OpenBSD Journal

Comments turned off

Contributed by jose on from the we-lack-time-to-babysit dept.

"If you add a teaspoon of wine to a barrel of sewage, you still have sewage. If you add a teaspoon of sewage to a barrel of wine you now have more sewage."

I had thought about turning comments off indefinitely, they've been spoiled by a few jerks who don't know how to hold constructive conversations and are pretty terrible flamers, as well. You now know where they are, manybe you'll want to go ask them why they feel they have to waste time all night pissing in someone else's forums. Jim and I lack the time to deal with this, but we have the time to maintain the site through story updates and the like (but not through new code features like moderation and troll cookies). Ultimately its the community that defines a site, and IP posting drives away the legitimate posters and doesn't seem to stop the trolls.

(Comments are closed)


Comments
  1. By Aasmund () on

    are they turned on again.

    Comments
    1. By Aasmund () on

      Hurray! they are!

  2. By Anonymous Coward () on

    Is anybody who questions the OpenBSD claims is a troll by definition? I did not see much beyond that...

    Comments
    1. By Anonymous Coward () on

      Sigh, most of here have migrated from OTHER OS's
      we have all heard these trolls in other forums
      we DONT need to hear them here.
      I have always used this board AND especially the on-topic discussions in the comments as an additional technical resource besides the mailing lists and source tree. The Claims are true
      whether you hold that view is inmaterial to the technical discussion at hand. Please go away.
      to the moderators Please leave comments on
      and dont get discouraged, its not the sewer that other places have become.

      thanx for this resource
      an OpenBSD user

    2. By Anonymous Coward () on

      I think it's pretty sad that anyone that doesn't think OpenBSD is the greatest thing on earth is clearly a troll. What's that? You offered criticism? Implying that Theo might be wrong? Troll! Delete his post!

      So sad...

      Comments
      1. By Anonymous Coward () on

        I agree. The stranglehold that groupthink has on a site like this is disgusting.

        Comments
        1. By Anonymous Coward () on

          I have to write this again:
          "If you don't like openbsd or this forum or whatever... go away and quit bugging us"

          it's so simple ;)

          I hope this can continue to be a moderated technical forum... without trolls...

          Comments
          1. By Anonymous Coward () on

            You post this as an AC? And you expect it to have any weight in the discussion? The discussion involves groupthink and the effects create by it. Your statement does nothing to help - it itself looks like another troll.

            Yes, I have responded to a troll. And my post hides behind the AC tag. I like OpenBSD, and use it whenever I can. It contains bugs. It contains unfound security flaw. I still like it, and I like this site. The discussions are very helpful, and I have learned alot from the contributors and commentors.

            Peace.

            Comments
            1. By Anonymous Coward () on

              You think someone posting as "BSDHacker" or "EQAddict" is any less of an Anonymous Coward than someoneone who doesn't identify himself, or that his points are any less valid?

  3. By grey () on

    I'm sick of this bullshit, and I'm sure I'm not the only one who wishes that Jose and Dengue actually _did_ have more time to do a real overhaul of deadly so that we could be rid of these AC spewers of claims that aren't backed up.

    If there's anything I've heard that really resembles a true motto to OpenBSD developers, it's "shut up and hack" -maybe- "show me the code" but they're pretty much the same. And yet every time the "X years without Y holes" comes up on deadly we get into the bullshit battles.

    We see crap like http://marc.theaimsgroup.com/?l=openbsd-misc&m=105079599620924&w=2 and then never see the proported vulnerability show up.

    and this: http://deadly.org/article.php3?sid=20030407135319

    And it's not just PaX/GRSec proponents either - the whole MicroBSD saga(s) were mind numbing e.g.
    http://deadly.org/article.php3?sid=20030204011311

    I hear accusations of ego & stubbornness, "Theo is an asshole" constantly - how many of those people have met the guy? Who judges a person based just on what they write on line? For those that seem so outspoken to critize OpenBSD, I sure hope they don't - because if they judged their IRL selves against their own 'tard remarks they'd probably feel pretty lame.

    All the recent OpenCULT bullshit is just plain annoying too. I will gladly admit that I'm a fan of OpenBSD, but by no means does that mean it's all I use, or that it's flawless or that other systems don't have any advantages going for them. I'm even writing this from a system which has the grsec extensions installed at this moment (omg). I've been following OpenBSD long enough to see mistakes that have been made, but more importantly than that - I've seen how many of them have been corrected, and attitudes have changed. Without change, you stagnate. It takes a lot of character to change your mind about something which you previously had strongly heald beliefs about.

