Contributed by deanna on from the campaigns dept.
- Why vendor drivers are unacceptable
- Why vendors' reasons and excuses are unacceptable
- The users defending vendors phenomenon
Also added today was Claudio Jeker's talk: Network Stack Changes in OpenBSD.
UPDATE: Michele Marchetto: OpenRIPD and Henning Brauer: OpenBGPD (European Peering Forum 2006)
Keep an eye on the events page; there are still more sets on the way.
(Comments are closed)
By LeonYendor (218.214.194.113) on
Clicking on the "next" link on each page got me to the slide about where the 802.11 devs were named and then straight to the last page.
I went back to the index page and clicked on the image that should have been next and from there all was fine.
Just one bad link, it seems.
That said, it is a presentation that needs wider audiences. It just might peel the scales off a few eyes.
Thanks for pointing it out.
By Matt Van Mater (69.255.1.181) on
Keep up the good work guys!
By Antonios (89.210.233.55) on
Theo's slides are both entertaining and pretty informative. Should shut up a few mouths I guess. Including my own if I read them a couple of years ago :-)
By Anonymous Coward (87.79.237.121) on
drivers for their NICs was just found:
http://www.intel.com/support/network/sb/CS-023726.htm
Comments
By Anonymous Coward (69.70.68.38) on
> drivers for their NICs was just found:
>
> http://www.intel.com/support/network/sb/CS-023726.htm
Interesting! What I don't understand from there page, is how this exploit affects non-windows OS's? Scary to see things like this, imagine how many windows servers will require network downtime just to update this...
Comments
By Anonymous Coward (85.158.44.149) on
Device drivers run as part of the kernel, they have a very high level of access to the system... This is one of the reasons why vendor-provided binary drivers are a big problem, and even vendor-provided source code (written by someone who wants to sell hardware, rather than written by someone as part of a secure OS) still involves a huge amount of extra work to bring up to quality.
Intel provide open-source drivers for some of their hardware, this advisory covers the Linux driver but doesn't say whether or not it affects their FreeBSD driver (which OpenBSD tracks), and there's not a lot more information I could find to tell (other than diffing the old and new drivers to determine what was changed and assessing it). Nothing stood out in the changelogs (e100 and e1000).
It's not the first time there's been a problem with Intel drivers (e.g. CVE-2004-0535 [local, on linux], CVE-2006-3596 [remote: triggered by frame contents, on cisco ids], CVE-2006-3992 and 2006-4022 [remote: triggered by frame contents, wireless nic drivers on windows]). From 2006-3992: "This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary code[...] If a remote attacker within transmitting range of an affected wireless adapter sends a specially crafted frame to that adapter, they may be able to trigger this vulnerability". 'within transmitting range': that's quite a wide area for someone with the right equipment...
> Scary to see things like this, imagine how many windows servers will require network downtime just to update this...
Looks like it's only local, many won't bother, what's (yet) another local priv-escalation problem, especially when it's probably going to be tucked away in the 'hardware drivers' section of Windows Update with nothing to draw attention to the security problem?
By Daniel Bolgheroni (201.93.207.239) on
Thank you.
By Anonymous Coward (69.70.68.38) on
Comments
By Anonymous Coward (74.13.57.232) on
Like OpenOSPF, OpenRIP falls in with OpenBGP.
By Marc (194.245.32.131) marc_at_sanity_dot_de on
i contacted one of the sales droids of amcc for documentation of 3ware raid-controllers. after blurting that they don't deliver binary blobs and pointing me to freebsd and linux drivers, he also says, that they didn't ever recieved any customer questions for documentation of their driver and that they will support openbsd, if they get more customer requests:
[quote]
"3. We do not deliver 'binary blobs' for any of our supported open
source operating systems.
4. We will look into supporting OpenBSD, especially if we get
several requests from customers for it, so far you are the first.
If you would like, feel free to port the FreeBSD driver to OpenBSD." [/quote]
If you also want to contact him, you can either use 3waresales@amcc.com or, if you want to write the guy who answered me (and contacted the tech department, which didn't answered my email), contact Fred De Vera at fdevera_at_amcc_dot_com.
Comments
By Jason Crawford (65.174.217.59) jasonrcrawford@gmail.com on
>
> i contacted one of the sales droids of amcc for documentation of 3ware raid-controllers. after blurting that they don't deliver binary blobs and pointing me to freebsd and linux drivers, he also says, that they didn't ever recieved any customer questions for documentation of their driver and that they will support openbsd, if they get more customer requests:
>
> [quote]
> "3. We do not deliver 'binary blobs' for any of our supported open
> source operating systems.
>
> 4. We will look into supporting OpenBSD, especially if we get
> several requests from customers for it, so far you are the first.
> If you would like, feel free to port the FreeBSD driver to OpenBSD." [/quote]
>
> If you also want to contact him, you can either use 3waresales@amcc.com or, if you want to write the guy who answered me (and contacted the tech department, which didn't answered my email), contact Fred De Vera at fdevera_at_amcc_dot_com.
I have sent a personal request to Fred, and am crafting another one to 3waresales@amcc.com soon. I hope every user that reads undeadly can send a request to Fred so he can realize how many users would benifit from it, assuming that he doesn't go back on his word.
By Anonymous Coward (69.70.207.240) on
>
> i contacted one of the sales droids of amcc for documentation of 3ware raid-controllers. after blurting that they don't deliver binary blobs and pointing me to freebsd and linux drivers, he also says, that they didn't ever recieved any customer questions for documentation of their driver and that they will support openbsd, if they get more customer requests:
>
> [quote]
> "3. We do not deliver 'binary blobs' for any of our supported open
> source operating systems.
