OSNews

I don't think you will ever see something like that. Microsoft doesn't have a hate relationship with the BSDs like they do with linux. The problem is linux users are always touting how wonderful linux is and sooooo much better than Windows. You don't see BSD people doing that and they are a lot more tolerable of Microsoft than linux users are. Additionally Microsoft has used BSD code in the past, not sure if they still do or not.

That is why Microsoft is tolerant of BSD... they like to go in, take what they like and not have to listen to the whining afterwards.

If the BSD guys do not mind others using their work, so what ?

Feeding a troll is something stupid, but I cannot resist - real freedom is something other than RMS GPL dictatorship. Most Linux zealots will never understand this, because real freedom needs courage. And guess what? Real freedom is based on respect and common sense too. They're "whining" about this lack of respect. But apart from that most *BSD guys just code and tell people one or two times in the year about their "problems". Linux guys are whining every hour, every single day in year. Linux users are at "war" against Windows and other Linux distros. "Hating" Windows is the common denominator in Linux communities, without it you would have the essence of it - able people who build Linux instead of spreading hype and FUD altogether.

... and thanks for all the fish.

I've always liked the tagline (no idea where/when it originated):

Linux is for people who hate Windows,
*BSD is for people who like Unix.

Mine is:

Linux is only free if your time is worthless

You know why most OSS developers prefer the GPL and _not_ the BSD license? Well, I'll tell you: It's exeactly that: They don't want the company of a closed source OS to take away their code and lock it away.

"You know why most OSS developers prefer the GPL and _not_ the BSD license?"

What's your definition of "most"?
None of the below projects are GPL:
Apache
Sendmail
BIND
Perl
Python
OpenSSH
X.org
XFree86
PHP
Mozilla/Firefox/Thunderbird

"YOU ARE WRONG , some of those you listed are GPL , most of them are NOT BSD."

So? I never said they're BSD, I said they're not GPL and that's true in every one of the cases (and more) except for the tri-licensed Moz/FF/TB. and dual-licensed Perl (which still supports my point, they're not GPL only).

Edited 2007-03-15 08:07

"I never said they're BSD"

It was implied , sorry.

"I said they're not GPL and that's true in every one of the cases"

that's where you are wrong and have been proved false by me.

"which still proves my point"

No , it prove that some software who are in high usage do not use the GPL or are GPL and licensed with something else , The point you where refuting is that the majority is not GPL , you failed to achieve it by offering false information and being wrong.

" they're not GPL only)."

Your false point was , they are not GPL. You just added only now. You still fail to prove majority to other license or something else then GPL.

"Your false point was , they are not GPL. You just added only now."
Really now, shall we see what I actually did say:

"None of the below projects are GPL:"

And that is true, they aren't. They are either not GPL or multi-licensed where *one* license is GPL and thus you arent coding for a GPL project since your code can (and will) be licensed under some non-GPL license.
I don't mind the GPL but with so many cornerstone projects NOT being GPL saying that "most OSS developers prefer GPL" is a far stretch. No doubt many do but many != most.

Apache is neither BSD or GPL..
http://www.apache.org/licenses/LICENSE-2.0 - Although it's compatible with the GPL..

BIND does use a modified BSD-like licence!!

Permission to use, copy, modify, and distribute this software for any purpose with or without fee is hereby granted, provided that the above copyright notice and this permission notice appear in all copies.

Perl is GPL, but is also under an Artistic License...

Python is under a BSD-like licence!!
(1) GPL-compatible doesn't mean that we're distributing Python under the GPL. All Python licenses, unlike the GPL, let you distribute a modified version without making your changes open source. The GPL-compatible licenses make it possible to combine Python with other software that is released under the GPL; the others don't.
http://en.wikipedia.org/wiki/Python_Software_Foundation_License

X.Org's licence is a MIT ("X") License, Which again.. Is a Modified BSD Licence!!
http://en.wikipedia.org/wiki/MIT_License

XFree86 is under a BSD-like licence also.. With various incompatibilities in specific versions.

