Linked by Thom Holwerda on Sat 3rd Nov 2012 00:35 UTC
OpenBSD Theo de Raadt has announced the release of OpenBSD 5.2. The OpenBSD 5.2 release page has a detailed list of all changes and improvements. As always, I would love for someone to write proper items about OpenBSD releases - it's outside my interests and cursory glances don't do it justice.
Order by: Score:
Write what?
by Lengsel on Sat 3rd Nov 2012 05:06 UTC
Lengsel
Member since:
2006-04-19

What do you mean about write proper items about releases? I always install every release of OpenBSD on multiple machines, so what is it you're looking for?

I never touch any kind of Linux, I use OpenBSD because of the way the source code reads so I find it more simple to work with and run. What is it you would like to know about the releases? Do you want a short write up or a summary about each one?

Reply Score: 7

disk encryption
by evert on Sat 3rd Nov 2012 05:38 UTC
evert
Member since:
2005-07-06

For this very secure operating system, it is disappointing that it does not even offer disk encryption in the installer.

Full-disk encryption is probably not even possible.

http://unix.stackexchange.com/questions/9527/how-should-one-set-up-...

Reply Score: 4

RE: disk encryption
by kjamc1982 on Sat 3rd Nov 2012 20:36 UTC in reply to "disk encryption"
kjamc1982 Member since:
2007-05-09

It isn't in the installer you have to do the disk encryption before you start the installer. Here is a link to how I installed OpenBSD with full disk encryption.

http://geekyschmidt.com/2011/01/19/configuring-openbsd-softraid-fo-...

Reply Score: 4

RE: disk encryption
by Surtur on Sat 3rd Nov 2012 22:12 UTC in reply to "disk encryption"
Surtur Member since:
2009-04-15

For this very secure operating system, it is disappointing that it does not even offer disk encryption in the installer.

Full-disk encryption is probably not even possible.

http://unix.stackexchange.com/questions/9527/how-should-one-set-up-...


Not to long ago this source change showed up: http://marc.info/?l=openbsd-cvs&m=135135263905569&w=2

As I read this commit booting from softraids should now be possible in -current. Therefore if I understand this correctly Full-disk encryption is now possible (though not in the just released 5.2).

Reply Score: 2

RE[2]: disk encryption
by kjamc1982 on Sun 4th Nov 2012 00:28 UTC in reply to "RE: disk encryption"
kjamc1982 Member since:
2007-05-09

Yes, I have use this method to install OpenBSD 5.1 on my Laptop. You should not need to use -current, just to get full disk encryption.

Edited 2012-11-04 00:28 UTC

Reply Score: 1

RE[3]: disk encryption
by Surtur on Sun 4th Nov 2012 01:04 UTC in reply to "RE[2]: disk encryption"
Surtur Member since:
2009-04-15

Yes, I have use this method to install OpenBSD 5.1 on my Laptop. You should not need to use -current, just to get full disk encryption.


Did not know that. But from rereading the commit exactly it makes sense. It says though that it is now enabled by default which was not the case before. ("For boot(8) all softraid boot support is now enabled by default, including support for booting from crypto volumes.")

Reply Score: 1

Well
by gan17 on Sat 3rd Nov 2012 10:40 UTC
gan17
Member since:
2008-06-03

Yay!! ... oh wait, I'm already following current.

...at least we got a short write-up and release announcement.

Probably the last one before Thom converts this place to his own "Patents & K-Pop Central" ;)

Edited 2012-11-03 10:42 UTC

Reply Score: 1

Comment by marcp
by marcp on Sat 3rd Nov 2012 16:08 UTC
marcp
Member since:
2007-11-23

Now, that's an OS! granted, it doesn't have many bells and whistles that other OS's have, but it's still one of the cleanest, simplest, coherent and logically organized OS I have ever seen, and I've seen many OS's.

This release brings one thing we all awaited: true [multi]threading thrown into kernel space. It makes possible to use multi-core and multi-cpu HW without any problems. Performance boost + very good security - now, beat that, "OtherOS" ;)

I'm using OpenBSD myself for quite some time now [several years] and it never let me down.

