OpenBSD Archive

Theo de Raadt has announced the release of OpenBSD 5.2. The OpenBSD 5.2 release page has a detailed list of all changes and improvements. As always, I would love for someone to write proper items about OpenBSD releases - it's outside my interests and cursory glances don't do it justice.

"OpenBSD 5.0 has been published, six months after the release of version 4.9. The OpenBSD project's newest release of the free BSD based UNIX-like operating system includes a number new and updated drivers, performance improvements and new features. OpenBSD 5.0 includes the GNOME 2.32.2, KDE 3.5.10 and Xfce 4.8.0 desktop environments. It also contains a number of new and updated packages including versions 3.5.19, 3.6.18 and 5.0 of the Firefox web browser, PHP 5.2.17 and 5.3.6, LibreOffice 3.4.1, and Chromium 12. The release includes September's release of OpenSSH 5.9." GNOME 2 you say? Huh. Interesting.

Okay, this is potentially very big news that really needs all the exposure it can get. OpenBSD's Theo de Raadt has received an email in which it was revealed to him that ten years ago, the FBI paid several open source developers to implement hidden backdoors in OpenBSD's IPSEC stack. De Raadt decided to publish the email for all to see, so that the code in question can be reviewed. Insane stuff.

"OpenBSD is widely touted as being 'secure by default', something often mentioned by OpenBSD advocates as an example of the security focused approach the OpenBSD project takes. Secure by default refers to the fact that the base system has been audited and considered to be free of vulnerabilities, and that only the minimal services are running by default. This approach has worked well; indeed, leading to 'Only two remote holes in the default install, in a heck of a long time!'. This is a common sense approach, and a secure default configuration should be expected of all operating systems upon an initial install. An argument often made by proponents of OpenBSD is the extensive code auditing performed on the base system to make sure no vulnerabilities are present. The goal is to produce quality code as most vulnerabilities are caused by errors in the source code. This a noble approach, and it has worked well for the OpenBSD project, with the base system having considerably less vulnerabilities than many other operating systems. Used as an indicator to gauge the security of OpenBSD however, it is worthless."

The OpenBSD team has released OpenBSD 4.5. There have been lots of changes and bug fixes, but it's a rather daunting list that doesn't really lend itself towards a summary (hint), but I guess if you use OpenBSD you are perfectly capable of figuring this out yourself. You can get the new release from the download page.

Theo de Raadt has lifted the veil off OpenBSD 4.3. "We are pleased to announce the official release of OpenBSD 4.3. This is our 23nd release on CD-ROM (and 24rd via FTP). We remain proud of OpenBSD's record of more than ten years with only two remote holes in the default install." Boasting as always, but when it's justified, arrogance is a virtue.