OpenBSD Journal

New OpenBSD 4.1 review

Contributed by ray on from the what's-new-and-when-are-we-getting-this-and-that dept.

Anonymous Coward says,
Jem Matzan from Softwareinreview.com has published a review of OpenBSD 4.1. He has also given his thoughts on the features he would like to see implemented in the future on the OpenBSD platform.
Overall a nice, positive review from someone who appreciates not only our hard work but the reasons behind our hard stances in the open source world. Enjoy!

(Comments are closed)


Comments
  1. By Anonymous Coward (69.134.34.168) on

    For me, WPA is the #1 feature that I would like to see added to OBSD. I don't care about DRI or the latest XYZ desktop or bling effect and the lack of blobs and proprietary stuff is of course a strength, not a weakness, but I must use WPA in various client and corporate settings. I understand that some feel WPA is a poor security solution, and I know that using authpf and OpenVPN might be a better solution (I use that at home). Nevertheless, the lack of WPA has prevented me from using and deploying OBSD in certain situations where it would otherwise excel.

    I know the standard response is "nobody else cares so code it yourself" and I would be happy to do that if I had time and knew how (I'm a user, not a developer). So I am not criticizing -- I buy every release of OBSD and I love it and use it at work and at home. I just hope that maybe one day WPA will be added, that's all.

    Comments
    1. By Anonymous Coward (81.165.220.56) on

      > I know the standard response is "nobody else cares so code it yourself"

      I think quite a lot people would appreciate WPA support, so it's not that nobody cares. You are right that it's used in mixed environments and comes with most out out of the box access points.

      I think for the moment, none of the developers needs WPA. And that's why it just isn't there. But with WPA, even if you are a developer, it still is a lot of work to just go and write OpenBSD WPA support in a correct way.

      OpenBSD gives away a lot of really great software, So I'm not yelling I WANT STUFF. But if little users don't tell the project what they really need, it seems the project thinks everyone can live without it. Maybe this is the time to shake the tree all together ;-)

      Comments
      1. By Anonymous Coward (74.13.39.27) on

        Or hire a developer to do it, since none of the important people want it.

        Comments
        1. By Anonymous Coward (192.94.73.1) on

          > Or hire a developer to do it, since none of the important people want it.
          Oh, I see. Ok, I guess that makes me unimportant. Thanks.

          Where would I go to hire someone? Has anyone started a bounty or would any developers be open to a bounty? I definitely would contribute some cash.

          Comments
          1. By Anonymous Coward (24.37.242.64) on

            > > Or hire a developer to do it, since none of the important people want it.
            > Oh, I see. Ok, I guess that makes me unimportant. Thanks.
            >
            > Where would I go to hire someone? Has anyone started a bounty or would any developers be open to a bounty? I definitely would contribute some cash.

            Same here!

            Comments
            1. By Anonymous Coward (213.118.21.226) on

              > > > Or hire a developer to do it, since none of the important people want it.
              > > Oh, I see. Ok, I guess that makes me unimportant. Thanks.
              > >
              > > Where would I go to hire someone? Has anyone started a bounty or would any developers be open to a bounty? I definitely would contribute some cash.
              >
              > Same here!

              That's what I mean, some people like to donate cash for hardware and some people like to donate cash for a "feature". I think if you can't write it yourself and don't have major cash to fund a project there still is the possibility to ask around. Maybe if there are enough small individuals who want to make a small donation, eventually it's worth implementing a "feature" like WPA after all.

              Comments
              1. By Anonymous Coward (208.78.96.182) on

                > That's what I mean, some people like to donate cash for hardware and some people like to donate cash for a "feature". I think if you can't write it yourself and don't have major cash to fund a project there still is the possibility to ask around. Maybe if there are enough small individuals who want to make a small donation, eventually it's worth implementing a "feature" like WPA after all.

                I personally would contribute at least $200 to a bounty for WPA. And I would be ecstatic for ral(4) WPA. On Linux, it has built-in WPA so there no need for wpa-supplicant, but I don't know if that makes a difference here. Just thought I'd mention it.

                Regardless, I am a new user to OpenBSD so I probably don't know the right place to start, but if a veteran OpenBSD user were to start a bounty somewhere, I would contribute at least $200. At least.

