroller asked me to deploy an OpenBSD firewall.

Granted 4.2BSD was a very fine OS, but that was in 1983. 4.4BSD, and its brother 4.4BSBD-Lite, were abymsmal performers at best during their heydey in 1993-4. Both Solaris and HP-UX had networking stacks that supported "long fat pipes," multicasting, and TCP header header prediction years before 4.4BSD did.

I don't know why 4.4BSD-Lite became so popular. Perhaps because it was released as OpenSource in 1994? But even then there were much better TCP/IP stacks and VM schemes in use (Solaris, AIX) so availability of source code was an insignificant win at best. All OpenSource does is allow poor quality code to be re-circulated and reused again and again in new systems, while high quality and RFC compliant code is relagated to the pay environment.

Regardless, the codebase of 4.4BSD-Lite became the stepping stone for all the *BSDs that are still around now. The main three *BSDs (FreeBSD, OpenBSD, NetBSD) all use at least 85% of 4.4BSD-Lite's source code, with the rest being mostly new userland code, TCP/IP updates, and multiprocessor support.

The commerical offering, BSDI, is even more appaling - a source code diff shows roughly 94% code reuse. Paying for an archaic and outdated OS...that would explain why BSDI has less than 2% of the server market.

FreeBSD has very close ties with BSDI. I'm not one to preach doom by association, but I'm afraid FreeBSD has doomed itself by the move. If that isn't enough, FreeBSD's Orange Book security certification is horrible. Even NT can do better than it!

FreeBSD has a reputation of being the "fastest" BSD on x86 hardware. Actual memory bandwidth performance is a fraction of all of Sun's offerings, and the multiprocessor support is a joke since it has a poorly implemented semaphore locking mechanism. I hear a total re-write is planned, and perhaps even a security audit too, so /maybe/ by 2005 FreeBSD will be a contender in the low-end server market.

NetBSD, I'm afraid, is dead before it got off the ground. The goal of running on as many platforms at once is a noble and idealistic one, but in the real world its useless. At best NetBSD is a mediocre hobbyist OS that runs on outdated computers. A match made in hell it would seem, since ancient source code has been hacked to run on ancient computer. Its ports to systems such as the Dreamcast are total folly, offering no more real world use than GUI systems on headless servers. And I think the installed user base of less than 10,000 speaks for itself.

I was hopeful OpenBSD would be better as its reputation for security is interesting. Sadly, its another strikeout. OpenBSD's filesystem is extremely slow, and hardware support is nearly nonexistant. There are also numerous political issues surrouding its development team that are eating away the last bit of hope. Perhaps the reason it is secure is because no one bothers to hack it since the "prize" is mostly worthless.

*BSD users too are dooming thier own OS. As a group, they are a very vocal and rowdy bunch. No real help is given to new users and such an elitest attitude is suicide.

I chose to not deploy an OpenBSD based upon these reasons. It is my humble opinion that either NT or Solaris be used for any significant work, and *BSDs be left to the hobbyists.

2 Remote Holes in 8 years (0)

Anonymous Coward | more than 9 years ago | (#9025946)

We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install.

There was obvioulsy a remote hole when they started the 8 year run as well.

Re:2 Remote Holes in 8 years (1)

Mycroft_VIII (572950) | more than 9 years ago | (#9026036)

And how old is OpenBSD? Eight years sounds about right, but I don't really know.
If it's only 8 years old then it really could be just one remote hole in it's entire lifespan.
Well I'm shure quite a few people here know how old OpenBSD is and will chime up, I'd be curious to see if my guess is right

Mycroft

"single remote hole" (0)

tunesmith (136392) | more than 9 years ago | (#9025954)

What was it?

Re:"single remote hole" (3, Informative)

Indy1 (99447) | more than 9 years ago | (#9026032)

it was a bug in openssh, which if i remember correctly, would of been tricky to exploit in the first place.

Re:"single remote hole" (0)

Anonymous Coward | more than 9 years ago | (#9026044)

my ex-wife.

never-been-rooted claims getting sillier (3, Funny)

SuperBanana (662181) | more than 9 years ago | (#9026013)

We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install.

Prediction for OpenBSD 6.0 announcement:

"We remain proud of OpenBSD's record of 15 years with only a single remote hole on a 986, executed from a windows system over a local network by a person under the age of 18. On tuesday. During a full moon. At low tide."