And PHP.. The licence is almost absolutely a Modified BSD licence..
http://www.php.net/license/3_01.txt

Each have various clauses you have to agree with, But there not too extreme.
(PHP's for example looks generic.. You could make a proprietary version called TIN-PEE-H-PEE This is not PHP.. if you wanted!!)

Truly Mozilla/Apache/Perl are the only ones on there that have licences that are not modified BSD licences..

Maybe your just uneducated, But if you didn't know this already.. The BSD licence TEXT is public domain, You're free to modify it accordingly for use in your code/project..
(Not the licence on someone else's project/code though..).

http://en.wikipedia.org/wiki/BSD_licence

So stop trolling Moulinneuf!!

Edited 2007-03-15 08:54

"No , you are perfect in the eyes of your mommy with glass that can beat the hubble telescope range vision of space will being on earth..."

Huh?

"In other word if BSD is the best why are people Buying and funding windows and GNU/Linux more ?"

Why are people buying and funding Windows more than Linux?

If your glasses give you better space clarity then the Hubble space telescope who is in space to avoid heart interference , you got huge thick glass that are out of this world. Meaning your mom is blind and telling you you are perfect because she love you , not because she can really see you.

I can't tell if you're just mangling the concept of "ugly baby syndrome," or if you're also trying to suggest that the Hubble telescope has a heart condition...

Dude, you mangle the English language a wee bit often when you rant.

I am not mangling anything , the concept is "to be blinded by feeling witch have no basis on reality".

Uh, yes. In other words, "ugly baby syndrome" - aka "Well, it may be ugly as sin, but it's still our baby." Despite your insistence on over-explaining, it's not really a novel idea.

Now, I must be off - my latest issue of Tiresome Exposition Monthly has just arrived. It's the journal of needless exposition and those who expound (naturally).

Microsoft doesn't have a hate relationship with the BSDs like they do with linux. The problem is linux users are always touting how wonderful linux is and sooooo much better than Windows.

You make it sound like one has to do with the other; it doesn't.

The reason why Microsoft like BSD and not Linux is that they can (and already have) taken code from BSD and incorporate it in Windows without releasing the source code, but they can't do it with Linux. Also, BSD just isn't as big a threat as Linux at the moment.

And sure, a lot of Linux people hate Microsoft and Windows but given that this is based on a lot of people's experience of Windows as a buggy, crappy product, and of Microsoft as a predatory, dishonest organisation, that attitude need not be, and indeed, isn't limited to Linux users but also extends to BSD users, BeOS/Haiku users, OS/2 users...

Equally, there are Linux people who do not like slagging off MS or Win.

"""
The reason why Microsoft like BSD and not Linux is that they can (and already have) taken code from BSD and incorporate it in Windows without releasing the source code, but they can't do it with Linux. Also, BSD just isn't as big a threat as Linux at the moment.
"""

I would reverse the priorities of those two factors.

I think it has everything to do with the level of threat.

I don't see code swiping as being all that major a factor.

Differences in internals limit the value of literal copying of code even between Posix compatible OSes. (Which is why I'm not too overly concerned about Sun's choice of licenses for Solaris.)

Linux and Windows are far more distant from each other.

True enough, but then BSD developers don't deny the validity of the IDEA of proprietarizing open source code, Linux developers do. That's probably closer to what I was trying to get at.

OpenBSD already is the second most popular BSD after FreeBSD (I don't count MacOSX as a BSD) and that's a lot considering that you have to buy the OpenBSD CDs vs. just download FreeBSD.

I don't run OpenBSD but a am aware of it, I just don't need that type of security on my home machine. GNU/Linux trumps in convenience. But let me tell you I have a lot of respect for OpenBSD and should I ever need that type of security I know where to find it.

