OpenBSD Journal

Newsforge Interviews Theo de Raadt

Contributed by jolan on from the let-self-interest-be-the-rule dept.

NewsForge has posted their Interview with Theo which covers topics such as the development process, 3.9 features (especially the sensor work), a bit about nfe(4) and blobs, and the lack of financial support from companies and vendors who save/make money packaging software from the OpenBSD project. All in all, a good interview covering a breadth of topics. There's some strong words at the end concerning OpenSSH with attention paid to Sun in particular. It's hard to be surprised at this when OpenBSD has taken issue with Sun's business practices in the past.

(Comments are closed)


Comments
  1. By Anonymous Coward (84.188.222.178) on

    Theo said SUN wont get informed if there`s an OpenSSH-Hole (or SunSSH?!).
    Why not doing this with ALL other stuff too?

    I mean oBSD developers or guys from the portstree find bugs and report them. Why not simply pathing it for oBSD or merging the patches into the Portstree and let all the other projects do what they think is right?

    Comments
    1. By Anonymous Coward (128.171.90.200) on

      I guess because it is about "doing the right thing", SUN will just have to hear about it from the security bulletin boards, instead of first hand.

      Comments
      1. By Anonymous Coward (84.188.222.178) on

        But doing the right thing for those who care a shit is a littlebit... useless?

        I mean.. the OpenBSD-Project isn`t the digital Santa Maria or somebody else...

        Why helping developers who simply don`t care and refuse to include patches *hello apache* or why helping companies and maintain a portable version of OpenSSH *AIX,SUN,Blafoo...*.

        Wouldn`t it be better to be more indipendent?
        Sure fixing Bugs in 3rd Party Software is nice but sometimes integrating them is maybe better (e.g. apc-upsD or some tools to write DVDs/CDs. I don`t mean KDE of course).

        How many patches where send to OpenOffice-Developers?
        I read somewhere there about some houndrets...

        I mean how can the developers stay that happy? I would be derpessed badly and would just help those who care and help me if I call for aid.


        But maybe Theo and the others are just better humans... at least better then I could be maybe. :-/

        Comments
        1. By Anonymous Coward (128.171.90.200) on

          Most bug-fixes in 3rd party software appear to come from making said software work on OpenBSD, or by spotting bugs in the software. Pushing it back to the original developers is generally considered good form, and means that others benefit. It also means that you do not have to maintain the patches yourself and can incorporate changes from the main tree easily. If the original developers refuse to take patches for long enough you end up forking, e.g. HTTPd.

          OpenBSD operate a full-disclosure policy, that means bugs in OpenSSH are made public, wether or not vendors are notified is at the disgression of the developers.

    2. By tedu (69.12.168.114) on

      everybody is going to get informed when an ssh bug is fixed. they won't get to find out before everybody else.

      patching bugs in the ports tree and not sending upstream is just annoying for all parties.

      Comments
      1. By Anonymous Coward (205.207.98.208) on

        "I will say it here -- if an OpenSSH hole is found that applies to SunSSH, Sun will not be informed. Or maybe that has happened already"

        with comments like that no wonder sun won't give obsd any money.
        the bsd license entitles sun to do what ever they like with the code with no strings attached. if obsd wants money for there work they should sell there products.

        tdr should stop whining about obsd's financial situation and start finding some creative and innovative ways to solve a difficult problem, like he does with his software.

        Comments
        1. By Anonymous Coward (66.98.208.12) on

          OpenSSH is saving millions of dollars from SUN and "with comments like that no wonder sun won't give obsd any money"?

          Be my guest and read this post:
          http://commentgator.blogspot.com/2006/03/grow-up.html

  2. Comments
    1. By Anonymous Coward (143.166.255.18) on

      GPL hasn't done dick for linux. Get over it.

      Comments
      1. By Nony mouse Coward (128.171.90.200) on

        I just think it's funny that they chose the GPL, it is cynical marketing at it's best.

      2. By Anonymous Coward (66.207.218.19) on

        Nonsense.

    2. By jolan (209.242.13.234) on

      You don't seem to understand all of the details involved in what this actually means.

      Comments
      1. By Nony mouse Coward (128.171.90.200) on

        Admittedly, you are right. I hadn't looked closely enough at what they were making available.

        More SUN smoke and mirrors. Grrr.....

      2. By Anonymous Coward (66.11.66.41) on

        You don't seem to understand. All the docs needed to support niagara based machines are available. Linux has already been ported (with no NDAs, or binary only anythings) using those docs and some hardware Sun donated. Just because they haven't released docs for older hardware (ultrasparc 3 based machines), doesn't mean its ok to lie to people and pretend the sun4v docs aren't there.

    3. By Anonymous Coward (84.188.222.178) on

      As far as I know almost all CPUs have microcode.. this code could be under GPL.