Re:never-been-rooted claims getting sillier (4, Interesting)

0racle (667029) | more than 9 years ago | (#9026111)

How is it getting sillier? Because they increment it once a year when there wasn't a hole that year, or are you just so used to using something else that you just cant believe that something goes longer then a month without a catastrophic security hole.

Re:never-been-rooted claims getting sillier (0)

Anonymous Coward | more than 9 years ago | (#9026130)

... under a ladder, while a black cat crossed the server's path and a shards of a broken mirror lay nearby.

Fast AES (5, Interesting)

atrus (73476) | more than 9 years ago | (#9026014)

I found this part of the release notes particulary interesting:

OpenSSL now directly uses the new AES instructions some VIA C3 processors provide, increasing AES to 780MBytes/second (so you get to see a fan-less cpu performing AES more than 10x faster than the fastest cpu currently sold).

I don't know if the fanless assertion is right (the AES instruction is available in the newer (step 8?) Nehemiah processors, which I don't think there is a fanless version yet on the market.) Of course someone will prove me wrong.

Now all VIA needs to do is make a network centric Nano-ITX board (drop the video, audio, firewire, usb, etc etc, and add in two more good ethernet ports), and this could be a serious IPsec/VPN platform.

Re:Fast AES (3, Interesting)

CTho9305 (264265) | more than 9 years ago | (#9026073)

Why waste all the power on a Via C3 (multiple watts) when you could use an AMD Alchemy Au1550 [amd.com], which consumes less than 1 watt? The development board is MUCH smaller than any uATX-like form factor.

Re:Fast AES (3, Interesting)

atrus (73476) | more than 9 years ago | (#9026104)

The AMD Alchemy is smaller, but with the C3+chipset being Intel/PC compatible, there already is a large base of software available for the C3. By extension, there are many more people familiar with programming things on PC operating systems, which makes the C3 an appealing choice. The Alchemy is more custom. While I'm sure the development kit for the Alchemy is good, it can't match the available software base of PCs. Need to add a DNS server? There are numerous ones available which meet different needs. While you probably could port one of the DNS servers to run on the Alchemy, this is a time consuming operation.

My success with OpenBSD (-1, Troll)

Anonymous Coward | more than 9 years ago | (#9026034)

I am a Computer Information Systems Professional [devry.edu] at a major Fortune 500 corporation. Very recently the head of our IT department decided that we were going to switch every one of our networks over to Windows XP Professional. We had previously been running OpenBSD on all our quad processor Xeons. Some of them had had uptimes approaching a year! My personal favourite, Gerbil, had been running without a reboot for three years.

One day one of those Microsoft shills that you often read about on The Register [theregister.co.uk] came by for a visit. I grew very suspicious about what was going on when my boss and the Microsoft representative walked by my desk, and entered the server room. I could hear muffled voices through the closed door. The Microsoft representative was asking what we were running on our servers! My worst fears had come true. I sat at my desk for the rest of the day, silently awaiting the bad news. The news did not come until the next day. It was worse than I had feared. We were to be a Microsoft only shop from that day on! I could not believe it. The Microsoft representative had told my boss that the operating and support costs would actually go down. And my boss had fully bought into it, hook, line, and sinker.

Tough times hit our company in the last month, and we were forced to lay off a few of the less experienced IS/IT workers. One of them took this rather hard. As a last minute attempt at corporate sabotage, he decided to change all of the Computer Administrator passwords on a few of the XP Professional boxes sitting around in the server room. This caused absolute havoc, as Dell had failed to send along administrator passwords for the new boxes. Our company could not make use of these computers for three days. It took Dell that long to get us the administrator passwords. It is strictly because of Microsoft's poor implementation of a multi-user computing environment that our company lost three days of productivity.

Needless to say, I had our quad Xeons back running OpenBSD by the end of the week. Gerbil is back on its way to another glorious 3 years of uptime.

k, troll, I'll bite.... (5, Insightful)

TheHonestTruth (759975) | more than 9 years ago | (#9026067)

I am a Computer Information Systems Professional at a major Fortune 500 corporation.

ok....

Very recently the head of our IT department decided that we were going to switch every one of our networks over to Windows XP Professional.

Hmmm.... ok. I guess that's possible.

We had previously been running OpenBSD on all our quad processor Xeons.

*bzzzzzt* You are either lying or dumb. Why install OpenBSD, which I admittedly love and am not biased against, on a quad processor system when SMP is in like alpha stage, beta at best? Because you're trolling or have no idea what you are doing. Next!

-truth

Re:My success with OpenBSD (1)

GregChant (305127) | more than 9 years ago | (#9026100)

I am a Computer Information Systems Professional at a major Fortune 500 corporation.



