Contributed by jose on from the we-lack-time-to-babysit dept.
I had thought about turning comments off indefinitely, they've been spoiled by a few jerks who don't know how to hold constructive conversations and are pretty terrible flamers, as well. You now know where they are, manybe you'll want to go ask them why they feel they have to waste time all night pissing in someone else's forums. Jim and I lack the time to deal with this, but we have the time to maintain the site through story updates and the like (but not through new code features like moderation and troll cookies). Ultimately its the community that defines a site, and IP posting drives away the legitimate posters and doesn't seem to stop the trolls.
(Comments are closed)
By Aasmund () on
Comments
By Aasmund () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
we have all heard these trolls in other forums
we DONT need to hear them here.
I have always used this board AND especially the on-topic discussions in the comments as an additional technical resource besides the mailing lists and source tree. The Claims are true
whether you hold that view is inmaterial to the technical discussion at hand. Please go away.
to the moderators Please leave comments on
and dont get discouraged, its not the sewer that other places have become.
thanx for this resource
an OpenBSD user
By Anonymous Coward () on
So sad...
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
"If you don't like openbsd or this forum or whatever... go away and quit bugging us"
it's so simple ;)
I hope this can continue to be a moderated technical forum... without trolls...
Comments
By Anonymous Coward () on
Yes, I have responded to a troll. And my post hides behind the AC tag. I like OpenBSD, and use it whenever I can. It contains bugs. It contains unfound security flaw. I still like it, and I like this site. The discussions are very helpful, and I have learned alot from the contributors and commentors.
Peace.
Comments
By Anonymous Coward () on
By grey () on
If there's anything I've heard that really resembles a true motto to OpenBSD developers, it's "shut up and hack" -maybe- "show me the code" but they're pretty much the same. And yet every time the "X years without Y holes" comes up on deadly we get into the bullshit battles.
We see crap like http://marc.theaimsgroup.com/?l=openbsd-misc&m=105079599620924&w=2 and then never see the proported vulnerability show up.
and this: http://deadly.org/article.php3?sid=20030407135319
And it's not just PaX/GRSec proponents either - the whole MicroBSD saga(s) were mind numbing e.g.
http://deadly.org/article.php3?sid=20030204011311
I hear accusations of ego & stubbornness, "Theo is an asshole" constantly - how many of those people have met the guy? Who judges a person based just on what they write on line? For those that seem so outspoken to critize OpenBSD, I sure hope they don't - because if they judged their IRL selves against their own 'tard remarks they'd probably feel pretty lame.
All the recent OpenCULT bullshit is just plain annoying too. I will gladly admit that I'm a fan of OpenBSD, but by no means does that mean it's all I use, or that it's flawless or that other systems don't have any advantages going for them. I'm even writing this from a system which has the grsec extensions installed at this moment (omg). I've been following OpenBSD long enough to see mistakes that have been made, but more importantly than that - I've seen how many of them have been corrected, and attitudes have changed. Without change, you stagnate. It takes a lot of character to change your mind about something which you previously had strongly heald beliefs about.
And for all the whining you hear about the attitude of OpenBSD developers and users - the attitude that stands out in the work is one that focuses on quality, and it shows. If THAT component is ever lacking, then I'm sure that current users and developers will migrate from it in droves. If they let a serious problem sit unsolved, it wouldn't have any claim to security. But they don't, for the few they have they do a damn better job than most of their competitors. Theo is not preaching the gospel (I personally think that Mark Grime's guttman diff to rm is a smart move that should be adopted as just one example), and yet we have the baseless accusations of the CULT. Posted no less on sites affiliated more with blachat anti-sec proponents who favour secrecy rather than openness (and yet they didn't seem to parrot Palahniuk's FIRST RULE and they keep running their mouths off).
In the end, it doesn't matter if you have a million remote roots, or if you dreamed up the atom bomb so long as you keep them in your back pocket. As long as you keep them private, or not back up your CVS server. I certainly won't argue with secrecy or tell you what your responsibilities are, and I think there are good reasons to not patent things, or not publish things. However, if you -DON'T- show proof of your claims then you should stop complaining in the event that another group puts out similar work, or claims to be secure just because they're not aware of your stockpile of exploits that you never told them about.
It's all in the attitude - and that attitude continues throughout OpenBSD users and developers, who would rather see the code, shut up and hack - and stop wasting time on trollish unsubstantiated arguments.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By netchan () deadly@netchan.cotse.net on mailto:deadly@netchan.cotse.net
netchan
Comments
By Nate () on
By Gunnar () gwolf@gwolf.cx on http://www.gwolf.cx
By Anonymous Coward () on
Possible answers are not:
"well, they audit their code a lot" -> They did not advance the state of system security, look at what Stanford has done.
"W^X" -> PaX - any usefulness, stupid implementation
"systrace" -> poor re-implementation of a failed concept that's been shown to be useless in academic papers
"stack randomization" -> ditto
"mmap randomization" -> ditto, plus the reordering which is completely useless, but something to make it look like they're just not ripping everything off from others.