                Anyway, to the devs: thank you so much for OpenBSD. I am extremely appreciative of all the hard work you have put into this amazing operating system. Thanks.

              2. By Anonymous Coward (74.13.39.27) on

                > That's what I mean, some people like to donate cash for hardware and some people like to donate cash for a "feature". I think if you can't write it yourself and don't have major cash to fund a project there still is the possibility to ask around. Maybe if there are enough small individuals who want to make a small donation, eventually it's worth implementing a "feature" like WPA after all.

                If you're, "donating," it and expecting something in return, it's not a donation anymore. It's more of a service fee at that point.

                Comments
                1. By Anonymous Coward (24.37.242.64) on

                  > > That's what I mean, some people like to donate cash for hardware and some people like to donate cash for a "feature". I think if you can't write it yourself and don't have major cash to fund a project there still is the possibility to ask around. Maybe if there are enough small individuals who want to make a small donation, eventually it's worth implementing a "feature" like WPA after all.
                  >
                  > If you're, "donating," it and expecting something in return, it's not a donation anymore. It's more of a service fee at that point.

                  Good point, but it all depends how you look at it too. :)

                  It could also be like donating to fund them for some of their time for development on a system they like, rather than say, working for another company coding something they don't.

          2. By pete gilman (24.147.199.104) on http://p3t3.net

            > Where would I go to hire someone? Has anyone started a bounty or would
            > any developers be open to a bounty? I definitely would contribute some
            > cash.


            i've often wished for the same thing. i already buy the cd sets and t-shirts as well as donating money - i would be willing to donate even more or even to specifically hire a developer to implement one of my pet features (some sort of journalling or background fsck). it would be awesome if there could be a web page on the openbsd site that listed a series of features along with a price for each one, perhaps along with a note saying how much had been collected towards each feature so far. for example (numbers pulled from thin air):


            feature: required: collected so far:
            ---------------------------------------------------
            background fsck $2000USD $1500USD (75%)
            framebuffer console $1200USD $800USD (67%)
            wpa support $2500USD $0.22USD (0%)


            i'm sure that this idea needs refinement, but the core idea seems valid and workable to me. i'd love to hear comments...

            Comments
            1. By Anonymous Coward (65.248.199.227) on

              > i'm sure that this idea needs refinement, but the core idea seems valid and workable to me. i'd love to hear comments...

              Ignoring the fact that your bounties are pretty pathetic ... remember that most of the developers work in their spare time, on what they like, for fun. What you're suggesting is that people take on a second job that cuts into that hobby time, with the hope of maybe receiving some pretty pathetic wage for working on something that isn't their primary interest.

              A real plan would be to start your own software company or nonprofit and hire qualified people (OpenBSD developers or not) to do the work. Give them firm contracts and guaranteed salaries they can live on for a definite period of time, have them write the feature you want, and then contribute that code back to OpenBSD.




              Comments
              1. By Anonymous Coward (192.94.73.30) on

                > > i'm sure that this idea needs refinement, but the core idea seems valid and workable to me. i'd love to hear comments...
                >
                > Ignoring the fact that your bounties are pretty pathetic ... remember that most of the developers work in their spare time, on what they like, for fun. What you're suggesting is that people take on a second job that cuts into that hobby time, with the hope of maybe receiving some pretty pathetic wage for working on something that isn't their primary interest.
                >
                > A real plan would be to start your own software company or nonprofit and hire qualified people (OpenBSD developers or not) to do the work. Give them firm contracts and guaranteed salaries they can live on for a definite period of time, have them write the feature you want, and then contribute that code back to OpenBSD.
                >
                >
                >
                >
                >

                Sheesh! Is that all it will take? So let me get this straight: I should quit my job, stop feeding my family, start up a company or non profit and incur the costs of doing such incorporation or obtaining my nonprofit status, so I can then in turn hire peole to write WPA support that I needed for my customers back at my old job? Swell idea!

                Come on. I think the bounty idea is a great one. It allows us users to come together and throw some money in a hat, so to speak, for certain features that we would like OpenBSD to have so we can sell the idea of using this great operating system that we all love to our customers and bosses. If a bounty is not high enough, no one will take on the challenge of earning a few extra bucks. Supply and demand. I would think that there are some developers out there who would not mind earning a few extra bucks for hacking on something in their spare time. The idea is a good one and I hope it get implemented.

