Linked by Thom Holwerda on Wed 3rd May 2006 20:26 UTC, submitted by anonymous
OpenBSD SoftwareInReview reviews OpenBSD 3.9. "The improved package tools make OpenBSD much easier to install, upgrade, and maintain. For those who need to install several programs on top of the base system, the new package tool functions are priceless."
Order by: Score:
v A goddamned wishlist?
by Janizary on Wed 3rd May 2006 21:21 UTC
That was pretty terrible.
by MrDomino on Wed 3rd May 2006 21:38 UTC
MrDomino
Member since:
2006-01-10

The guy agrees completely with OpenBSD's "no blobs" policy, then suggests that Java be included as a binary blob? And then he goes on to call WPA a "lousy" encryption method?

The reviewer does not seem to have much of an idea of what he's talking about.

Reply Score: 5

RE: A goddamned wishlist?
by ozonehole on Wed 3rd May 2006 22:09 UTC
ozonehole
Member since:
2006-01-07

What the hell is that? A review is not a place to tell people what you wish would happen in OpenBSD - because unless you have the patch it's not happening.

The guy that did the review obviously didn't understand OpenBSD enough to know the simple standard, "shut up and hack."


Thank you for bringing this regulation to our attention! Yes, it says right here in the OpenBSD license, rule No. 47:

47) It is forbidden to criticize OpenBSD or to suggest improvements. OpenBSD is flawless and does not need improvements. The OpenBSD team does not want feedback from its users. Just buy a set of CDs every six months, shut up and hack.

As always, the penalty for violating these rules is to be publicly flamed to a crisp.

Edited 2006-05-03 22:14

Reply Score: 5

v RE[2]: A goddamned wishlist?
by Janizary on Wed 3rd May 2006 22:40 UTC in reply to "RE: A goddamned wishlist?"
RE[3]: A goddamned wishlist?
by thebluesgnr on Thu 4th May 2006 01:47 UTC in reply to "RE[2]: A goddamned wishlist?"
thebluesgnr Member since:
2005-11-14

Actually, users are going to post their wishes on the products they use, and I'm not just talking about computers here. It's normal human behaviour.

If you don't like that you can "shut up and hack".

Reply Score: 2

RE[3]: A goddamned wishlist?
by ormandj on Thu 4th May 2006 02:06 UTC in reply to "RE[2]: A goddamned wishlist?"
ormandj Member since:
2005-10-09

You're going to go real far in life with that attitude....

|---| <-- ...about that far.

So, mind showing us some of your patches/contributions to OpenBSD? If you can't, then that means you are obviously not entitled to use OpenBSD even though it *is* BSD licensed. Maybe it should have been closed-source commercial software instead?

Don't be such an ass to people, nobody gave you any reason to react in such a defensive and downright insulting way.

As for the review, it was generally positive, yes there were a few inconsistancies, and I wouldn't typically suggest this kind of review to people to read for information, but hey - it's positive publicity at least. It seems more like a quick "it's pretty good I just wish it had a few more features" type blog entry. I'm not a fan of blogs, nor these quick reviews, but if it's your thing, this one isn't TOO bad.

Reply Score: 2

v RE[4]: A goddamned wishlist?
by Janizary on Thu 4th May 2006 06:41 UTC in reply to "RE[3]: A goddamned wishlist?"
v Question about BSD security.
by Eric Martin on Thu 4th May 2006 02:21 UTC
RE: Question about BSD security.
by Janizary on Thu 4th May 2006 06:47 UTC in reply to "Question about BSD security."
Janizary Member since:
2006-03-12

Well, Java is proprietary, it is controlled by a company which will not release control over it. Since it is mid-high level, it is also slow. It is not as powerful as a lower-level, faster language. And it is not as popular with the more talented programmers, who generally stick to C and it's dialects.

Because of this, there's not as big of an interest in a Java operating systems, hell, Java's big selling point is supposed to be it's platform independance, not it's security.

Edited 2006-05-04 06:55

Reply Score: 0

RE: Question about BSD security.
by BryanFeeney on Thu 4th May 2006 12:37 UTC in reply to "Question about BSD security."
BryanFeeney Member since:
2005-07-06

BSD has security because of bounds checking and memory checking.