You can, "just download," OpenBSD. Netinstall is the most common method of installation for me and many other people, despite owning CDs. What you cannot, "just download," are ISOs, those are sold as CDs as an attempt to recoupe some development costs.

That Linux convenience that trumps OpenBSD tends to be bought at the cost of the source itself, the freedom that the GPL attempts to force on people. In fact, many of OpenBSD's release songs and art have been focused on that, "Open Source-AMI," for 4.1 being the most recent.

Edited 2007-03-14 19:10

Netinstall is the most common method of installation for me and many other people, despite owning CDs

I bought a 3.9 CD, but I tend to do net-install anyway. The CD's are mostly a fund-raiser. I, too, like doing a base install and using ports to setup my system.

Certainly it is great as a server, but I also like to use OpenBSD on some of my older laptops. OpenBSD has great wireless support. When 4.1 comes out shortly (you can already pre-order CD's), it will have ACPI support, which will help immensely on newer laptops.

iirc you can download isos of OpenBSD, but from third parties... as long as they have put them together in a way that doesn't copy the layout of original purchased OBSD isos, as the original ISO layout is copyrighted.

Then you just do it?

Install a server, open the port. What would you prefer - everything open by default and you shut off what you don't need. This is PRECISELY the way a server should be.


The point is that it's not secure because of its internal architecture - it's secure because the doors and windows are closed.


You open telnet and you're as vulnerable as Windows.

You can lay claim to the title as MOST SECURE OS only if you can throw open all the ports and remain secure against attacks.

Edited 2007-03-14 20:05

You open telnet and you're as vulnerable as Windows.

Vulnerable to what? A brute force attack? Who cares? The point is that the default install is secure instead of wide open. I don't see the point you're trying to make.

Let me illustrate: would you rather stay in a house with open doors and windows or one with closed and locked doors and windows? Isn't it really pointless to say "Leave the door open and your house invites theives just like the no door house"? Because the answer is: "Well, it's a good thing I DIDN'T leave the door open!"

OpenBSD is intended to be secure, and you must manually open the ports and run services. To imagine security any other way is just silly.

Let me illustrate: would you rather stay in a house with open doors and windows or one with closed and locked doors and windows? Isn't it really pointless to say "Leave the door open and your house invites theives just like the no door house"? Because the answer is: "Well, it's a good thing I DIDN'T leave the door open!"



You can keep the house doors/windows wide open (ie having all the sockets/ports wide open) and if you can nail/bolt every single item in the house down to the floor/table (securing every single service and program) then thieves can walk in all they want but they can't walk out with anything. Think of it like Disneyland - anybody can walk in and use the rides and do whatever they want but nobody can walk out with Space Mountain in the back pockets.

Edited 2007-03-14 21:28

http://www.geetarz.org/funniez/pics/head-up-ass.jpg

...

No, OpenBSD is still more secure because of their constant audit of the entire code base and the protective countermeasures that they have put in place such as using the NX bit on newer processors, emulating this on older processors and randomizing the stack (Yes I know that this is possible on Linux but AFAIK it was in OpenBSD first and it is in there by default).

>Install a server, open the port.What would you prefer-
>everything open by default and you shut off what you
>don't need.
>This is PRECISELY the way a server should be.

Philosophically WRONG. Human nature will leave a few extras open because "hey it's working and the boss wants other stuff done" or because the sysadmin isn't totally expert.

On todays internet that philosophy increases your risks many times over.


>The point is that it's not secure because of its
>internal architecture - it's secure because the
>doors and windows are closed.

Yes doors and windows are closed but actually the OpenBSD team are close to being obsessed with security to an extent you have not comprehended. They see security partly as a by-product of quality and are totally serious about it.


>You open telnet and you're as vulnerable as Windows.

Firstly, with ssh to hand why would anyone use telnet.
(ssh being their own OpenSSH...)