                Comments
                1. By sthen (85.158.44.149) on

                  > ... certain features that we would like OpenBSD to have so we can sell the idea of using this great operating system that we all love to our customers and bosses.

                  why bother? this is no one-size-fits-all OS.

                  > I would think that there are some developers out there who would not mind earning a few extra bucks for hacking on something in their spare time.

                  you mean there are developers with spare time?

              2. By pete gilman (24.147.199.104) on http://p3t3.net

                > > i'm sure that this idea needs refinement, but the core idea seems
                > > valid and workable to me. i'd love to hear comments...


                > Ignoring the fact that your bounties are pretty pathetic...

                as i said in my original post, my numbers were just made up out of thin air, as an example.


                > remember that most of the developers work in their spare time, on what
                > they like, for fun. What you're suggesting is that people take on a
                > second job that cuts into that hobby time, with the hope of maybe
                > receiving some pretty pathetic wage for working on something that
                > isn't their primary interest.

                no, that's not what i'm suggesting at all. i'm suggesting that *if* a developer wishes to do so, he could *choose* to set *his own price* for a given feature; this would allow us, the community, to contribute toward the specific features that we are most interested in. no developer is forced to do something he doesn't want to do.

                look at the other side of the coin: the openbsd developers ask us to give them money so that they can pursue their "hobby," with no oversight or accountability at all.

                lots of people - like me - buy the cd sets and the t-shirts *and* contribute extra money to the project. some people contribute code; other people contribute cash. we are contributing! i don't think it's unreasonable for us contributors to express our desires to the team in the form of polite requests. we're not making demands - we're just asking nicely; and in fact we're trying to think of ways to contribute more.


                > A real plan would be to start your own software company or nonprofit
                > and hire qualified people (OpenBSD developers or not) to do the work.
                > Give them firm contracts and guaranteed salaries they can live on for
                > a definite period of time, have them write the feature you want, and
                > then contribute that code back to OpenBSD.

                now this is preposterous to the point that i think you must be trolling. first of all, very few people have the means to start their own company (do you? go for it!). secondly, even if one could follow this course of action, it's very unlikely that the openbsd team would accept any such bulk "donation" of code - they observe very strict standards, and they like to write the code themselves. if you suddenly said to theo one day, "here, i have 500,000 lines of code for you to commit into openbsd," i suspect that he'd tell you to bugger off, and rightly so. my original idea makes much more sense: it allows the openbsd devs to set their own prices and have complete control of the code.


                even though i disagree with your post, thank you for responding.

                Comments
                1. By Anonymous Coward (65.248.199.227) on

                  > now this is preposterous to the point that i think you must be trolling. first of all, very few people have the means to start their own company (do you? go for it!).

                  What is preposterous is your assumption that anyone involved is motivated by money... or that they have free time to sell.

                  > secondly, even if one could follow this course of action, it's very unlikely that the openbsd team would accept any such bulk "donation" of code - they observe very strict standards, and they like to write the code themselves.

                  hostated?

                  > my original idea makes much more sense: it allows the openbsd devs to set their own prices and have complete control of the code.

                  This would be a completely different (and much worse) OS if it were created according to your "free market, supply and demand, give the user what they'll pay for" rules. That's the definition of a commercial OS.

                  I mentioned the actual employment of people to work on your requested features because that would be offering something more than money: the opportunity to spend the "day job" time on OpenBSD instead of system administration or web development or whatever. I'm sure plenty of people would love that. It's not that far-fetched; see the history of wasabi systems for example, or the DARPA grant.




                  Comments
                  1. By Anonymous Coward (24.147.199.104) on

                    > What is preposterous is your assumption that anyone involved is
                    > motivated by money... or that they have free time to sell.

                    no, once again, i've made no such assumption. once again, you've (intentionally?) misinterpreted my words. i don't "assume that anyone involved is motivated by money;" rather, i hope that some involved might be more inclined or able to spend time and effort on a given feature if there were some concrete compensation behind it. your replies are straw men, and getting tiresome.

