OpenBSD Archive

As recently reported on OpenBSD's errata page, a problem in the mbuf handling of IPv6 has been elevated to a security issue. This means that OpenBSD now has two remote exploits in 10 years, as already reflected on the OpenBSD Homepage. Theo advises to to update the system (or to block IPv6 using PF as a workaround).

Greg Kroah-Hartman's announcement for free Linux driver development included the necesssary legal framework to honor NDAs when creating GPL'd drivers. This allowance was discussed on the OpenBSD -misc mailing list. In a public exchange with Greg KH, Stephan Rickauer said: "Now these companies have a great excuse to keep specs locked up tight under NDA, while pretending to be 'open'. The OpenBSD project has made clear more than once how this will hurt Free Software in the long run. Signing NDA's ensures that Linux gets a working driver, sure, but the internals are indistinguishable from magic. It is a source code version of a blob." OpenBSD founder Theo de Raadt called the free driver effort a farce, "you are trying to make sure that maintainers of code - i.e. any random joe who wants to improve the code in the future - has less access to docs later on because someone signed an NDA to write it in the first place. You are making a very big mistake."

"On October 18th, OpenBSD celebrated its 11th birthday and ten years of punctual biannual releases. Now it's time for OpenBSD version 4.0, which includes tons of new drivers for wireless, network, and storage chips. Discover what's new and what battles developers must face daily to access documentation and support new hardware."

Apparently, OpenBSD turned 11 today. " It's been eleven years to the day since the formation of the OpenBSD Project. In celebration, here's a little timeline of memorable events. Feel free to add your own entries and links." Congratulations.

Pre-orders for OpenBSD 4.0 are now available in the online store. Five architectures on three CDs in a soft-shell DVD case. Check out the highlights of OpenBSD 4.0. This new release adds support for many wireless chipsets, as well as support for the UltraSPARC III, and much, much more.

OpenBSD strives to be the most secure UNIX derivation. Design principles, such as code auditing, extensive use of encryption, and careful configuration choices, combine to ensure OpenBSD's secure by default philosophy holds true. This article gives you a close look at the operating system so secure that it was once banned for use in a DEF CON competition, where crackers go after each other's systems.

The 2006 OpenBSD Hackathon, c2k6, is well underway in a conference room at a hotel in downtown Calgary, Canada. The event started yesterday, May 27th, attended by nearly 50 OpenBSD developers from all over the globe. OpenBSD creator Theo de Raadt is thrilled by what is already proving to be another successful event. "I don't think anybody else does this, developers suspend their lives for a week to focus entirely on just development."

SoftwareInReview reviews OpenBSD 3.9. "The improved package tools make OpenBSD much easier to install, upgrade, and maintain. For those who need to install several programs on top of the base system, the new package tool functions are priceless."

OpenBSD 3.9 has now officially been released. Improvements were made accross the board. There's a detailed changelog, an errata page, and of course a download section. If you want to support OpenBSD, buy a CD set.

"Freedom, openness, security - these principles lead OpenBSD development. The song for this release, Blob!, and the new artworks that promote them. Federico Biancuzzi interviewed OpenBSD's team of Blob-Busters and discussed new features of OpenBSD 3.9 along with freedom (and quality!) threats."

Many people responded to the call for OpenBSD and OpenSSH donations by purchasing an OpenBSD CD set. Those CDs are beginning to arrive in the mail, and when they do, how are you going to use them? If you're a software enthusiast who has never used OpenBSD before, you might enjoy installing it by yourself and figuring it out as you go. If, however, you're looking for a more practical approach to using OpenBSD as a desktop or server operating system, here's a guide to get you started.

"Gray and Bergamini recently worked together to develop the nfe driver to support NVIDIA ethernet controllers. In this interview, they talk about OpenBSD's policy to not ship binary-blobs, explaining the problems associated with drivers that use these blobs and the affect these types of drivers have on the open source community. They also detail the efforts involved in writing the nfe driver, describing why they started the project, how they were able to support undocumented hardware, and the features supported by the new driver."

"Even if you don't use OpenBSD, you're likely to be benefiting from it unknowingly. If you're using Solaris, SCO UnixWare, OS X, SUSE Linux, or Red Hat Enterprise Linux, chances are you're using the OpenBSD-developed OpenSSH for secure shell access to remote machines. If so many are using this software, why are so few paying for it? Official responses (and non-responses) from Sun Microsystems, IBM, Novell, and Red Hat are below, but if you're one of the freeloaders who hasn't contributed to OpenBSD or OpenSSH, what's your excuse?"

"Theo de Raadt is the project leader for OpenBSD, a Unix-like operating system. We spoke with Theo about the upcoming release of OpenBSD, 3.9, the financial state of the project, and about companies that profit from free software without contributing back."