Is this really that secure, or is it just not popular enough for anyone to bother hacking it?
Is this really that secure, or is it just not popular enough for anyone to bother hacking it?
Ryder Bailey
Ryan Anderson
Both
You could say it's secure in a lot of ways.
Gavin Cox
It's not really secure.
1. Nothing really works in BSD
2. *BSDs have ports and thus many Linux applications are ported to FreeBSD or OpenBSD
3. Ports are unaudited, so there goes all the "good code practice" meme
4. OpenBSD has no drivers, it's only good for routers
Don't fall for shitty memes
>>>/bsd/
Joshua Roberts
OpenBSD has tons of mitigations. Something that would compromise Linux would only crash openbsd
Parker Ross
Mitigations are available in Linux. Linux also has MAC and RBAC which OpenBSD (Not FreeBSD) lacks
Asher Taylor
>Linux has mitigations
Not to the degree OpenBSD does
>MAC
Are you that same autist who shitposts in every BSD thread? MACs are not end all security and most people turn it off.
Michael Green
>MACs are not end all security and most people turn it off.
[citation needed]
Eli Morgan
You realize you just cited him, right?
Adrian Gomez
>user, in your essay you cited "myself" in the reference list
>"What's wrong?"
Aaron Hill
>1. Nothing really works in BSD
>2. *BSDs have ports and thus many Linux applications are ported to FreeBSD or OpenBSD
Uh-huh.
The truth is, of course, that plenty of apps are in fact portable (written against POSIX) and thus work on OpenBSD just as well as they do on Linux. Certainly all the popular apps do, like Firefox, Libreoffice, Chromium, GNOME, XFCE... and the lesser-known programs usually either work out of the box or just need a little love to make them POSIX compliant. That's what all those ports developers are doing.
>3. Ports are unaudited, so there goes all the "good code practice" meme
Having a quality base system is underrated. But even though ports as a whole aren't actively audited (by anybody, let alone OpenBSD), you still get benefits from running them there. All programs benefit from the stack protector, from strong ASLR and PIE, from strict malloc. All packages that install daemons also create a separate user for each daemon to run under, giving you isolation through standard Unix permissions (more powerful than MAC advocates would have you believe, and easier to understand to boot).
And the OpenBSD people are good citizens: they fix security bugs and portability bugs that are exposed by building and running software with OpenBSD's mitigations, and push those fixes upstream. They make portable versions of their own software, like OpenSSH and LibreSSL and mandoc. Secure OSes like Copperhead (secure Android) use OpenBSD's malloc and collaborate for further improvements.
Overall a nicely designed, clearly documented system that provides some nice security features that you won't get on Linux without out-of-tree kernel patches. A valuable part of the free software community.
Chase Parker
Does qbittorrent or r+rutorrent run without ports? Can you name some latest desktop environments that run without ports?
Nathaniel Cruz
I don't get your question. Ports and packages are the same thing (ports are the source and packages are the compiled programs). If you want to install GNOME, you'd want to use the package, because who has time to compile all those programs?
Dunno about qbittorrent. Looks like nobody's made a package for it. Maybe you can get it by installing from source.
Jose Howard
i saw a SELinux presentation where they begged people to not turn it off
Adam Perry
Security through obscurity kinda like running Windows 95 in 2016.
Adam Wilson
It wouldn't crash openbsd unless it was hooked into the kernel somehow. The application that is fucked would crash along with any application that its hooked to.
Bentley Ross
>Is this really that secure
There is literally only handfull fucking software which works in OpenBSD because nazi style malloc. So yeah it is secure but you cant use it to anything usefull cause buffer overflow software just crashes without survivors
Camden Gutierrez
buffer overflows are usually not desirable
Joseph Collins
It is desirable to actually have software to run
Jeremiah Fisher
Then use gnu/linux or even more preferably use windows.
Nicholas Evans
nah
Kevin Clark
>OpenBSD 6.0
>tmpfs removed
>forced W^X so even less software will work
pic related
Samuel Young
If you're using OpenBSD you should know the risks. You can stay on OpenBSD 5.9 for a year until all the kinks are shook out of 6.0. Technically as long as no significant problems are discovered in 6.0 or later you can stay on 5.9 indefinitely. You might want to follow the security advisories and see if you can adapt the patches for your system.
Angel Brooks
>forced W^X so even less software will work
wxallowed
Easton Collins
>tmpfs removed
mfs