Why is he so smug?
Other urls found in this thread:
gnu.org
csoonline.com
blog.netbsd.org
youtu.be
xenocara.org
github.com
twitter.com
He knows he's superior to everyone around him for using the OpenBSD operating system
OpenBSD is a meme
>Filesystem
default FS doesn't even support SSD TRIM, and I don't think OpenBSD supports anything modern like ZFS or BTRFS.
This is a problem because OpenBSD claims to be about security, but forgets that security is made up of three parts: confidentiality, integrity, and availability.
In this case, availability seems to be the one that's lacking. Who cares how hack-resistant your system is if the data you're protecting is corrupted?
That's not even getting into the volume management stuff that's missing, and the snapshots, and the everything.
>Security
"Only two remote holes in the default install!!!!!!!"
Yay!
I hope you realize that this literally only applies to a base system install with absolutely no packages added. In other words, not exactly representative or meaningful towards... anything really
>Sustainability
A few years ago, OpenBSD was actually in danger of shutting down because they couldn't keep the fucking lights on. How could anyone see this as a system they could rely on, when it could be in danger of ending at any time?
>Standards-compliance
"B-But OpenBSD is written in strictly standards-compliant C! Clearly that's better than muh GNU virus!"
So you're not allowed to create extensions to the standard? You should only implement the standard and nothing more? Keep in mind that this is nothing like EEE, as the GNU extensions are Free Software, with freely available source code, as opposed to proprietary shite. People should be allowed to innovate and improve things.
If you're gonna be anal about standards-compliance, then why let people make their own implementations anyway? Why not have the standards organizations make one C implementation and force everyone to use it?
>written by the developers, for developers
>developers have zero tolerance for proprietary foolery and cut off communication with companies that play the NDA game
>stellar record for correctness, usability, and security
>world-class documentation
>developers have a track record for doing things right and not chasing the latest trends
he has every right to be smug
>GNUfags on my board
Struck by the small number of reported BSD kernel vulnerabilities compared to Linux, van Sprundel sat down last summer and reviewed BSD source code in his spare time. "How come there are only a handful of BSD security kernel bugs advisories released every year?" he wanted to know. Is it because the BSDs are so much more secure? Or is it because no one is looking?
van Sprundel says he easily found around 115 kernel bugs across the three BSDs, including 30 for FreeBSD, 25 for OpenBSD, and 60 for NetBSD. Many of these bugs he called "low-hanging fruit." He promptly reported all the bugs, but six months later, at the time of his talk, many remained unpatched.
"By and large, most security flaws in the Linux kernel don't have a long lifetime. They get found pretty fast," van Sprundel says. "On the BSD side, that isn't always true. I found a bunch of bugs that have been around a very long time." Many of them have been present in code for a decade or more.
Source:csoonline.com
Also from your link:
>van Sprundel also praised OpenBSD's response to his bug findings, saying that De Raadt responded within a week, and OpenBSD patched the flaws within a few days.
So much for reading comprehension, eh?
This. BSDs are 'secure', because nobody uses them. They likely have so many kernel bugs all over the place.
Linux at the very least has more eyes on it so things get found quickly.
Of course none of the above systems would have nearly as many of such security issues in the first place had they had the sense to adopt the superior microkernel design.
Someone from NetBSD recently audited their network stack and found bugs so old that they existed in the other BSDs as well