Secondly, I cannot find an ordinary telnet daemon for OpenBSD (among the 4000 packages) though there is an encrypted version called "stel".

Get a hint: telnet is not a relevant issue.


>You can lay claim to the title as MOST SECURE OS only
>if you can throw open all the ports and remain secure
>against attacks.

You have missed the turn. Software security is still in the dark ages and nobody with sense offers the black hats more of a target than they have to.

And, why degrade the performance and responsiveness of a system with unnecessary stuff running in the background?

You are applying logic from the desktop domain to the server and router domain and as result you are just wrong.

The OpenBSD guys are far from arrogant about security: I would say its the MOST SECURE OS but that isn't how they describe it on their homepage.


You also didn't bother to check your assertions.

"You can lay claim to the title as MOST SECURE OS only if you can throw open all the ports and remain secure against attacks."

That doesn't make any sense to me. You cannot open all ports and hope to remain secure. You secure your home by closing and locking the door. You can't expect a whole lot of securety if you leave that door wide open.

"You can lay claim to the title as MOST SECURE OS only if you can throw open all the ports and remain secure against attacks."

By default all ports ARE open in OpenBSD (pf isn't enabled by default) although there isn't anything listening on most of them. The only ports that has anything listening on them by default are ident, daytime and time.
So by your own definition it IS the most secure OS.

No, it's only PRECISELY showing that you have no clue about software security.

With OpenBSD, you can have a secure system *and* leave the cable attached.

Seriously though, they have a fairly sound way to secure a system. By forcing the sysadmin to enable services that they need, they make it easier for the sysadmin to track security issues because they automatically know what is running.

They also avoid security issues popping up from services that are enabled by default, but they don't use or don't really need to use.

Off by default is exactly what I like. It is far easier to go and turn on what I need than to go and shut everything I don't need off.

As for Windows being made secure by yanking the ethernet cables. Well, at that point, you don't need very many Windows servces do you? So you're left with a bunch of services that are completely useless. You don't need much on OpenBSD at that point either. But since everything is off, they won't get in your way.

Ok, I admit. I'm running a linux box. I used to run a OpenBSD box while back and I'm seriously considering switching back.

"Nothing is opened by default - well exactly how the hell does that help me if I want to run services, install modules?."

I'll go out an a limb here and guess; you enable the services you want?

"Windows can also be made ultra secure if you just yank the ethernet cable."

That's an entirely different matter.

Why are people so stupid? Seriously, what kind of a question is that? Was it supposed to make me want to claw my eyes out?

Because GNU/Linux system are more secure , so there is less chance of a payout

When was the last time that a linux distro made the claim of "Only two remote holes in the default install, in more than 10 years!" for security? I think we would all love to hear you explain to us how linux is more secure.

Why are Servers and workstation and desktop and laptop not shipping in majority with OpenBSD as default ?

Because OpenBSD is a server OS meant for server hardware. That is why you don't see it on too many desktops or latpops. It can be used for such purposes as desktop/laptop, but not too many people do.

"Because OpenBSD is a server OS meant for server hardware. That is why you don't see it on too many desktops or latpops. It can be used for such purposes as desktop/laptop, but not too many people do."

A friend of mine actually uses OpenBSD on his workstation, a machine you cannot definitely identify as being a workstation or a server, it serves both purposes. Some things require basic knowledge to do (installing, configuring etc.), but that's obvious. People installing OpenBSD first read, then think, then do. "I just deleted my files, how do I get them back?" :-)

OpenBSD is even getting secure implementations to use with ACPI and other "modern" stuff. So the situation is constantly improving.

OpenBSD depends on 100 % functioning hardware. While "Windows" ignores hardware defects and just plays on, missing some bits here and bytes there, OpenBSD refuses to use hardware that is in unstable condition.