@evert - it doesn't mean it's not possible. Full disk encryption is usually made using external tools anyway. OpenBSD has vnconfig -k capabilities with built-in Blowfish support [I don't trust AES and other stuff]. It is usually more than enough to encrypt your /home [vnconfig -k /dev/vnd0c /path/home.raw] or other mount points [it would need a little hacking, though. You'd have to add few lines of code into the /etc/rc to execute your vnconfig -k /usr, /var, etc early in the boot process]. It's all about knowing HOW to do it, not about "It cannot be done".

And one more thing - OpenBSD configures WiFi from within the installer flawlessly, which cannot be said in other OS's case, really. It also has many tools integrated in order to simplify their usage. No "wpasupplicant" crap. It's all in ifconfig ...

Reply Score: 2

RE: Comment by marcp
by zima on Sun 4th Nov 2012 00:02 UTC in reply to "Comment by marcp"
zima Member since:
2005-07-06

OpenBSD has vnconfig -k capabilities with built-in Blowfish support [I don't trust AES and other stuff].

??... You don't trust one of most thoroughly cryptoanalysed cipher, don't trust in its many cryptoanalyses done by best cryptologists?

Reply Score: 2

RE[2]: Comment by marcp
by kwan_e on Sun 4th Nov 2012 00:46 UTC in reply to "RE: Comment by marcp"
kwan_e Member since:
2007-02-18

"OpenBSD has vnconfig -k capabilities with built-in Blowfish support [I don't trust AES and other stuff].

??... You don't trust one of most thoroughly cryptoanalysed cipher, don't trust in its many cryptoanalyses done by best cryptologists?
"

There are some people who are automatically suspicious of anything approved by some authority. In the case of encryption, it's the fear that there's a back door in the design that would allow the authorities to break it easily.

Reply Score: 2

RE[3]: Comment by marcp
by marcp on Sun 4th Nov 2012 11:02 UTC in reply to "RE[2]: Comment by marcp"
marcp Member since:
2007-11-23

Bingo. If it's designed by government to encrypt, then it's also designed by government to decrypt. Think about it: which government would allow to design cipher that is not breakable by themselves? that would be totally illogical. They want security, but they want to hold the master key ... that's easier than remote installation of government sponsored spyware [used in many operations], etc. You don't have to ask for the keys to encrypt. You can do it yourself.

You are a wo/man of big faith, zima.

P.S oh, and why do you think they did hardware acceleration for AES? it's not a surprise. They want wide adoption.

Edited 2012-11-04 11:04 UTC

Reply Score: 2

RE[4]: Comment by marcp
by kwan_e on Mon 5th Nov 2012 02:36 UTC in reply to "RE[3]: Comment by marcp"
kwan_e Member since:
2007-02-18

Bingo. If it's designed by government to encrypt,


But the AES isn't designed by the government. It was chosen from independent competing teams. Specific IMPLEMENTATIONS of AES could definitely have backdoors and I think it would be stupid to assume none of them did, but the design itself is quite hard to have a backdoor put in.

That's why in my initial comment, I only touched on design implying the fear about the design of AES is a bit paranoid. Everyone could review the design, and if no such agency were able to inject a backdoor into the design, you can bet the Russians, Chinese and Indians have the mathematical expertise (or can pay for it if they didn't) to figure it out.

Backdoors are a three way street and, whatever you think about the US congress and senate and the CIA and FBI, no such agency does not seem to have the same incompetence.

For a luddite like me, if it's good enough for Bruce Schneier, it's good enough for me.

Reply Score: 4

RE[4]: Comment by marcp
by zima on Wed 7th Nov 2012 21:00 UTC in reply to "RE[3]: Comment by marcp"
zima Member since:
2005-07-06

That's bordering on paranoia (hm, and you just accepted the post of kwan_e kinda pointing this position as such) ...part of which often is: seeing simple facts not quite the way they are ("the government" didn't design AES)

Apart from what kwan_e says - if you think the govs world over (many ~competing ones) could conceivably pull off SUCH stunt, of silencing ALL pro cryptologists ...then how do you know that Blowfish isn't similarly compromised? (even better: "let's release this much weaker Blowfish cipher for those who really want to hide secrets from us!")