Every operating system does memory checking (hence "memory management"). No operating system does bounds checking. Your comment makes no sense.

OpenBSD is secure because
1) The OpenBSD team created an extension to C (strlcpy and strlcat) that helped developers do safe text manipulation in C. They then audited a huge amount of user-space code to use these functions to replace strcpy() and strcat()

2) With regard to memory usage:

i) OpenBSD randomises the stack so that buffer overflow attacks can't execute malicious code (buffer overflow attacks work on the assumption that the stack will be in a certain state).

ii) OpenBSD uses a special version of malloc() to randomise allocations

3) OpenBSD supports the "no-execute bit", even in software, so that code in an application's data-segment cannot be executed (another componenent of buffer overflow attacks)

4) The OpenBSD team manually audits every program in the core distribution to ensure it is correct. They are still using gcc 2.95 in part because they can be certain it is bug-free.


In short, OpenBSD's success is due to building security concepts into the operating system, and auditing all the software that they provide.

JNode has not done any of these audits, and while it doesn't have to worry about buffer overflows, there is no guarantee (as it has not been auditted) that other attacks may not be possible. Further, JNode can not yet match the performance of OpenBSD for file-serving, web-serving and other common server-based tasks. It has potential, but it is nowhere near there yet.

Edited 2006-05-04 12:39

Reply Score: 3

Janizary Member since:
2006-03-12

Actually, gcc 2.95 is still used on a few platforms in order to still have a system which can compile itself, gcc 3 dropped platforms that OpenBSD supports.

Reply Score: 1

Eric Martin Member since:
2005-11-11

http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handboo...
http://en.wikipedia.org/wiki/Buffer_overflow

Most of your replies revolve security of the language used to build openbsd. It's repetitive. - 1.Use of special malloc 2. Moving the stack because of overflows.



Jnode has security built into it by the computer language /virtual machine.

Reply Score: 1

A review?
by Soulbender on Thu 4th May 2006 05:07 UTC
Soulbender
Member since:
2005-08-18

How is this a review of anything? It is basicly some general OpenBSD information, a small list of what's new, an even smaller wishlist and "the new package tools are good".
By no stretch of the imagination does this constitute a "review" of any kind.

Reply Score: 2

Desktop
by Andre4s on Thu 4th May 2006 09:06 UTC
Andre4s
Member since:
2006-02-10

Is it Gnome that is the default desktop in OpenBSD also or?

Reply Score: 0

RE: Desktop
by Soulbender on Thu 4th May 2006 10:29 UTC
Soulbender
Member since:
2005-08-18

"Is it Gnome that is the default desktop in OpenBSD also or?"

There is no default desktop.

Reply Score: 2

RE[2]: Desktop
by Janizary on Thu 4th May 2006 13:44 UTC in reply to "RE: Desktop"
Janizary Member since:
2006-03-12

No, FVWM is actually the default, it comes setup when you install X on OpenBSD.

Reply Score: 2

RE[3]: Desktop
by Soulbender on Thu 4th May 2006 13:54 UTC
Soulbender
Member since:
2005-08-18

I presumed the OP ment "Desktop Environment", such as GNOME or KDE, but yes the default is FVWM.

Reply Score: 1

OpenBSD 3.9 on an iMac
by bsd_geek on Fri 5th May 2006 00:07 UTC
bsd_geek
Member since:
2006-05-04

Okay, I have used OpenBSD on Intel machines in the past but this is the first time that I'm actually going ot try it on a Mac. I had aquired an old iMac from a co-worker so I thought, "Great! I'll install BSD on it."

I first tried NetBSD, but the install documents left me with alot of questions and there seemed to have beem some holes in the docs (i.e. how so I get the blah.xcf file into the HFS partition?). As a result of my confusion, I thought I'd look into OpenBSD. I downloaded the macppc boot ISO, followed the booting instructions (i.e. stick in the disc, hold down 'C' while booting) and I got it to boot OpenBSD.

From there, I followed the easy to follow prompts (prompts that any bonehead idiot like me can follow) and within a few minutes I had everything configured to go and had the install sets downloading from the ftp site.

Now I sit here waiting for it to finish downloading. I guess I'll post back any comments to how it runs once it's installed.

OpenBSD is great!

Edited 2006-05-05 00:15

Reply Score: 1