As it has been mentioned before, the people using OpenBSD know what they're doing. Nobody is that stupid to install a root account without password and having telnet enabled. So the concept of "open the ports that you need, the rest keeps closed" is very secure. As you surely know, the most security problems reside between keyboard and chair. :-)

Moulinneuf, I am suprised you still have a positive score with the way you comment on things, why do you even come here?

Default install is a key word, that means the software that OpenBSD is responsible for, including OpenSSH, Sendmail, Apache and BIND. Remote exploits in other software has nothing to do with OpenBSD, I'd don't think Microsoft is claiming bugs in QuickTime, so why would OpenBSD claim bugs in other people's software?

It's no lie that when OpenBSD says, this is how OpenBSD does things, if you don't do it the OpenBSD way you're on your own. That how everyone does things. Using Ubuntu? Do things the Ubuntu way or you're on your own.

The next two paragraphs, if they should be called that, make no sense what so ever, so consider this a response to them: "Snapple grasps tangos in the midmorning sun as the eagle flies over the trickling stream." It makes just as much sense.

BSD isn't dead, what pride OpenBSD has is based in it's track record, one that is reasonably proven, and I don't recall many fables being created by OpenBSD users, maybe you could tell as a yarn or two?

A majority of servers, workstations, desktop computers and laptops ship with Windows, is this because of the false claims of Redhat, SuSE and OS/2?

I don't recall anyone blaming GNU/Linux for anything, what on earth are you on about this time?

Notice how once Linux started winning he switched his trolling from Linux to BSD? I guess at least that shows he's got one more brain cell than tomcat; forsoever the dog developeth with digger on a wobbly Netware morn (that's Moullineuf-speak for "However, I DO wish they would both go away").

> OpenSSH, Built , funded , developed by GNU/Linux.

Catch a clue: OpenSSH is from the OpenBSD team.

And BIND predates Linux by 5 years, and Sendmail by 10.

But if someone develops something it normally means they did most of the work. I think the word you're looking for is "contributed". After all, many organisations contributed to Linux (for example, SGI ported XFS), but people don't say that SGI developed Linux.

Edited 2007-03-14 21:48

Do you realize that half of the problem people have with you is the way you present your arguments?

The fact that few can understand you without rereading your post several times does not help matters.

"Just talking reality..."

Everyone speaks from their own reality. That's no excuse. If you want people to get ANYTHING out of what you're saying, please please please PLEASE rethink how you present yourself! How you present arguments!

Oh, and try backing up what you say with some facts. Or else you are indeed trolling. Period. If someone sticks to a pov that's unpopular they will likely be labeled a troll, this is true. A good way to guard against it is to present FACTS, preferably as unbiased a source as possible, and present your arguments clearly and concisely.

Then at the very least most people would disagree with you...You'd maintain some dignity however.

The OpenBSD team wrote openssh and the openssl libraries. They wrote openssh because the gnu ssh server, lsh, really sucks.
http://www.lysator.liu.se/~nisse/lsh/

If you think that Linux built and developed openssh, you need to get your facts straight before speaking again.

That is MANDRIVA, which is not OpenBSD. Their implementation of OpenSSH had bugs... deal with it.

Dude seriously, you are completely ignorant. Note in ignorant I am meaning you have no clue whatsoever what you are talking about.

The OpenBSD team wrote and *STILL* maintains OpenSSH. From http://openssh.org :
This site Copyright © 1999-2006 OpenBSD. $OpenBSD: index.html,v 1.258 2007/03/09 19:25:09 deraadt Exp $
I would consider writing software justifies the word "Built" as you like to say even thought the proper term would be "developed". The fact is that the OpenBSD project wrote OpenSSH for their own bsd derivative and have a version called "Portable OpenSSH" that has been ported to other posix environments such as Linux.

Sure some Linux distributions that USE OpenSSH might have been the very first to patch it (Like that link you stated). That does not in any what mean that openssh was built or funded by Linux. It just means that Linux distributions might have fixed some issues or added patches to improve it.