Hell, why do you trust the microcode in your CPUs? (that would be probably much easier to pull off, with only two US-based major x86 vendors)

What govs really use if they want your secrets, apart from planting of trojans, are good old interpersonal skills or - if they really want your secrets - rubber hose cryptoanalysis.

And the AES got accelerated in more recent CPUs because IT WAS ALREADY WIDELY ADOPTED

Reply Score: 2

RE[3]: Comment by marcp
by zima on Wed 7th Nov 2012 20:45 UTC in reply to "RE[2]: Comment by marcp"
zima Member since:
2005-07-06

There are some people who are automatically suspicious of anything approved by some authority. In the case of encryption, it's the fear that there's a back door in the design that would allow the authorities to break it easily.

What's funny-sad, those seem to be quite often the same people who shout the loudest that... the government can't do anything right.

Reply Score: 2

Documentation
by KrustyVader on Sat 3rd Nov 2012 18:07 UTC
KrustyVader
Member since:
2006-10-28

It's the only O.S. that i know that improper documentation of an utility/command is considered a bug. And i love that.

No wasting time trying parameters that were removed (or changed). Or lost in the translation.

I don't know if anyone here try to read the IPTables documentation, or worst, anyone read the help of the Spanish Windows version. The help is well written, but some morons translate the parameters in the command. The help will talk about "/read" parameter but the command refuse it because you have to put "/leer" (read in Spanish). It will lead you to create a batch file that only work on ONE specific version of Windows.

Reply Score: 4

RE: Documentation
by ebasconp on Sun 4th Nov 2012 13:46 UTC in reply to "Documentation"
ebasconp Member since:
2006-05-09

:O really?

That is a severe design issue!!! Similar to the translated commands in Excel. That madness does not make any sense!

I cannot imagine a program written in a Spanish-translated C. It would be something like:

#incluir <esest.e> //stdio.h [translated to Spanish] -> .e from 'encabezado'

ent principal() //int = integer; ent = entero
{
car const* cad = "Hola mundo";
imprimirf("%c\n", cad); //%c writes 'cadenas', i.e. 'strings';
retornar 0;
}

Very spooky, actually!

Reply Score: 4

RE[2]: Documentation
by KrustyVader on Sun 4th Nov 2012 17:41 UTC in reply to "RE: Documentation"
KrustyVader Member since:
2006-10-28

Thank you very much, that Spanish C really make me laugh.

Reply Score: 1

RE[3]: Documentation
by kwan_e on Mon 5th Nov 2012 09:48 UTC in reply to "RE[2]: Documentation"
kwan_e Member since:
2007-02-18

Thank you very much, that Spanish C really make me laugh.


There was a little Spanish C
A real language it thought it'd be
It wasn't sharp or incremental
But in all objectivity
Why not a little Spanish C

Reply Score: 5

RE[3]: Documentation
by zima on Wed 7th Nov 2012 21:11 UTC in reply to "RE[2]: Documentation"
zima Member since:
2005-07-06
RE[2]: Documentation
by Neolander on Sun 4th Nov 2012 21:02 UTC in reply to "RE: Documentation"
Neolander Member since:
2010-03-08

Think about it though: if C had actually been designed this way, it likely wouldn't have taken all these decades for OSs to support Unicode properly ;)

I wouldn't want to deal with Finno-Ugric code though...

Edited 2012-11-04 21:09 UTC

Reply Score: 2

RE[3]: Documentation
by zima on Wed 7th Nov 2012 22:26 UTC in reply to "RE[2]: Documentation"
zima Member since:
2005-07-06

Regrettably, ctrl+f of all major and some minor (Sami especially always seems one nice little language & people) Finno-Ugric languages in http://en.wikipedia.org/wiki/Non-English-based_programming_language... didn't come up with anything. :/

However, you might be even more interested in 丙正正 (Chinese C++), Farsi.NET, HPL, Dolittle (some Japanese edu language, charming name ;) ...personal note here: Fjölnir name sounds kinda epic), or var'aq (Klingon...)