      But maybe I`m wrong...
      But requesting the microcode for those CPUs would be fun. :-)

      Malware in microcode.. just the next step I bet. *hrhr*

      Comments
      1. By Nony mouse Coward (128.171.90.200) on

        True RISC processors don't contain microcodes, it is sort of the point.

        However I noticed that some archs which were traditionally considerd RISC are now incorporating microcodes e.g. IBM's PPC 970

      2. By Matthias Kilian (84.134.32.227) on

        microcode != firmware

        You can't change/overwrite it, it's just a concept to simplify the design of a complex CPU.

        So: sorry, no microcode malware ;-)

        Comments
        1. By tedu (69.12.168.114) on

          intel cpus have uploadable microcode, but it's hard to do.

          Comments
          1. By Anonymous Coward (84.188.222.178) on

            That`s correct.
            I didn`t took a look at the enw CPUs from SUN but somebody told me they`ve Microcode.

            AMD CPus allow the SAME and VIA and Transmeta too (as far as I know).

            Comments
            1. By Anonymous Coward (128.171.90.200) on

              Just because it contains microcode does not mean it is writable.

              Intel seem like a corner case, but they are big users of microcode.

        2. By Anonymous Coward (84.188.222.178) on

          No correct... :-)
          A microcode malware would be the uber-malware I guess. Not detectable and not removeable if the system runs. ;-)

          Comments
          1. By Anonymous Coward (128.171.90.200) on

            Not sure you could achieve much in microcode though

          2. By Anonymous Coward (67.64.89.177) on

            put the pipe down dude.

      3. By Anonymous Coward (70.74.75.200) on

        I accidentally clicked mod down, sorry. I don't mod up or down.

    4. By Anonymous Coward (202.6.138.33) on

      Personally I cannot understand how you can GPL hardware, the license was clearly not designed for such things, but regardless they have done it anyway.

      And from your link:
      Firmware such as programs for programmable logic devices or microcoded machines are software, and can be copylefted like any other software....
      Definitions of circuits written in HDL (hardware definition languages) can be copylefted...


      Sun have released Verilog code. Verilog is an HDL.

  3. By Anonymous Coward (202.6.138.33) on

    Theo commends asian vendors for providing docs, one of which is Zydas.

    So is someone out there working on a driver for the Zydas zd1211 wireless chips?

    Comments
    1. By Anonymous Coward (83.147.128.114) on

      no docs for this particular chip at the moment. there is a linux reference driver. so perhaps some progress will be made, i've been playing with it a bit. but of course proper docs would make it much more straightforward.

      Comments
      1. By Anonymous Coward (130.220.79.99) on

        I've also played with the Linux driver. It's utter crap. It's clearly a windows driver that's been hacked to (partially) work under Linux. It's one of those Linux drivers full of magic numbers that Theo was talking about.

        A quick search of the misc@ archives for 'zydas' shows that Zydas are helpful, but not supported because they're not a "big player".

  4. By Anonymous Coward (66.207.218.19) on

    I mean kudos to Theo for sticking it to Sun, they're pricks, but c'mon...

    "These are Linux developers, basically placing the community in a situation where they have to run a binary blob of unknown code from a vendor, instead of sticking to their guns about open source? I must admit, I just don't understand some people. They must have much more flexibility to their belief systems than I have"

    What a fucker. Way to go, Theo you jackass! And you wonder why you have financial problems? It's cause people don't like dealing with you and don't want to support you. Idiot. Saying shit like this makes people want to go out and cause you grief. And looks like you're reaping it, judgeed on the money problems...

    Comments
    1. By Anonymous Coward (128.171.90.200) on

      What are you talking about ?

      Comments
      1. By Anonymous Coward (66.207.218.19) on

        OOOOOh! You got my IP!

    2. By Anonymous Coward (68.104.17.51) on

      oh you mean, they aren't enabling vendors who don't want to release documentation by supporting blobs in their operating system and signing NDAs?

    3. By Anonymous Coward (70.124.65.113) on

      Perhaps you can suggest a gentler way to tell someone they're a hypocrite?

      It's one thing if you use binary drivers because you don't care about having source, but it's another to advocate free software and then cooperate in spreading the exact thing you're saying is bad for the community.

      Comments
      1. By Anonymous Coward (66.207.218.19) on

        It's a balancing act. You can't go too far in either direction without something getting borked... and I think Theo is taking it too far in one direction and needs to head a little back to centre.

        Comments
        1. By Anonymous Coward (207.227.243.193) on

          we should all donate $1 for each day that goes by that Theo doesn't (1) post to a mailing list, (2) embarass the hardwork of the developers, or (3) say something stupid in a press release.

          Comments
          1. By Anonymous Coward (66.207.218.19) on

            I'm in.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]