    And for all the whining you hear about the attitude of OpenBSD developers and users - the attitude that stands out in the work is one that focuses on quality, and it shows. If THAT component is ever lacking, then I'm sure that current users and developers will migrate from it in droves. If they let a serious problem sit unsolved, it wouldn't have any claim to security. But they don't, for the few they have they do a damn better job than most of their competitors. Theo is not preaching the gospel (I personally think that Mark Grime's guttman diff to rm is a smart move that should be adopted as just one example), and yet we have the baseless accusations of the CULT. Posted no less on sites affiliated more with blachat anti-sec proponents who favour secrecy rather than openness (and yet they didn't seem to parrot Palahniuk's FIRST RULE and they keep running their mouths off).


    In the end, it doesn't matter if you have a million remote roots, or if you dreamed up the atom bomb so long as you keep them in your back pocket. As long as you keep them private, or not back up your CVS server. I certainly won't argue with secrecy or tell you what your responsibilities are, and I think there are good reasons to not patent things, or not publish things. However, if you -DON'T- show proof of your claims then you should stop complaining in the event that another group puts out similar work, or claims to be secure just because they're not aware of your stockpile of exploits that you never told them about.

    It's all in the attitude - and that attitude continues throughout OpenBSD users and developers, who would rather see the code, shut up and hack - and stop wasting time on trollish unsubstantiated arguments.

    Comments
    1. By Anonymous Coward () on

      Two vulnerabilities in the same file that were not present in the code they were ripping from. They can't even rip code properly without adding exploitable holes. You call this QUALITY? Apparently your definition and my definition are entirely different.

    2. By Anonymous Coward () on

      In this day of non-disclosure, you're fully entitled to your opinion that "it doesn't matter if you have a million remote roots", but it's a poorly-based, stupid opinion. Don't think it doesn't affect you. Just because some hacker doesn't choose to use his private exploit on you does not mean you will not be affected. Think about OpenBSD developer machines, OpenBSD machines. Theo doesn't seem to think formal trusted systems are of any worth. How does it feel to know the code to your OS is protected only by the code of the OS itself, which has been shown over and over again to be bug-ridden? In the "best" case, it's running systrace. If you think that solves anything, you're fooling yourself. It's amazing what you can do with reordering system calls or using ones systrace has no granularity for. Of course, since such constructive discourse is not allowed on this website, we can't talk about that. Instead, keep believing your OS is secure, believe it because Theo says it is.

  4. By netchan () deadly@netchan.cotse.net on mailto:deadly@netchan.cotse.net

    I'm not sure which is worse, trolling or responding to the provocation. Isn't the OpenBSD community mature enough to simply ignore those offensive comments?

    netchan

    Comments
    1. By Nate () on

      No, we're just like everyone else, different. If you want everyone to be mature, you'll have to handpick your community, because people that visit sites like this won't be eqauls in anything, be it intellegence, wisdom, maturity or skill. A pack mixed nuts won't all taste the same, just as a group of mixed people with similar interests won't act the same..

  5. By Gunnar () gwolf@gwolf.cx on http://www.gwolf.cx

    OpenBSD *IS* about trolling! What would be of OBSD without flames, trolls and aggression?

  6. By Anonymous Coward () on

    Can I have someone tell me one thing OpenBSD has done to advance the state of system security?

    Possible answers are not:
    "well, they audit their code a lot" -> They did not advance the state of system security, look at what Stanford has done.

    "W^X" -> PaX - any usefulness, stupid implementation

    "systrace" -> poor re-implementation of a failed concept that's been shown to be useless in academic papers

    "stack randomization" -> ditto

    "mmap randomization" -> ditto, plus the reordering which is completely useless, but something to make it look like they're just not ripping everything off from others.

    "strlcpy" -> not valid, doesn't fix buffer overflows

    "privilege separation" -> an obscurity measure. OpenBSD has too many local kernel vulnerabilities that can be executed within the compromised task, not requiring any access to the filesystem, so this is useless.

    I will stop posting here if someone can give me one example of something legitimate OpenBSD has done THEMSELVES to advance the state of system security. Show me OpenBSD isn't just a bunch of repackagers of hacks that have already been done elsewhere, or trivial modifications on known implementations (much like your average script kiddie would do to hide their ripping of code). You find it appropriate to claim OpenBSD is more secure than every other OS, yet where are all your features and code coming from?

    Comments
    1. By Anonymous Coward () on

      Packet Filter

      Comments
      1. By Anonymous Coward () on

        Right, firewalls didn't exist before the time of OpenBSD.

      2. By Anonymous Coward () on

        You think firewalls are difficult to write? Ever been to college?