                    > This would be a completely different (and much worse) OS if it were
                    > created according to your "free market, supply and demand, give the
                    > user what they'll pay for" rules. That's the definition of a
                    > commercial OS.

                    ridiculous. my suggestion is obviously not intended in any way to replace the current development model (once again, this misinterpretation is your invention); the "bounties-for-features" approach which i suggest would exist in adjunct to the existing model.

                    rather than merely (and anonymously) trying to tear down my posts, i challenge you to contribute something constructive (which, incidentally, does not include such unrealistic suggestions as, "start your own company and hire full-time developers," as you suggested earlier).

                  2. By Lars Hansson (203.65.245.11) lars@unet.net.ph on

                    "What is preposterous is your assumption that anyone involved"
                    "is motivated by money... or that they have free time to sell."

                    It's even more preposterous that you think you know what all the developers want.
                    Developers have, and are, being paid. Some by Theo, some by people/companies that needs a feature done.

                    Comments
                    1. By Otto Moerbeek (otto) on http://www.drijf.net

                      > "What is preposterous is your assumption that anyone involved"
                      > "is motivated by money... or that they have free time to sell."
                      >
                      > It's even more preposterous that you think you know what all the developers want.
                      > Developers have, and are, being paid. Some by Theo, some by people/companies that needs a feature done.
                      >

                      How do you know?

                      A developer getting paid for doing OpenBSD work is an exception.

                      The major part of the work is done in the spare time of the developers.

                      Comments
                      1. By Anonymous Coward (65.248.199.227) on

                        Introducing money into a volunteer project is a recipe for disaster. It causes mistrust, doubt and resentment between those who are compensated and those who are not, and can suck the fun right out of the whole thing.

                        I am speaking from personal experience. I once spent an entire summer of my life working on a free software project, as an outside volunteer, just for fun, and the personal satisfaction I got from helping. One day, there I am debugging a nasty problem with one of the developers and all of a sudden he says "Oh well, quittin' time!" and abruptly logs off. Later I found out that this person is a paid employee of some company/foundation that was sponsoring the project. But wait, not just him, all of them. Yeah, it made me feel pretty worthless, since I felt I had worked just as hard, for nothing, helping him do a better job. Helping him get a raise? Etc. I haven't really cared much about helping them since.

                        Just my real world experience with this kind of thing.. there's also the whole debian debacle where, IIRC, a few people got on the payroll and the whole project ground to a halt in protest. I sympathize with that completely.

                        I'm not saying people shouldn't be paid to work on free software; I just think it should be completely out in the open and run by an entity that is completely separate from the project itself. Or really, I'm just saying it's complicated.

                      2. By Lars Hansson (203.65.245.11) lars@unet.net.ph on

                        > How do you know?

                        Theo said so on occasion, IIRC.

                        > A developer getting paid for doing OpenBSD work is an exception.

                        Of course, but my point was that it does happen and that it isn't "forbidden" or anything.


            2. By Anonymous Coward (81.217.26.122) on

              > it would be awesome if there could be a web page on the openbsd site that listed a series of features along with a price for each one, perhaps along with a note saying how much had been collected towards each feature so far.

              Since we, the users, don't know if bounties are something the OpenBSD team accepts as one of the official ways to do something in the OpenBSD project (and up to now from what I have perceived it seems unlikely), we can't ask them to put such a list on their official page.

              But there are plenty of OpenBSD-related sites around and one of them should be suitable to start such a list. http://www.openbsd-wiki.org/index.php?title=Misc_Links

              Actually that very Wiki would be a good place to start (after asking the maintainer of this site, of course).

              I guess there are a lot of people who would want to contribute, but everyone posting "Me too" here in the comments section is hardly the right way to measure and organize this.

              As a start such a list would be of course just a declaration of intent from people willing to contribute money. When the respective sums for the individual features are deemed fair enough, maybe then one of the developers steps up and expresses his interest. Then people can transfer the money so that the hacking can begin.

              I propose following layout:
              date - name and/or email - sum - time period this offer from this individual stands

              I am aware that's a big trust thing, so in the end everything money-related should somehow go through the official money channels of the OpenBSD project - that's the only catch I can think of, where we need an official sanction. But we aren't even there yet, so I say for now let's start the list.

