Linked by fvillanustre on Fri 6th May 2011 22:19 UTC
Talk, Rumors, X Versus Y When comparing the evolution in market share of Linux and OpenBSD, two operating systems that were born around the same time, a question comes to mind: why is there such a difference in market penetration? Linux, on one side of the spectrum, with a license that supposedly impairs commercial venues, has enticed companies and organizations to adopt and support it under varying commercial models, while the BSD derivatives (FreeBSD, OpenBSD and NetBSD), with a larger history and an allegedly more commercial friendly license haven't been as successful to gather a large installed base and widespread adoption.
Permalink for comment 472169
To read all comments associated with this story, please click here.
RE[4]: Because....
by sakeniwefu on Sat 7th May 2011 15:38 UTC in reply to "RE[3]: Because...."
Member since:

They also advertise/hype stuff that's common practice in many open source projects anyway. Like code reviews or considering missing or wrong documentation as a bug. Not bad, but sounds like hype which they pretend to not do.

Frankly, that might be the case for some projects but it is far from usual. I recommend De Raadt's speech on the release process. Compare with Xorg. Not the fixed version in your OS but the real thing.

Also I wonder about the fact that they always ask for donation, especially because everyone uses OpenSSH (damn awesome software!), but don't participate in Google's Summer of Code.

My guess? They don't want to deal with people feeling entitled to commit their cool stuff on one hand, and students that still have many things to learn bothering them on the other.

The OpenBSD developer team is built on trust. They expect one to make many minor contributions, do boring testing, etc before being allowed to play with a new malloc.

Other projects would just review the contributed source and commit.

This attitude probably throws away perfectly good code but consider the following:
"My code is secure" - Anonymous Coward.
"My code is secure" - Someone who you know has picked up and fixed many bugs in the past.
BTW, trust is there "in addition to" code reviews, not "instead of".

ACLs, jails, package signing will be there the day someone willing to do the hard work and make them acceptable to the existing devs. In OpenBSD, "stupid" is a synonym for "No one has been willing to do it right".

For example ways to deal with the insecurity of the C programming language. I think they'd be able to create lots of problems to deal with that problem, but lately they seem more interested in removing GPL code.

The "insecurity" of the C language has been dealt with as far as they are concerned. They are more worried about higher level bugs such as juggling with permissions, trusting user input, race conditions, algorithm holes, etc. Haskell, Java or C, it doesn't matter if something is logically wrong.

Reply Parent Score: 4