Contributed by jason on from the Puffy-Handles-Business dept.
Recently on the misc@ mailing list, a user asked about ways to popularize OpenBSD with PHB types in business.
I've been trying (rather unsuccessfully) to convince various clients and employers to adopt OpenBSD. Most people, I find, are resistent to change and would not use anything they are not familiar with...
Is there any way I could convince these people to make the move to OpenBSD? Suggestions, tips and tricks along with real life examples would be much appreciated.
A friendly reply came from "Matt", giving his own list of tips for convincing management to pursue OpenBSD solutions. Read on for his entertaining and useful experiences.
Many others have given great pro-OpenBSD examples.
I can only give you the "tricks" I have succesfully used in the past. These are based on selling solutions - not on convincing people how great OpenBSD is. There is a big difference from my perspective, but our goals are the same. Meetings work far better than writing to get your points across. They allow you to change your direction on the fly if needed, while writing just gets /dev/nulled.
TRICK 1: Expensive beats free
First of all - forget it is free. Forget the whole licensing, forget anything open source software related. That sounds weird and perhaps unethical towards those that fight for this but it helps getting what you want. OpenBSD will eventually benefit - so we're in the clear here. Management does not trust anything free. Free implicates 'no guarantees'. Whenever you say 'free' management pictures a photograph of you and Richard Stallman, holding hands under a rainbow while a unicorn flies by.
If, and only if, the price question pops up you say "implementation will probably cost us around <some figure that will be acceptable and will give OpenBSD a nice donation>." If the guy is wearing a suit worth more than your monthly salary multiply the amount by 10.
TRICK 2: Fear beats complacency
Talk about the changing internet/network. How it is increasingly becoming more and more hostile. They will be aware of this. through both the press and those Nigerian relatives that keep mailing them. Tell them about the recent creditcard thefts, about the impact these things have on a company. This can be on a moderate level or on a oh my god the plane is crashing and we are all going to die! level. Depends on your party and your ethics.
Mention the amount of attacks on a webserver can go down by 40% just because the bad guys see it is running OpenBSD, or that common cracking techniques that work on other systems simply are impossible on OpenBSD because of it's design.
Show nice little graphs of security exploits on all the systems they know and place OpenBSDs track record next to it. Do this only for basic issues and you'll have pretty dramatic stats. If you can (without loosing your job or crossing your co-workers), present a list of unpatched/unsolved issues with the current servers. Don't talk tech. Talk solutions. We have a problem here and I am offering you the solution.
World leaders have gotten (and are getting) away with incredible stuff, solely by addressing people's fear. It is by far the most powerful emotion. And before you judge me on this - you do have insurance, don't you? Exactly.
TRICK 3: Trustworthy beats unknown
Tell them who else is using it; which big companies (they know) already have put their trust in it. Knowing some company they respect is using OpenBSD proves to them it's a reliable choice. These companies have understood the need for solutions for the problems presented earlier in trick 2. Choose companies that deal with important stuff. Hospitals and banks are great examples. Yes, it might just be a single router among the ninety Windows boxes but who cares?
If they mention seeing Windows in their hospital tell them this is why you and your family never go to that hospital.
TRICK 4: Being cool beats missing the boat
Present OpenBSD as "up and coming", give them the idea they are jumping in right on time. That it is a fresh, new and hip approach to operating systems. OpenBSD is lean, mean - it's sexy. "Actually, you are a pretty lame bunch considering you're not running it yet."
That approach, no matter how stupid, might work better in some cases than actual arguments. Especially if most of the people in the room are carrying an iPhone.
TRICK 5: Action beats promise
Emphasize on the low costs of running OpenBSD. The low maintenance, the fact it performs great without cutting-edge hardware. Do not say it runs great on "old" hardware. Old is bad, old will break. Low system requirements, now that sounds like we can save some cash.
Convince them of the low learning curve in maintaining, upgrading and installing systems. Anybody can do it.
Propose to teach Janet, the hot secretary from upstairs, to upgrade a system within a day - just to prove your point. This is a proposition I have yet to see be declined. The idea of Janet being stuck with you in the server room for a full day is usually hilarious enough to give it a try.