"strlcpy" -> not valid, doesn't fix buffer overflows
"privilege separation" -> an obscurity measure. OpenBSD has too many local kernel vulnerabilities that can be executed within the compromised task, not requiring any access to the filesystem, so this is useless.
I will stop posting here if someone can give me one example of something legitimate OpenBSD has done THEMSELVES to advance the state of system security. Show me OpenBSD isn't just a bunch of repackagers of hacks that have already been done elsewhere, or trivial modifications on known implementations (much like your average script kiddie would do to hide their ripping of code). You find it appropriate to claim OpenBSD is more secure than every other OS, yet where are all your features and code coming from?
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By Anonymous Coward () on
The question was what has OpenBSD contributed that has not been there before. Packet Filter is the correct answer. It's not the first firewall, but it's the first firewall to take care of NAT, traffic control, load ballancing, etc. within one simple config file. This is something that OpenBSD did THEMSELVES, and it's quite advanced compared to what's out there.
There's no need to put OpenBSD down, just as there's no need to put Linux down. They benefit each other because their cultures are different. One(linux) is waking the world up to having a choice in OS and making an excellent cut into M$ dominance. The other is not worried about being a public spectical(OpenBSD) but is devoted to coding and building a robust system. Linux can learn from *BSD, and *BSD can learn from Linux too.
Comments
By Anonymous Coward () on
http://www.checkpoint.com/press/1996/synattack.html
I only asked for one example, this shouldn't be hard, and you shouldn't have to lie to try to prove it. You're only helping to prove my point that OpenBSD is just a bunch of ripped and repackaged ideas from other sources, sources that you like to criticize and call stupid (my use of "you" in this case refers to the typical OpenBSD user; it appears you realize that Theo's derision of everyone else in the community serves no purpose).
Comments
By bernie () bernie724@yahoo.com on mailto:bernie724@yahoo.com
Bernie
Comments
By Anonymous Coward () on
You can have a room full of monkeys audit code like OpenBSD has for the past 7 years. Innovation is what the Stanford checker has done for auditing.
Comments
By bernie () bernie724@yahoo.com on mailto:bernie724@yahoo.com
1: a creation (a new device or process) resulting from study and experimentation
“The innovation of OpenBSD is that it works for me.”
You seem to have a personal problem with Theo. Your hysterics here clearly make you worse then your perception of him. In your mind there is no answer to your question. My previous comment was to disarm your rhetoric; not to answer for OpenBSD's claims. Contact them for the information you seek. You’re an angry programmer spewing insults onto whoever responds.
Bernie
By anonymizer.com must be cool if trolls use it () on http://openbsd.org/security.html
http://openbsd.org/crypto.html
BTW, while pf is certainly not the first firewall, its functionality is pretty broad and I think somewhat unrivaled (e.g. scrub, authpf, altq, p0f integration).
Particularly read some of the papers linked from the above pages - OpenBSD's crypto API & integration is really unmatched, especially if you start looking at FreeSWAN or Windows IPSec implementations.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
What the OpenBSD group does it does very well. Sure there are mistakes that are made, mistakes are made with every Operating System. There's just no point in bashing someone because of their Operating System choice.
If you've found bugs instead of trolling around on a news board taunting people who have done you no wrong why not post them someplace useful.
By Anonymous Coward () on
OpenBSD is not about advancing the state of security, it's about having a secure system. If that means copying ideas that people have essentially placed in the public domain, who cares? Only a fool will ignore a good idea simply because someone else thought of it first.
Comments
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Lastly, if someone stole your idea, you wouldn't have it anymore, and it's appropriate to call the police instead of posting here Don't you Think?
By Chris Cappuccio (198.175.14.5) president@Whitehouse.Gov on
By Anonymous Coward () on
Can I have 10 people reply to this message saying that systrace policy will protect the rest of your system from intrusion? Once 10 replies are received, I will follow up. If you feel this policy is a bad example (if for some reason you feel bind is unhackable..or whatever other crazy excuses you OpenBSD people come up with), please give me any other systrace policy you like.
Comments
By c () on
Anyway, bind is not running by default, and it is unhackable in a non-running state, so having a copy of named on the machine's hard drive does not constitue an exploit. You are the same fool who's been complaining about 'innovation' and 'creativity' yet you seem to have none in coming up with these points of yours.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Opposing opinions, different points of view, are always welcome in my book, it is when the presentation of those ideas are presented in such a childish and immature manner that those opposing points of views are considered trolls. IMHO that's the same for the OBSD loyalists in the group as well. There's nothing wrong with legitimately questioning OBSD.
Really there's no reason to yell use profanity call someone an idiot or whatever, it's just computers and while computers are a huge part if not the bulk if what I do in my life right now and while I do get hot sometimes I try to always just stick to the facts and stay away from uneeded comments insults etc. Doing these simple things creates sprited debate that stays at a constructive level.
I can remember when stories on deadly only had a few comments and all of those comments were very constructive, even the ones that had opposing viewpoints, I think it will be hard to achieve that again as trolls seem to come with popularity. I do think that the majority of deadly.org readers can look past those few and continue to keep good spirited debate alive.
Regards-
Comments
By Anonymous Coward () on