      3. By Anonymous Coward () on


        The question was what has OpenBSD contributed that has not been there before. Packet Filter is the correct answer. It's not the first firewall, but it's the first firewall to take care of NAT, traffic control, load ballancing, etc. within one simple config file. This is something that OpenBSD did THEMSELVES, and it's quite advanced compared to what's out there.

        There's no need to put OpenBSD down, just as there's no need to put Linux down. They benefit each other because their cultures are different. One(linux) is waking the world up to having a choice in OS and making an excellent cut into M$ dominance. The other is not worried about being a public spectical(OpenBSD) but is devoted to coding and building a robust system. Linux can learn from *BSD, and *BSD can learn from Linux too.

        Comments
        1. By Anonymous Coward () on

          So you claim that OpenBSD developed these technologies before Firewall-1? Does the simplicity of their configuration cause them to "advance the state of system security"? netfilter rules can be made out of ipf or ipfilter style rules, it's a trivial exercise. I'd like to see some proof that OpenBSD has developed these technologies before anyone else. Though I don't consider throwing together pre-existing technologies an advancement of system security (unless no one would have thought to combine such technologies together), I'll accept this response if you can prove it. You complain that trolls do not prove their statements, so let's see you put your money where your mouth is. In particular, you'll have to show that OpenBSD developed stateful firewalling before 1996. Here is a link:

          http://www.checkpoint.com/press/1996/synattack.html

          I only asked for one example, this shouldn't be hard, and you shouldn't have to lie to try to prove it. You're only helping to prove my point that OpenBSD is just a bunch of ripped and repackaged ideas from other sources, sources that you like to criticize and call stupid (my use of "you" in this case refers to the typical OpenBSD user; it appears you realize that Theo's derision of everyone else in the community serves no purpose).

          Comments
          1. By bernie () bernie724@yahoo.com on mailto:bernie724@yahoo.com

            OpenBSD is designed with minimalist administration from install to production. A simplistic shell script installs the entire system. Network services can be non-existent or plentiful. OpenBSD can easily be tooled as a network workhorse (headless) or an elegant client (diskless). Patching is painless (as long as you keep stable or current on hand). OpenBSD boots a variety of hardware/platforms and the GENERIC kernel is stable. The userland tools are manageable and the man pages are exquisite. Meaningful customization can be accomplished on OpenBSD. Solutions are not canned and do require some preparation, research and thought. The innovation of OpenBSD is that it works for me.

            Bernie

            Comments
            1. By Anonymous Coward () on

              You need to look up the definition of "innovation." If you want to be involved in the discussion, refute my points by giving valid examples. Don't back up my point that for an OS with the goal of being "NUMBER ONE IN THE INDUSTRY FOR SECURITY ( IF WE ARE NOT ALREADY THERE )", it's pretty funny that they're simply repackagers and reimplementers of other people's innovative work.

              You can have a room full of monkeys audit code like OpenBSD has for the past 7 years. Innovation is what the Stanford checker has done for auditing.

              Comments
              1. By bernie () bernie724@yahoo.com on mailto:bernie724@yahoo.com

                Innovation
                1: a creation (a new device or process) resulting from study and experimentation

                “The innovation of OpenBSD is that it works for me.”

                You seem to have a personal problem with Theo. Your hysterics here clearly make you worse then your perception of him. In your mind there is no answer to your question. My previous comment was to disarm your rhetoric; not to answer for OpenBSD's claims. Contact them for the information you seek. You’re an angry programmer spewing insults onto whoever responds.

                Bernie



    2. By anonymizer.com must be cool if trolls use it () on http://openbsd.org/security.html

      http://openbsd.org/security.html
      http://openbsd.org/crypto.html

      BTW, while pf is certainly not the first firewall, its functionality is pretty broad and I think somewhat unrivaled (e.g. scrub, authpf, altq, p0f integration).

      Particularly read some of the papers linked from the above pages - OpenBSD's crypto API & integration is really unmatched, especially if you start looking at FreeSWAN or Windows IPSec implementations.

      Comments
      1. By Anonymous Coward () on

        I don't see anything on the security page other than examples of how incredibly successful their auditing campaign has been. Pages and pages of advisories, in just the default install! I don't doubt they've fixed a lot of bugs they introduced in their attempts to rip code from others.

    3. By Anonymous Coward () on

      hmmmm, inventions or new tought when concerning technology while significant isn't always the end all be all. Improvements of existing technology or re-implementations of existing technology can also be quite significant. For instance, I don't think the Japanese invented the television, the telephone or the radio yet most of the electronics I have in my house are in fact japanese, is this because they created it? Nope, they just made it better.