TRICK 6: Having toys beats "not interesting"
Give them toys. Management loves toys. So give them plenty. And give them toys to talk and brag about. Show them how many spammers/attackers THEY have blocked by presenting them some nice graphic GUI tool. Preferably on a webpage behind a login- something where they can mess about a bit, click some stuff to see dumbed down data. Not Cacti or the like, that is way too intimidating and complicated.
We want to show understandable stuff along with pretty colored charts. If it moves it's even better. Fake it with animated gifs, I don't care. But make it shine.
Hey Jim, how are things? Yeah? Good. Listen, we just dropped 500 packets on our firewall - how many did you drop today?
Aha.. you sucker! You should run what we run, open-whatever... open- eehhmm..Hey Janet, what was that thing you can upgrade called again?
Editor's Note: These are some great examples of how to introduce OpenBSD to businesses. I've had similar successes with selling OpenBSD as a solution, not on its technical advantages. Please share your own experiences in the comments section.
(Comments are closed)
By Anthony (68.145.117.155) on
In several cases I've simply dropped one in because I had one on hand. When everything was clearly up and running, plans to get more expensive hardware were quietly shelved.
Comments
By wim wauters (217.155.46.165) undeadly@unisoftdesign.co.uk on
I introduced OpenBSD into my clients networks as firewall with OpenVPN and as the quiet fileserver that does NOT need to reboot every weekend and doesn't need any attention :-)
By Anonymous Coward (81.83.46.216) on
Comments
By Anonymous Coward (24.37.242.64) on
I think so too and from the mailing list, a lot of people gave very good feedback and tips!
I too was thinking of compiling them all into something like this for an undeadly.org article.
Regards.
By Anonymous Coward (129.21.133.60) on
Comments
By Brad (2001:470:8802:3:216:41ff:fe17:6933) brad at comstyle dot com on
Because personalities from other OS's are so much better, not.
Comments
By Anonymous Coward (129.21.133.60) on
>
> Because personalities from other OS's are so much better, not.
What are you talking about? Steve Ballmer is a fun loving guy.
Comments
By Brad (2001:470:8802:3:216:41ff:fe17:6933) brad at comstyle dot com on
>
> What are you talking about? Steve Ballmer is a fun loving guy.
Watch out for the flying chairs.
By Simon Bertrang (85.182.72.7) simon@ on
*cheer*
By tanvir (tanvir) tanvir900@gmail.com on http://tanvir1.blogspot.com/
Comments
By Sunnz (sunnz) on http://www.sunnz.org
Proudly running OpenBSD 4.2 here in Canberra at home and counting!!
Never thought about promoting/evangelise about it though.
By Dennis van Zuijlekom (tmib) t m i b AT x s 4 a l l DOT n l on
By Anonymous Suit (76.99.231.252) on
Trick 1 - Cheap beats expensive, but free is unsellable. The reason is that the business wants to hold someone accountable, if they have a problem. There needs to be a legitimate business behind the product.
Trick 2 - Businesses aren't ruled by fear or being hacked. They are concerned about legal risk, image and failing audits that cost business. This all ultimately boils down to dollars. A good step toward selling a product is listing how it will help pass the next audit or put you in compliance. I have seen companies spend MILLIONS to pass audits, because it lets them gain or keep business.
Trick 3 - Companies definitely want to see market leaders or competitors using a product, particularly if they haven't heard of it.
Trick 4 - I don't think this carries much weight.
Trick 5 - Companies generally don't object to projects with no budget that enhance the network. If the company says no to say IDS, setup OpenBSD and run snort to show them how well it works.
Trick 6 - I don't think this has much impact.
A couple of major concerns for corporations that you didn't discuss and are very important in the decision process are training, support, and image.
Training - A company needs more than one person to understand an OS. There are less OpenBSD people than Microsoft, particularly in the corporate world. Where do these people get trained? What certification can they achieve? Juniper is a great example of a company that tries to convert network engineers. Support is another issue. A company needs to provide support for a product.
Support - Who can I call, if I get stuck with OpenBSD? I am not aware of a Redhat alternative for OpenBSD.
Image - OpenBSD as a community doesn't seem concerned with gaining users or helping them much. This isn't a criticism, its an observation of a barrier to market acceptance.
Comments
By Ed Ahlsen-Girard (204.49.40.232) girarde@alum.rpi.edu on
Remember, though, that if your company is smart they recognize that your time is a precious commodity, and you may need to convince them that setting up OpenBSD and snort is worth more than what you would have done otherwise.
