Linked by Eugenia Loli on Sat 12th Aug 2006 19:07 UTC
OpenBSD OpenBSD strives to be the most secure UNIX derivation. Design principles, such as code auditing, extensive use of encryption, and careful configuration choices, combine to ensure OpenBSD's secure by default philosophy holds true. This article gives you a close look at the operating system so secure that it was once banned for use in a DEF CON competition, where crackers go after each other's systems.
Thread beginning with comment 151901
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: NX without NX
by cg0def on Sun 13th Aug 2006 08:31 UTC in reply to "NX without NX"
cg0def
Member since:
2006-02-12

NX is a pretty old concept even in hardware ( VAX ) and like it was already mentioned OpenBSD is hardly the only OS to support it. Also while OpenBSD is very nice for firewalls and servers ( in most cases ) the security audits at the distro level are hardly what needs to be done. This results in a slow distribution cycle and old versions of pretty much ever software gets included. Now this might be now that big of a deal with web admins but as a developer I would surely like to use gcc 4.x ( and it is stable and secure enough ).
But I must admit that while I don't use OpenBSD on my workstation it is on my firewall/router ...

Reply Parent Score: 1

RE[3]: NX without NX
by psygbert on Sun 13th Aug 2006 16:16 in reply to "RE[2]: NX without NX"
psygbert Member since:
2006-05-29

a new release every 6 months is fast enough for me and you can always use gcc4 from ports.

hmm older software? i think debian stable is using older softwares than openbsd stable branch ;)

Reply Parent Score: 5

RE[3]: NX without NX
by Gryzor on Sun 13th Aug 2006 19:39 in reply to "RE[2]: NX without NX"
Gryzor Member since:
2005-07-03

Old versions? What are you talking about? What do you prefer, the latest Apache from the Apache FTP Server or the "audited, patched, fixed" older version that comes with OpenBSD that "serves its purpose well".

The goal is to provide SECURE software, not the latest; many of the patches OpenBSD produces are not accepted by the original developers of the piece of software, so until that happens, they refuse to include a newer "unsecure" piece of software.

Apache is a very nice example of that...

Reply Parent Score: 3

RE[4]: NX without NX
by Janizary on Sun 13th Aug 2006 22:50 in reply to "RE[3]: NX without NX"
Janizary Member since:
2006-03-12

No, Apache not being updated is because of the disgusting mess of a licence that Apache now uses. The security patches being ignored was why the developers dislike the Apache project, not the reason they will never use any of their newer code.

Reply Parent Score: 1