>
> 4. We will look into supporting OpenBSD, especially if we get
> several requests from customers for it, so far you are the first.
> If you would like, feel free to port the FreeBSD driver to OpenBSD." [/quote]
>
> If you also want to contact him, you can either use 3waresales@amcc.com or, if you want to write the guy who answered me (and contacted the tech department, which didn't answered my email), contact Fred De Vera at fdevera_at_amcc_dot_com.
Is it possible he's mis-interpreting a 'binary blob' as a 'binary driver', or that they would write the driver themselves only - or even only release documentation under an NDA? If so, that won't fly with OpenBSD... But if they're willing to understand clearly and to provide what the OpenBSD people actually want or need, then I'll send an email too.
Comments
By Jason Crawford (65.174.217.59) jasonrcrawford@gmail.com on
You should just send him an email anyway, requesting Documentation and stating that you do NOT want binary drivers or source code, ONLY Documentation. If that's not what he ment, well he'll still see how many potential customers he's turning away.
By Anonymous Coward (68.167.146.78) on
By Anonymous Coward (80.195.230.203) on
>
> i contacted one of the sales droids of amcc for documentation of 3ware raid-controllers. after blurting that they don't deliver binary blobs and pointing me to freebsd and linux drivers, he also says, that they didn't ever recieved any customer questions for documentation of their driver and that they will support openbsd, if they get more customer requests:
>
> [quote]
> "3. We do not deliver 'binary blobs' for any of our supported open
> source operating systems.
>
> 4. We will look into supporting OpenBSD, especially if we get
> several requests from customers for it, so far you are the first.
> If you would like, feel free to port the FreeBSD driver to OpenBSD." [/quote]
>
> If you also want to contact him, you can either use 3waresales@amcc.com or, if you want to write the guy who answered me (and contacted the tech department, which didn't answered my email), contact Fred De Vera at fdevera_at_amcc_dot_com.
I too have contacted them in the past so they are clearly not telling the truth as they say that you were the first person to do so.
By Matthias Kilian (91.3.24.64) on
> source operating systems.
I'd a look at the 3ware-9.0 stuff last year, and that statement just isn't true. At least the management software is blobby, usable only on linux/i386.
A RAID controller without proper management tools is just a pile of junk.
By Arach (194.186.117.245) on
------
Good time of day, mr. De Vera.
As a user of OpenBSD OS and a customer (being a network/system administrator), I would like to have drivers for your company's RAID cards under my preferred production OS. If there will be the OpenBSD drivers, I and many other system administrators may (and probably will) buy and use 3ware hardware. Without the drivers, there are another vendors (LSI, for example) who support OpenBSD with FREE DOCUMENTATION and therefore writing, testing and debugging simple and robust open source driver code for their hardware already became possible.
Please, support the OpenBSD project with FREE DOCUMENTATION (without the need to sing an NDA) for 3ware hardware, because porting (reverse-engineering) a driver from Linux or FreeBSD IS NOT THE SAME as having good free documentation and by that the ability to write well designed and well working open source drivers by OpenBSD developers themselves.
Besides, I know that some vendors cannot donate documentation due to the fact that there are some internal commercial information (for example, future products' roadmap hints) spreaded all over the technical details. If this is the case, please, invite your company's technical experts to cooperate with the OpenBSD project. This kind of cooperation should not be expensive at all.
-----
My first message of this kind... Is something wrong (besides grammar :) or not quite right?
Comments
By mho (130.237.209.52) on
NDA, tra-la-la! Something for song41? :-)
(Sorry, couldn't help myself)
- mho
By Terrell Prude' Jr. (68.167.146.78) on
I think it's a shame that some vendors like to hide behind the phrase "intellectual property" and not tell us more specifically if it's copyrights, patents, or trade secrets. But at least we've got LSI Logic. Fortunately, LSI is the RAID engine in Sun's v20z and v40z server lines.
Comments
By Marc (84.62.41.219) marc_at_sanity_dot_de on
>
> I think it's a shame that some vendors like to hide behind the phrase "intellectual property" and not tell us more specifically if it's copyrights, patents, or trade secrets. But at least we've got LSI Logic. Fortunately, LSI is the RAID engine in Sun's v20z and v40z server lines.
so, did you ask him, why 3ware is supporting linux and freebsd then, when they have "intellectual property"in their drivers?
Comments
By Terrell Prude', Jr. (68.167.146.78) on
No, I didn't. I think we already know the answer, though. It's all about "magic numbers" and such. See, if you write drivers that obfuscate characteristics of the card (e. g. using unexplained constants, or "magic numbers"), then you don't have to release docs, but you can claim "look, see, we're open source." It's just like with the Marvell OLPC wireless chipset issue. There's a GPL'd Linux driver w/ magic numbers, but there are no docs without NDA.
And yes, I suspect you already know all of this. :-) But a lot of newbies don't, and we need to educate them, hence the above text.
Like I said, we have LSI Logic. They seem to be treating us right, so let's stick with them.
Comments
By sthen (85.158.44.149) on
Areca, too.
Comments
By Terrell Prude', Jr. (151.188.247.104) on
>
> Areca, too.
Just took a look at their Web site. Has anyone put their RAID controllers through its paces w/ OpenBSD, GNU/Linux, or any other FLOSS platform?