By Anonymous Coward (121.210.169.22) on
Some organizations openly using OpenBSD for firewalls or servers:
* NASA Advanced Supercomputing (NAS) Division
* Adobe
* Armorlogic
* Human Rights and Equal Opportunity Commission, Australia
* INFN Italian Institute of Nuclear Physics, Florence, Italy
Companies typically don't advertise what security products they use though. Often when they do it's a commercial endorsement, which is a conflict of interest and so pretty worthless. However these following companies have donated to OpenBSD, as if they have vested interests:
* VMware, Inc.
* Intel
* Advanced Micro Devices, Inc.
* Google
* Adobe
* Ernst & Young
* Price Waterhouse
* Hewlett-Packard
* Compaq Computer Corp.
* US DoD via DARPA (Pentagon and US Air Force).
* LSI Logic Corporation
* Motorola Labs - Schaumburg, IL
* Vonage
* Xircom
* AMI
* Adaptec, Inc
* Cyclades Corporation
* Emulex Corporation
* HighPoint-Tech
* ICP-Vortex
* Infineon Technologies
* Internet Engineering Group
* Internet Software Consortium
* SmoothWall Ltd.
* 3Ware
* ADMtek
* Areca Technology Corporation
* GoDaddy
* Hawk Technologies, Inc
* Initio Corporation
* Iron Systems, Inc.
* Knowledge Matters Ltd
* KoreLogic, Inc.
* New York Internet
* Tehuti Networks Ltd
* Tekram Technology Co., Ltd.
* The USENIX Association
* WildPackets, Inc.
That's just the cream from around 400 companies (plus 3,600 individuals).
Some companies and projects using software developed by the OpenBSD developers in their own products:
* Microsoft (Microsoft Services for UNIX)
* Cisco (switches and routers - OpenSSH)
* Juniper (JUNOS - OpenSSH)
* Nokia IPSO (Nokia Firewalls - OpenSSH)
* Novell(OpenSSH)
* Dell (switches - OpenSSH)
* Cacheflow proxies (now known as Bluecoat - OpenSSH)
* Packeteer (PacketShapers - OpenSSH)
* Top Layer (IDS load balancers)
* IBM (AIX - OpenSSH)
* Hewlett-Packard (switches and HPUX - OpenSSH)
* Sun Microsystems (Solaris - OpenSSH)
* Apple (OS X)
* Silicon Graphics (IRIX - OpenSSH)
* Armorlogic
* Stallion (Firewalls)
* IPCop (Firewalls - OpenSSH)
* SmoothWall (Firewalls - OpenSSH)
* GeNUA (Firewall and VPN appliances)
* CebaTech (OpenBSD based ASIC and FPGA logic)
* Core Security (security products)
* assurent (uses OpenBSD for firewall and VPN solutions)
* NetThruPut (anonymous crude oil trading systems, IDS)
* Network Security Technologies (IDS and VPN for US DoD and govt.)
* Digi
* Alcatel
* All Linux systems
* FreeBSD
* NetBSD
* BSDi
By jason (TheDudeAbides) jason@snakelegs.org on http://www.snakelegs.org
"...having toys..." --- I've thought that the /phb directory should be in base (man 7 hier). You can know that you're doing a good job, but without eye candy, management won't know or care. In addition to showing the thwarted spam attempts, display an estimate of how much money was saved in staff time. Include the intangibles as marginalia, as well. "In addition to directly wasting staff time and resources, spamd helps guard staff from offensive and demoralizing spam, as well as financial fraud schemes."
Edward Tufte's Visual Display of Quantitative Information should be required reading for all IT staff. Sparklines are a winner.
Upgrades with Janet? "Would you like a drink before we mergemaster?"
By Anonymous Coward (129.132.105.165) on
From my experience, managers love to solve problems once and for all. Remind them of the huge efforts to migrate from one release of RedHat to the next, from one release of Windows to the next.
With OpenBSD, it is like having a single release OS with long time support integrated into it.
By Raymond (82.210.249.81) raymond@dyn.org on
The one thing understandable about OpenBSD for non-technical is that it's readily available.
Make a solid proposal, burn a free CD and skip the regular purchase process. You're in business two months earlier.
Once it's there start using the nice OpenBSD goodies to the advantage of the business and they'll learn to love it (what? Same security without the month waiting time?).