For the rest of us, please read as; 'I am a systems support analyst for a company that doesn't know any better.'

I'll bite too... (5, Informative)

Anonymous Coward | more than 9 years ago | (#9026171)

Let's begin hacking this one apart :P

1) Devry... nice.. :P not.
2) A company capable of buying quad xeon hardware doesn't sound like the kind of cmopany that needs to resort to running a workstation OS--XP Professional--on a server. Plus, Windows XP will only use 2 CPUs maximum.
3) Like mentioned before, you'd never run OpenBSD on an SMP box in a production scenario
4) What kind of password? The Windows XP password has nothing to do with Dell. If you mean the BIOS password, that has nothing to do with Windows.
5) Microsoft's multi-user computing (read: NT Domains/Active Directory) is actually quite good.
6) If your server had three years of uptime, there was probably (I'm sure there wasn't but I don't want to be wrong) no OpenBSD SMP support (not even beta) 3 years ago... I wonder how your boss feels about a server having 75% of its computing power being unused.

There's more wrong with your post, but why bohter...

Isn't it about time... (4, Funny)

AvantLegion (595806) | more than 9 years ago | (#9026059)

... for remote hole #2?

Re:Isn't it about time... (0)

Anonymous Coward | more than 9 years ago | (#9026157)

Doubtful. People just LOVE to make fun of OpenBSD when it gets a remote hole yet the people who are doing the laughing aren't exactly people who can claim similiar track records.

Downloadable ISO? (0)

Anonymous Coward | more than 9 years ago | (#9026078)

So is there a bootable ISO that one can download and install from? What's the easiest way to get this OS onto a new hard drive?

Re:Downloadable ISO? (0, Flamebait)

NynexNinja (379583) | more than 9 years ago | (#9026183)

Theo is too BSD to give away ISO's.

God forbid you download only what you need. (0)

Anonymous Coward | more than 9 years ago | (#9026203)

I forgot, these days it's "cool" to buy, download, or otherwise procure 10 times more of everything than you'll ever use, so that you can throw the rest away. Conservation of resources is for those who don't respect the homeland, and what it stands for.

Was anyone else pissed when... (-1)

Anonymous Coward | more than 9 years ago | (#9026107)

...theo opened his big trap and started spouting
off at the mouth about the Iraq war?

At the time, the project had Air Force DARPA grant to improve and enhance OpenBSD and I was this close (holds thumb and finger about 1/4" from each other) from convincing my command to switch from Sidewinder to OpenBSD. ...good coder, but fscking political dumb-ass.

FREE SPEECH (0)

Anonymous Coward | more than 9 years ago | (#9026178)

Deal with it.

Your should be pissed at your command, not Theo (0, Troll)

Anonymous Coward | more than 9 years ago | (#9026193)

"He said something I don't agree with.. OUT LOUD! You can't do that in America. Now I just can't trust his operating system, even though it's open source. It's gotta have some kind of commiehole in there somewhere. Look at me, I'm smart!

Re:Your should be pissed at your command, not Theo (0)

Anonymous Coward | more than 9 years ago | (#9026205)

Exactly!

What's his point? He can only use stuff that is coming from people he agrees with? Even if it is inferior?

Re:Was anyone else pissed when... (2, Funny)

Cyno01 (573917) | more than 9 years ago | (#9026223)

I really dont think sidewinders should be replaced with OpenBSD, maybe AMRAMs, but not sidewinders...

Now if... (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#9026135)

Now if Theo wasn't such an ASSHOLE things would be great.

But as things stand, I know any number of people who'd rather vomit all over him than use his otherwise excellent system.

It's just that he's so revolting.

Clue me in, why is he such a bumscag? (0)

Anonymous Coward | more than 9 years ago | (#9026166)

n/t

My addition (4, Interesting)

bobtheheadless (467304) | more than 9 years ago | (#9026184)

Everybody has their OpenBSD quips, so I may as well add mine.

I've been using OpenBSD since 2.8 and have loved it since. It was the first UNIX-like OS I used. I currently use it on one box for my firewall, but have switched to gentoo for the web & mail servers.

Thats not the best part though. I have some friends who needed a residential gateway, and I set them up with an old box running obsd 3.1, and its been running non-stop (aside from power outages) since, with no problems. I keep telling them I should upgrade them, but it really isn't required.

Anyway, thats my addition. I wonder if anybody will have the paitence to read this far down in the comments. Hmmmm...
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...