And that's even before getting into "Languages based on symbols instead of keywords" or "Modifiable parser syntax" ...Klingon Perl? As if Perl alone wasn't enough? ;)


PS. Generally, quite many French ones, what about that? ;p
And OMZ, GOTO++?! If that's what I think it is, it could be... brilliant ;)
But seriously, with relative prevalence of Chinese on that list, one might wonder if that's not a song of things to come in ~computing...

Edited 2012-11-07 22:30 UTC

Reply Score: 2

RE[4]: Documentation
by Neolander on Thu 8th Nov 2012 08:14 UTC in reply to "RE[3]: Documentation"
Neolander Member since:
2010-03-08

PS. Generally, quite many French ones, what about that? ;p

At some point in the 80s, our government decided that investing in computer science was critical and brought massive amounts of Thomson MO5 and TO7/70 computers to middle schools, together with new programmes that featured programming courses.

Might be a remainder of that era, or just misplaced nationalism.

And OMZ, GOTO++?! If that's what I think it is, it could be... brilliant ;)

Object-oriented GOTOs ? How would that work ? ;)

But seriously, with relative prevalence of Chinese on that list, one might wonder if that's not a song of things to come in ~computing...

Like, tonal programming languages and 7% less female programmer births per year? Well, sucks... ;)

Edited 2012-11-08 08:27 UTC

Reply Score: 1

RE[5]: Documentation
by zima on Thu 8th Nov 2012 21:33 UTC in reply to "RE[4]: Documentation"
zima Member since:
2005-07-06

At some point in the 80s, our government decided that investing in computer science was critical and brought massive amounts of Thomson MO5 and TO7/70 computers to middle schools, together with new programmes that featured programming courses.

Hm, you most likely fared better than my place:

http://en.wikipedia.org/wiki/Mera-Elzab_Meritum
http://en.wikipedia.org/wiki/List_of_ZX_Spectrum_clones#Elwro_800_J... (epic casing ;> )

...and I haven't even seen either of them, ever. Nor any computer classroom before the PC era. Generally, probably another examples of economic cargo cults (~"developed countries produce lots of steel? Well then let's do lots of steel!"), quite prevalent in Warsaw Pact economies. The was no educational system to it, no real push.

Object-oriented GOTOs ? How would that work ? ;)

Exactly, the idea sounds crazy enough!(?) ;>

tonal programming languages and 7% less female programmer births per year? Well, sucks... ;)

Only 7% less would be a major improvement, me thinks...

But seriously, I mean generally how the Chinese supposedly strive for technology independence (also check out Loongson) - with their expanding sphere of influence, this should push their tech more and more over time. And language.

Reply Score: 2

RE[3]: Documentation
by zima on Thu 8th Nov 2012 02:15 UTC in reply to "RE[2]: Documentation"
zima Member since:
2005-07-06

PPS. Overall, why specifically not Finno-Ugric?...

Reply Score: 2

RE[4]: Documentation
by Neolander on Thu 8th Nov 2012 07:21 UTC in reply to "RE[3]: Documentation"
Neolander Member since:
2010-03-08

PPS. Overall, why specifically not Finno-Ugric?...

Because for some reason which only linguists likely understand, this family of languages looks very different from everything else I have toyed with in at some point in my short life (French, English, German, Arabic, Swedish and Japanese), so learning one of them would likely be especially difficult.

They're not alone, of course, I've heard from Russian learners that it gets be pretty bad too and my short experience with literary Arabic tells me that I probably wouldn't want an Arabic PL either. It's just that I had to pick something for the sentence to remain clean. ;)

Edited 2012-11-08 07:42 UTC

Reply Score: 1

RE[5]: Documentation
by kwan_e on Thu 8th Nov 2012 07:45 UTC in reply to "RE[4]: Documentation"
kwan_e Member since:
2007-02-18

I want to create a Scottish dialect of C.

I'll call it:

Expletive-C.