Oh, and make sure you'll have an on-call contract with one of the OpenBSD support partners, don't let your ego ruin a perfectly good defendable business argument.
By Lawrence Teo (lteo) lteo.openbsd1 ! calyptix.com on http://www.calyptix.com/
I've been selling an OpenBSD-based product through my company Calyptix Security for a number of years, so I just thought I'd share some of my experiences. It has been a long painful journey for me, a geek who's been programming all his life trying to learn how to sell. So hopefully what I mention here will be of some help, both to give you ideas as well as to avoid making the same mistakes I've made in the past.
Selling is definitely still not second nature to me (I'd still rather be coding!) but our company has been blessed with a really good sales team who really care for our clients, and I have learned a ton from them.
Selling something at the end of the day is just fulfilling a need. The client has a need, you have a solution, the client pays for it, both sides benefit. Now both you and the client are better off than you were before the transaction; the client has your solution that resolves a problem, and you got paid for your product/services.
I work very closely with our sales team and talk to our clients a lot, to identify first-hand what our customers' needs are and how we can fulfill them. Listening is key.
When you're selling a solution, your approach depends on who your target client is. Is it a small business or large business? What industry are they in? Different clients require different approaches. Some have a specific problem they can describe to you, some are not aware of their problem, some are concerned about compliance, some about employee productivity, others about cost savings. You need to find their pain point. It depends on the culture too. Who has the pain point? Who makes the final decision? The owner, or someone else?
The types of clients I'm most familiar with are small businesses. Most small business owners just want to get work done. Most are not concerned about security unless they've been bitten before. And they're very cost-sensitive.
The beauty is, by using OpenBSD, a highly secure and stable OS, you are able to significantly lower TCO -- which is often more important to many business owners than greater security. The net result is better performance with greater security at lower costs. So both sides win -- you the techie and the business owner.
The thing is, most business people have almost certainly never heard of OpenBSD, so how do you convince them to use it?
For us, we almost never lead our sales process with OpenBSD (unless we know for sure that the customer knows OpenBSD). We identify a need that the client has, and we present a solution that fulfills that need. After that solution is presented, OpenBSD is usually mentioned at the end, as the "icing on the cake."
"Oh BTW the solution runs on OpenBSD, the most secure operating system in the market. It has just two remote holes in default mode in the past ten years (note: you might want to make a comparison with the security track record of other operating systems here, if you wish). And it's very robust and stable too."
For example, suppose the client has an expensive email server that works half the time and has to be rebooted at least once every week. Don't sell them by saying OpenBSD is more secure and robust than their server's OS; say that you'll be able to build an email server that is more reliable and costs less. And that not having to reboot means greater productivity for everyone since there's no downtime. And oh, it'll be built on OpenBSD, which happens to be the most secure operating system in the market, so there's less patching required, thus less maintenance costs.
Remember: faster, better, cheaper.
Your existing customer testimonials will go a long way. Get quotes or do brief case studies from your best customers, and present them to your new client. For example, you can see some of Calyptix Security's customer testimonials here.
If you encounter objections, don't be discouraged. Remember that objections are merely requests for more information. :)
Lastly I agree with what "Anonymous Suit" said above. Businesses are concerned about training and support. If you're an individual consultant, you'll need to figure out a way to provide the support that they need. Or convince them that if you ever get hit by a bus, they'll have the support/documentation they need to let someone else take over.
In the end, you'll need to keep refining your sales techniques until you end up with a process that works.
There's still so much more to say, but I might exhaust undeadly.org's disk space if I continue. :)
I hope this has been somewhat helpful. All the best selling OpenBSD!!
By Anonymous Coward (208.71.184.41) on
1) Lack of hardware support. I mean multi core systems,
interrupts polling, Message Signaled Interrupts, suspend to disk for
laptops, 3D accelleration <place your hardware here>
So we have 4sockets 4cores system, eh ? Or just modern laptop?
Forget about OpenBSD.
2) Lack of software ___officially___ supported on OpenBSD.
Java, Oracle, DB2, <place your software here>. Or ?dumb?
users apps like flash?
Those reasons are MOST important in ALL environments.
So only place we can use OpenBSD is small firewalls. Unfortenately...
