OpenBSD Journal

Secure by default idea spreads quickly!

Contributed by jose on from the everyone's-adopting-it dept.

Somebody writes: "After reading RSA Conference keynote transcript I'm really impressed. Microsoft is doing their homework. They are going in right directions. There are also some new ideas that could be implemented in OpenBSD. Read on! "

Good to see a few others starting to think in the same terms as OpenBSD's philosophy.

(Comments are closed)

  1. By Christopher () on

    I was at a security meeting which happened to be at a microsoft office a while back - before starting the MS rep had a few words to say. It was odd how many phrases he used like 'secure by default' when describing the next windows platform. It was as if someone at MS came across the openbsd site and thought to themselves 'yea us too' =) I can't remember exactly how long ago this was off the top of my head, he might have been talking about server 2003, I don't remember the XP SP2 stuff being in the press yet at the time.

    1. By Anonymous Coward () on

      It's nice to know that Microsoft is enthralled with BSD-licensed software. I'll bet you they're not only getting ideas and marketing from OpenBSD, they're also running off with lots of code, and SFU or whatever they call it is probably the tip of the iceberg.

      1. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

        "they're also running off with lots of code", we're not Linux weenies here. We try to provide the code free (as in beer) for ANYONE to use for ANY reason.

        1. By Anonymous Coward () on

          Just one word makes your whole statement less meaningful: "weenies".

          You're right MS may copy OpenBSD to their content, but isn't security about building from the ground up and being open? Until they do so, it doesn't matter what they say, or copy. This is why OpenBSD is on top in security.

          1. By grey () on

            "isn't security about building from the ground up and being open?"

            As everyone loves to parrot Schneier - security is a process. Whether that process involves building from the ground up, I couldn't say - but if it is, then OpenBSD has already failed. And where exactly does the ground start anyway, at the application? The OS? What about the BIOS, device firmware, microcode, hardware?

            OpenBSD has a good security track record, but it did not reinvent the wheel; and it is naive to think that other organizations (particularly those with billions of dollars to implement policy decisions) could not also excel as well. MS has a lot of reasons to make security a top priority now, and while currently the public opinion about MS software is horrendous - you don't have to look too far back in history to see that Unix was once viewed in the same eyes of educated, clean code writing folks. Reading the unix hater's handbook you'll see such polemics as " Unix. The World's First Computer Virus" and "Creators Admit C, Unix Were Hoax").

            Anyway, the point I'm getting at is that given its history, OpenBSD really wasn't built from scratch - and security really has little to do with that so much as developers following an intention to be secure. Read the old CVS logs for the goals of the project, security wasn't one of them until later on. And for the few nowadays who have bothered to read core.mail or delve into some of the history of OpenBSD, much of the impetus for focusing on security was due to compromises to theo's machine(s).

            In summation, just like anything in life - the process of security comes from continued improvement, working to fix known problems rather than letting them stagnate. MS appears to be picking up the pace on this one focus; and by the same tolken, it's not a guarantee that OpenBSD will always have, or be able to maintain the same kind of intent.

  2. By Anonymous Coward () on

    But what are they going to do about all those WinXP boxes which will be sold this year, with an unpatched OS? I have heard stories where people get hacked, even if their first internet connection is to apply Service packs.

  3. By Anonymous Coward () on

    I sincerely hope Microsoft does go beyond merely parroting security catch-phrases. If OpenBSD helps guide or influence Microsoft, and Windows tightens up as a result, than OpenBSD will have made a bigger contribution to security than it could ever within the bounds of its own code!

    A more secure MS-Windows can only be a good thing for the world.

  4. By Brad () brad at comstyle dot com on mailto:brad at comstyle dot com

    Quickly?!!? You mean painfully slow. Whatever you're smoking, it's really good.

    1. By Anonymous Hero () on

      My love, have you ever heard of that? Me neither.

  5. By Kurt Miller () on

    Too bad the project didn't trademark the slogan.

  6. By Anybody () on

    "There are also some new ideas that could be implemented in OpenBSD. Read on! "

    Yeah, can we have a "firewall" in OpenBSD ?

    How about "pop-up blocking" ?


Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]