OpenBSD Archive

“OpenBSD will shut down if we do not have the funding”

See the email thread on the misc list for more details.

In light of shrinking funding, we do need to look for a source to cover project expenses. If need be the OpenBSD Foundation can be involved in receiving donations to cover project electrical costs.

But the fact is right now, OpenBSD will shut down if we do not have the funding to keep the lights on.

If you or a company you know are able to assist us, it would be greatly appreciated, but right now we are looking at a significant funding shortfall for the upcoming year - Meaning the project won't be able to cover 20 thousand dollars in electrical expenses before being able to use money for other things. That sort of situation is not sustainable.

The OpenBSD project is the incubator for a number of other projects including OpenSSH and OpenSMTPD. If you use these or just want the project to survive, consider making a donation.

OpenBSD 5.0 Released

"OpenBSD 5.0 has been published, six months after the release of version 4.9. The OpenBSD project's newest release of the free BSD based UNIX-like operating system includes a number new and updated drivers, performance improvements and new features. OpenBSD 5.0 includes the GNOME 2.32.2, KDE 3.5.10 and Xfce 4.8.0 desktop environments. It also contains a number of new and updated packages including versions 3.5.19, 3.6.18 and 5.0 of the Firefox web browser, PHP 5.2.17 and 5.3.6, LibreOffice 3.4.1, and Chromium 12. The release includes September's release of OpenSSH 5.9." GNOME 2 you say? Huh. Interesting.

OpenBSD 4.9 Released

OpenBSD 4.9 release is ready, now with enabled NTFS by default (read-only), SMP kernels can now boot on machines with up to 64 cores, maximum allocation size for i386 bumped to 2G, added support for AES-NI instructions found in recent Intel processors, further improvements in suspend and resume and much more.

More Details Emerge Regarding OpenBSD FBI Backdoors

Yesterday, we reported on the allegations made by Gregory Perry. He claims that 10 years ago, several developers were paid by the FBI to implement hidden backdoors into OpenBSD's IPSEC stack. This has prompted a lot of speculation about the allegations' validity, and less than 24 hours later, it has descended into one person's word against that of others. Update: Jason Wright, too, denies all the allegations. "I will state clearly that I did not add backdoors to the OpenBSD operating system or the OpenBSD crypto framework (OCF). It is a baseless accusation the reason for which I cannot understand."

“FBI Added Secret Backdoors to OpenBSD IPSEC”

Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.

“The Insecurity of OpenBSD”

"OpenBSD is widely touted as being 'secure by default', something often mentioned by OpenBSD advocates as an example of the security focused approach the OpenBSD project takes. Secure by default refers to the fact that the base system has been audited and considered to be free of vulnerabilities, and that only the minimal services are running by default. This approach has worked well; indeed, leading to 'Only two remote holes in the default install, in a heck of a long time!'. This is a common sense approach, and a secure default configuration should be expected of all operating systems upon an initial install. An argument often made by proponents of OpenBSD is the extensive code auditing performed on the base system to make sure no vulnerabilities are present. The goal is to produce quality code as most vulnerabilities are caused by errors in the source code. This a noble approach, and it has worked well for the OpenBSD project, with the base system having considerably less vulnerabilities than many other operating systems. Used as an indicator to gauge the security of OpenBSD however, it is worthless."

OpenBSD 4.6 Released

As mentioned in the release announcement: "Many people have received their 4.6 CDs in the mail by now, and we really don't want them to be without the full package repository. We are pleased to announce the official release of OpenBSD 4.6. This is our 26th release on CD-ROM (and 27th via FTP). We remain proud of OpenBSD's record of more than ten years with only two remote holes in the default install." I really want news like this on the front page, but sadly, the long list of improvements makes no sense to me - I don't know what's important and what isn't. If someone can provide a nice readable summary of the most important improvements, I'll include it to the item and place it on the front page. There we are.

PF Enabled by Default in OpenBSD-current

"As seen here, PF is now enabled by default. The default pf.conf will now pass in all traffic, except for TCP port 6000 normally used by remote-X11. By having the X server still listen on port 6000 but let PF block incoming packets that aren't coming from localhost you can still use local X sessions that needs to talk to the TCP port or runs through a port forward from remote, but at the same time don't expose your machine on the network. Recent changes to PF, like having packet reassembly enabled on all packets by default, will now help clean incoming traffic."

What’s New in OpenBSD 4.4

O'Reilly interviewed 27 OpenBSD developers to present the new release. They discussed buffer cache improvements, the new malloc(), the work to make the math library more C99 compliant, what is new in the SCSI area, crypto support for softraid, a lot of fundamental work happened in PF, a new tool to merge configuration files during upgrades, the status of OpenCVS, some cool features of OpenSSH 5.1, the initial support for USB webcams, the never-ending work on improving and extending the sensors framework, and more.

OpenBSD 4.3 Released

Theo de Raadt has lifted the veil off OpenBSD 4.3. "We are pleased to announce the official release of OpenBSD 4.3. This is our 23nd release on CD-ROM (and 24rd via FTP). We remain proud of OpenBSD's record of more than ten years with only two remote holes in the default install." Boasting as always, but when it's justified, arrogance is a virtue.