P.S. We currently use NN OpenBSD firewalls,
and I'm worried about OpenBSD can be option for
___modern___ hardware.
Comments
By jason (jason) jason@dixongroup.net on http://www.dixongroup.net/
>
> 1) Lack of hardware support. I mean multi core systems,
> interrupts polling, Message Signaled Interrupts, suspend to disk for
> laptops, 3D accelleration <place your hardware here>
> So we have 4sockets 4cores system, eh ? Or just modern laptop?
> Forget about OpenBSD.
>
> 2) Lack of software ___officially___ supported on OpenBSD.
> Java, Oracle, DB2, <place your software here>. Or ?dumb?
> users apps like flash?
>
> Those reasons are MOST important in ALL environments.
>
> So only place we can use OpenBSD is small firewalls. Unfortenately...
>
> P.S. We currently use NN OpenBSD firewalls,
> and I'm worried about OpenBSD can be option for
> ___modern___ hardware.
Funny, I use OpenBSD for firewalls, web servers, mail servers, Java application servers,
streaming AV servers (DSS), compute farms, and workstations. I've used it on brand new
workstations, servers and laptops.
Maybe it's just a reflection on your incompetencies as a user.
Comments
By Lennie (194.213.15.37) on
> > and I'm worried about OpenBSD can be option for
> > ___modern___ hardware.
>
> Funny, I use OpenBSD for firewalls, web servers, mail servers, Java application servers,
> streaming AV servers (DSS), compute farms, and workstations. I've used it on brand new
> workstations, servers and laptops.
>
> Maybe it's just a reflection on your incompetencies as a user.
I only deal with servers, everytime I check if the hardware is supported and still it turns out there are things not working.
Like the Dell 2950 we have here, which turns out to only be supported by snapshot or not-yet-released-3.4.
It didn't even boot, that sort of stuff can be annoying.
I know it's a small detail that is the cause of that, but it's still disappointing.
Comments
By Anonymous Coward (129.174.113.70) on
If you're going to be a troll, be pro enough to call it not-yet-released-4.3
By Anonymous Coward (203.20.79.132) on
>
> Like the Dell 2950 we have here, which turns out to only be supported by snapshot or not-yet-released-3.4.
>
> It didn't even boot, that sort of stuff can be annoying.
>
> I know it's a small detail that is the cause of that, but it's still disappointing.
So you put the cart before the horse and then blame the horse?
When you plan a solution, hardware choice should come after software.
Comments
By Anonymous Coward (208.71.184.41) on
> >
> > Like the Dell 2950 we have here, which turns out to only be supported by snapshot or not-yet-released-3.4.
> >
> > It didn't even boot, that sort of stuff can be annoying.
> >
> > I know it's a small detail that is the cause of that, but it's still disappointing.
>
> So you put the cart before the horse and then blame the horse?
>
> When you plan a solution, hardware choice should come after software.
>
So we should consider P1-150? Common, Dell 2950 is commodity, not hight-end box, so I expect such hardware work with any recent OS.
Comments
By Lennie (82.75.29.106) on
> > >
> > > Like the Dell 2950 we have here, which turns out to only be supported by snapshot or not-yet-released-3.4.
> > >
> > > It didn't even boot, that sort of stuff can be annoying.
> > >
> > > I know it's a small detail that is the cause of that, but it's still disappointing.
> >
> > So you put the cart before the horse and then blame the horse?
> >
> > When you plan a solution, hardware choice should come after software.
> >
>
> So we should consider P1-150? Common, Dell 2950 is commodity, not hight-end box, so I expect such hardware work with any recent OS.
Actually it turns out there a different versions at Dell, the number stays the same, but the hardware inside is of a newer generation every few months or years.
The one we got turned out to be newer then the one we expected to get.
For example the PECL (onboard RAID) was 6 not 5.
By Anonymous Coward (59.167.252.29) on
> > >
> > > Like the Dell 2950 we have here, which turns out to only be supported by snapshot or not-yet-released-3.4.
> > >
> > > It didn't even boot, that sort of stuff can be annoying.
> > >
> > > I know it's a small detail that is the cause of that, but it's still disappointing.
> >
> > So you put the cart before the horse and then blame the horse?
> >
> > When you plan a solution, hardware choice should come after software.
> >
>
> So we should consider P1-150? Common, Dell 2950 is commodity, not hight-end box, so I expect such hardware work with any recent OS.
You are grossly exagerating.
On the Dell models I've had problems with, it turns out that the same model was already found to be working with OpenBSD. What the problem came down to, was the RAID card option.