      What the OpenBSD group does it does very well. Sure there are mistakes that are made, mistakes are made with every Operating System. There's just no point in bashing someone because of their Operating System choice.

      If you've found bugs instead of trolling around on a news board taunting people who have done you no wrong why not post them someplace useful.

    4. By Anonymous Coward () on

      Do you have a point?

      OpenBSD is not about advancing the state of security, it's about having a secure system. If that means copying ideas that people have essentially placed in the public domain, who cares? Only a fool will ignore a good idea simply because someone else thought of it first.

      Comments
      1. By Anonymous Coward () on

        You should care. Theo alienates OpenBSD from the rest of the community with his constant trolling and insulting of others. Since everyone posting to this thread has essentially agreed that OpenBSD is just a bunch of repackaging and reimplementation of others' works, don't you realize that you are not in a position to be rude towards the rest of the community, that have developed the code and ideas you are stealing? OpenBSD is giving themselves a bad image by being unprofessional in public towards others. If Theo would respond to people in a professional manner, sticking only to the technical issues at hand, instead of making the entire basis of his emails infactual personal attacks as was seen on Bugtraq, there wouldn't be this problem (and this kind of attitude is demonstrated by other developers and users as well).

        Comments
        1. By Anonymous Coward () on

          Why should you care about OpenBSD anyway? Your comments conclude you're against OpenBSD and Open Source for that matter. Why are you here if you're against OpenBSD and Open Source? If there were/are any illegal copyright activities, you should call your lawyer and take it out in court. It seems you have personal issues with Theo, so take it up with him personally.

          Lastly, if someone stole your idea, you wouldn't have it anymore, and it's appropriate to call the police instead of posting here Don't you Think?

    5. By Chris Cappuccio (198.175.14.5) president@Whitehouse.Gov on

      Ok, so, if OpenBSD is just a bunch of repackagers, then what are NetBSD, FreeBSD, and even Linux? Or, more directly, WHERE IS THE REAL INNOVATION? There's really only so much that I can see out there. All of the free systems have their own individual features, some of which could be considered innovations. So, where is it ?

  7. By Anonymous Coward () on

    http://blafasel.org/~floh/he/releases/1.1/usr_sbin_named

    Can I have 10 people reply to this message saying that systrace policy will protect the rest of your system from intrusion? Once 10 replies are received, I will follow up. If you feel this policy is a bad example (if for some reason you feel bind is unhackable..or whatever other crazy excuses you OpenBSD people come up with), please give me any other systrace policy you like.

    Comments
    1. By c () on

      If you run your nameserver off of bind in the first place, that is a decision you have made. Use djbdns instead. I think the point is that it provides with it numerous tools from the de-facto standard BSD implementation. This includes bind, nvi, gcc, and numerous other tools that are not theirs but are typical. The same goes with using inetd, if you are like me you turn inetd off as the first act after installation, because it is useless.

      Anyway, bind is not running by default, and it is unhackable in a non-running state, so having a copy of named on the machine's hard drive does not constitue an exploit. You are the same fool who's been complaining about 'innovation' and 'creativity' yet you seem to have none in coming up with these points of yours.

      Comments
      1. By Anonymous Coward () on

        Thanks for fulfilling my vision of an idiot OpenBSD user clearly laid out in the previous post. If you'll see at the end, I asked for any other example of a systrace policy of your choice, if you found the one I provided to be unacceptable for whatever reason.

  8. By Anonymous Coward () on

    Deadly.org has done a lot for the OpenBSD community, it's really sad to see all the trolls that hang out here. I wish everyone could be civil to one another but it appears that's not going to happen. It is unfortunate, but I'm sure the core group of people who really enjoy this website will try hard to avoid the trolls that have seemed to plague this community recently.

    Opposing opinions, different points of view, are always welcome in my book, it is when the presentation of those ideas are presented in such a childish and immature manner that those opposing points of views are considered trolls. IMHO that's the same for the OBSD loyalists in the group as well. There's nothing wrong with legitimately questioning OBSD.

    Really there's no reason to yell use profanity call someone an idiot or whatever, it's just computers and while computers are a huge part if not the bulk if what I do in my life right now and while I do get hot sometimes I try to always just stick to the facts and stay away from uneeded comments insults etc. Doing these simple things creates sprited debate that stays at a constructive level.

    I can remember when stories on deadly only had a few comments and all of those comments were very constructive, even the ones that had opposing viewpoints, I think it will be hard to achieve that again as trolls seem to come with popularity. I do think that the majority of deadly.org readers can look past those few and continue to keep good spirited debate alive.

    Regards-

    Comments
    1. By Anonymous Coward () on

      I appreciate your summary. It describes Theo's actions very well.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]