Reply Score: 2

RE[6]: Documentation
by Neolander on Thu 8th Nov 2012 08:25 UTC in reply to "RE[5]: Documentation"
Neolander Member since:
2010-03-08

I want to create a Scottish dialect of C.

I'll call it:

Expletive-C.

When computers are finally able to effortlessly process natural language, perhaps we'll finally see the dawn of the ultimate debugging nightmare: Subjective-C ;)

Reply Score: 1

RE[7]: Documentation
by kwan_e on Thu 8th Nov 2012 08:53 UTC in reply to "RE[6]: Documentation"
kwan_e Member since:
2007-02-18

"I want to create a Scottish dialect of C.

I'll call it:

Expletive-C.

When computers are finally able to effortlessly process natural language, perhaps we'll finally see the dawn of the ultimate debugging nightmare: Subjective-C ;)
"

I hear the Tea Party is thinking of creating it's own patriotic dialect:

Ohsaycanyou-C

Reply Score: 2

RE[6]: Documentation
by zima on Thu 8th Nov 2012 21:26 UTC in reply to "RE[5]: Documentation"
zima Member since:
2005-07-06

I want to create a Scottish dialect of C.
I'll call it:
Expletive-C.

Well... I suppose it's major benefit will at least be efficiency, running on very economic (cheap...) hardware? Smart dust and such (hopefully without constant quiet hum of expletives?)

Reply Score: 2

RE[5]: Documentation
by zima on Thu 8th Nov 2012 21:38 UTC in reply to "RE[4]: Documentation"
zima Member since:
2005-07-06

>PPS. Overall, why specifically not Finno-Ugric?...
Because for some reason which only linguists likely understand, this family of languages looks very different from everything else I have toyed with in at some point in my short life (French, English, German, Arabic, Swedish and Japanese), so learning one of them would likely be especially difficult.
They're not alone, of course, I've heard from Russian learners that it gets be pretty bad too

Wasn't Japanese (generally Far East) language moderately related to Finno-Ugric group? (or at least, wasn't that one of many hypotheses?)

If you think Russian is bad, then Polish would be also "fun" I suppose ;p (and it also has some programming languages, though less than Russian & less serious)

Reply Score: 2

Comment by lucas_maximus
by lucas_maximus on Sat 3rd Nov 2012 18:56 UTC
lucas_maximus
Member since:
2009-08-18

It is an OS that does exactly what it says on the tin.

Reply Score: 3

Just curious...
by UltraZelda64 on Sun 4th Nov 2012 04:11 UTC
UltraZelda64
Member since:
2006-12-05

As always, I would love for someone to write proper items about OpenBSD releases - it's outside my interests and cursory glances don't do it justice.

...what are your interests then?

Clearly (based on your articles) you have interests in Microsoft/Windows, Apple/MacOS X, Linux, Google/Android, and BeOS/Haiku. Oh, and software patents... and can't forget CDE. Which, combined, is seemingly almost everything, right there. But apparently OpenBSD is not in your interests, and I recall reading a semi-recent article where you mentioned your inexperience with Solaris (so I guess there's another). But based on the fact that you post on a site called "OSNews," I would expect a broader OS interest.

Not that I'm complaining that you lack interest of OpenBSD or Solaris or whatever else (honestly, while I appreciate OpenBSD I don't currently have a whole lot of interest in it myself, or any of the BSDs for that matter, and Oracle is enough to turn me away from Solaris). I'm just curious what are your primary interests, since they not only seem varied--but pretty specific too. To be fair, it's pretty damn hard to both learn and be interested in almost *everything*, but I'm just curious what actually are your primary interests.

Edited 2012-11-04 04:26 UTC

Reply Score: 3

RE: Just curious...
by Morgan on Mon 5th Nov 2012 00:01 UTC in reply to "Just curious..."
Morgan Member since:
2005-06-29

but I'm just curious what actually are your primary interests.


You may wish to qualify that request with "in regard to operating systems" else you will end up with everything from rainbow farting ponies to Left for Dead 2 to Fiona Apple to Hangul.

And that's just the stuff he tells us about here and on Google+, there's no telling what else may come out. ;)

Reply Score: 3