The LSI/AMI cards were fine, the problem machines were those equiped with Adaptec cards.
So again, it should be stressed, you should spec your hardware purchase on your software requirements.
By Anonymous Coward (70.173.172.228) on
>
> 1) Lack of hardware support. I mean multi core systems,
> interrupts polling, Message Signaled Interrupts, suspend to disk for
> laptops, 3D accelleration <place your hardware here>
> So we have 4sockets 4cores system, eh ? Or just modern laptop?
> Forget about OpenBSD.
>
> 2) Lack of software ___officially___ supported on OpenBSD.
> Java, Oracle, DB2, <place your software here>. Or ?dumb?
> users apps like flash?
>
> Those reasons are MOST important in ALL environments.
>
> So only place we can use OpenBSD is small firewalls. Unfortenately...
>
> P.S. We currently use NN OpenBSD firewalls,
> and I'm worried about OpenBSD can be option for
> ___modern___ hardware.
I think you meant to say
'BSD is dying, NetCraft confirms it'
By CODOR (CODOR) on
> Forget about OpenBSD.
When I build a system I only buy hardware that I know will work with OpenBSD. Even if I have no intent to ever run OpenBSD on it...
Comments
By Anonymous Coward (156.143.83.176) on
> > Forget about OpenBSD.
>
> When I build a system I only buy hardware that I know will work with OpenBSD. Even if I have no intent to ever run OpenBSD on it...
Seconded.
By Niall O'Higgins (69.12.154.240) niallo@openbsd.org on http://www.niallohiggins.com
>
> 1) Lack of hardware support. I mean multi core systems,
> interrupts polling, Message Signaled Interrupts, suspend to disk for
> laptops, 3D accelleration <place your hardware here>
> So we have 4sockets 4cores system, eh ? Or just modern laptop?
> Forget about OpenBSD.
>
> 2) Lack of software ___officially___ supported on OpenBSD.
> Java, Oracle, DB2, <place your software here>. Or ?dumb?
> users apps like flash?
>
> Those reasons are MOST important in ALL environments.
>
> So only place we can use OpenBSD is small firewalls. Unfortenately...
>
> P.S. We currently use NN OpenBSD firewalls,
> and I'm worried about OpenBSD can be option for
> ___modern___ hardware.
There are a great many situations where people don't care about Oracle or Java, or even SMP performance or >4G memory particularly. OpenBSD is an excellent platform for Web applications of various sorts, for instance. Same for mail, DNS and a large range of utility roles. Also a fantastic choice for generic shell servers. I've been very pleased with PostgreSQL on OpenBSD of late.
I don't think anyone is saying OpenBSD is without limitations.
By Ray Percival (sng) on http://undeadly.org/cgi?action=search&sort=time&query=sng
If you're selling a platform you're not ready to implement that platform for anybody. Tools come and go and things change what matters is your relationship with whoever has decision making abilities. Do your job and do it well with whatever tools you're handed. Always be thinking, try to pull at least one miracle out of you ass every day, become the guy that the boss knows he can call at 0330 and you'll be there and make him look like a Big Damn Hero. In short work very hard and be the best at your job for wherever you happen to be.
Don't worry about knowing when you're ready to move to the next step part of being ready is knowing. Very zen I know but it happens to be true. When you feel like your boss knows you're good at what you do and that you have his back wait for some problem to come along that you can solve with OpenBSD. Make it small and easy. A slamdunk. Float the suggestion. "Give me a box and I can make that problem go away." or words to that effect. Then make her look good by doing it and doing it very well. After that it will all kind of just follow. They'll want you to work with the tools you know and like because they know that will make them look good.
In short put in the blood sweat and tears till you have the cred to use the tools you want because of who you are. After that it's easy. Just takes time.
By Anonymous Coward (75.147.2.53) on
One quick question...
Where does the following statistic come from?
>> "amount of attacks on a webserver can go down by 40% just because the bad guys see it is running OpenBSD"
Any other interesting statistics, useful in promoting OpenBSD?
Comments
By Ray Percival (sng) on http://undeadly.org/cgi?action=search&sort=time&query=sng
>
> One quick question...
> Where does the following statistic come from?
>
> >> "amount of attacks on a webserver can go down by 40% just because the bad guys see it is running OpenBSD"
His ass.