Get a clue what you are talking about please. I am not bashing Linux because Linux Systems Administration happens to be my day job and passion. You are trolling about something you have proven you don't understand. Stop.

Time out!

There is something very, very, wrong here.

I'm usually mildly critical of the mod system here on OSNews. But in Moulineuf's case it has become positively pathogenic.

I've just had a look over his recent posting history. He has regularly gotten modded to -4 and -5. And it is absolutely not deserved.

Read the posts.

Moulineuf makes some good points. I agree with much of what he says. I disagree with other points that he makes.

I do not want to go into particulars because that is not what is important right now.

Even the OSNews staff has taken some rather unbecoming, and undeserved, potshots at him at times. (That's you, Thom.)

I get the impression that it has become a pastime for some.

This is an example of what a minority with an itchy trigger finger can do to abuse an otherwise "sort of OK" mod system.

OSNews is a better forum than that. I *know* we are... for the most part.

We're *supposed* to be a celebration of diversity, right?

Where we agree we agree. Where we disagree, we can learn to agree to disagree... and probably learn more in that process than when we do happen to agree.

Sorry for venting like this, but I have watched this travesty continue for *far* too long.

Next time you feel like modding someone down for expressing their opinions... get a life instead.

Yeah, I'll probably regret this in the morning. ;-)

-Steve

Edited 2007-03-15 01:08

BSD don't Bash GNU/Linux ... Wait your offering the proof to the contrary needed to show I was right ... What can I say ? Tanks , but It was not need.

http://www.frsirt.com/english/advisories/2005/1979

You where saying ...

BTW that's Exploit 3 and 4 for remote exploit ... If one is to believe BSD lies ... Witch I don't ...

like I said Built , funded , developed by GNU/Linux

With very small contribution like that, "observe" is much more suitable word.

"The OpenBSD team wrote openssh and the openssl libraries."

They didnt write OpenSSL.

"They wrote openssh because the gnu ssh server, lsh, really sucks."

That's not why they wrote OpenSSH. OpenSSH was started because Tatu Ylonen, the original author of SSH, decided to make his implementation proprietary.

Edited 2007-03-15 03:53

He has a positive score because when he says things like this in a Linux based article, the Linux zealot buddies all give him propers.

Wow, the linux zealot geezer is still alive! Please say again "I'm not a zealot because I'm not killing people because of GNU/Linux"

A valid point.

Counterpoint:

Only 2? In 10 years?

They seem to be doing just fine on their own

The user's/developer's senses of success might be quite different from somebody elses. Anyway, it's impossible for most reasonable folk to be less than astounded at what I consider to be a true accomplishment

Like what?

How many OSes do you know that do not have the majority written in C? There is a reason for this.

Also they are adding things to the core libraries and such to specifically make them less vulnerable, and they are utilizing new functionality found in newer chips.

I believe there are some people who are indeed working on changing the fact that OSes are written in C, but so far that is very much work-in-progress.

How many OSes do you know that do not have the majority written in C? There is a reason for this.

Indeed. The advantages are so great that I can even name at least one that was actually rewritten in C, and I don't mean Unix (AmigaOS).

Thank <insert deity of choice here> for that!

"The Linux kernel on the other hand is a little messy.. "

I found the Linux kernel and the core libraries could have a higher standard for documentation. In BSD (at least in FreeBSD), all kernel interfaces, drivers, modules system files, library functions and system utilities have their own manpage, so you just can "man fork", "man xl" or "man stat". In the Linux kernel you sometimes have to search a while to find the documentation somewhere enclosed in /* ... */. I don't know if that's true at present time, but I hope the situation has improved in the last years of Linux development.

(Now as I'm talking about Linux, I refer to the Linux kernel itself, not the GNU world around it.)

I won't enter a discussion if BSD "is better than" Linux or if everyone should avoid using BSD. Every OS family has its right to exist, its fields where it is perfect for, and its users who are happy with it.