            3. By Anonymous Coward (65.29.188.74) on

              > > Where would I go to hire someone? Has anyone started a bounty or would
              > > any developers be open to a bounty? I definitely would contribute some
              > > cash.
              >
              >
              > i've often wished for the same thing. i already buy the cd sets and t-shirts as well as donating money - i would be willing to donate even more or even to specifically hire a developer to implement one of my pet features (some sort of journalling or background fsck). it would be awesome if there could be a web page on the openbsd site that listed a series of features along with a price for each one, perhaps along with a note saying how much had been collected towards each feature so far. for example (numbers pulled from thin air):
              >
              >
              > feature: required: collected so far:
              > ---------------------------------------------------
              > background fsck $2000USD $1500USD (75%)
              > framebuffer console $1200USD $800USD (67%)
              > wpa support $2500USD $0.22USD (0%)
              >
              >
              > i'm sure that this idea needs refinement, but the core idea seems valid and workable to me. i'd love to hear comments...
              >
              >

              Reyk has been looking for sponsorship for some time:

              http://marc.info/?l=openbsd-misc&m=116811679220302&w=2

              Raise the "bounty", and get in touch with him.

              Comments
              1. By Anonymous Coward (70.179.176.82) on

                >
                > Reyk has been looking for sponsorship for some time:
                >
                > http://marc.info/?l=openbsd-misc&m=116811679220302&w=2
                >
                > Raise the "bounty", and get in touch with him.

                How much does he want?

                Comments
                1. By Anonymous Coward (81.217.26.122) on

                  > >
                  > > Reyk has been looking for sponsorship for some time:
                  > >
                  > > http://marc.info/?l=openbsd-misc&m=116811679220302&w=2
                  > >
                  > > Raise the "bounty", and get in touch with him.
                  >
                  > How much does he want?

                  We might try to see how much we could theoretically raise.

                  http://www.openbsd-wiki.org/index.php?title=Fundraising

            4. By Josh (38.99.193.222) josh@interactiveqa.com on http://www.interactiveqa.com

              Here are some examples of bounty programs:
              http://www.limewire.org/wiki/index.php?title=Bounties
              http://nat.org/2005/january/#24-January-2005
              http://www.oreillynet.com/onlamp/blog/2002/10/the_struts_bug_bounty_or_how_c.html
              http://www.linuxsecurity.com/content/view/116091/65/
              http://wordlog.com/archives/2005/02/01/bounties-for-wordpress-development/

              Here's a site that organizes stuff like this:
              http://www.fundable.com/

              Here's an example of one such project:
              http://www.fundable.org/groupactions/poedit-plone

              So let's do it. Write a description of what you want and put it on the fundable site, sent a notice to the misc mailing list to try to find a developer and then to solicit money and have someone who designated approve the completed code.

              Josh

              Comments
              1. By Anonymous Coward (81.217.26.122) on

                > So let's do it. Write a description of what you want and put it on the fundable site, sent a notice to the misc mailing list to try to find a developer and then to solicit money and have someone who designated approve the completed code.

                Fundable.org looks great but as you said we need to find a developer first. I personally don't have the guts to ask on -misc, fearing the wrath of Theo and probably others. :-)

                Oh, and they accept only credit cards and paypal. I own neither and live in Europe where bank transfers are common and easy. For what it's worth I have now written up a bounty fundraising page on the OpenBSD-wiki. I'm not a native speaker, so if sentences and grammar are twisted somebody please correct them.

                http://www.openbsd-wiki.org/index.php?title=Fundraising

          3. By Anonymous Coward (70.79.32.164) on

            > > Or hire a developer to do it, since none of the important people want it.
            > Oh, I see. Ok, I guess that makes me unimportant. Thanks.

            if you're not submitting diffs, you're not important

            Comments
            1. By Anonymous Coward (192.94.73.30) on

              > > > Or hire a developer to do it, since none of the important people want it.
              > > Oh, I see. Ok, I guess that makes me unimportant. Thanks.
              >
              > if you're not submitting diffs, you're not important
              >
              >
              Wow, I hope that is not the official position of the project. Day in and day out I work with OpenBSD, buy each CD set, deploy it in various enterprise settings and get my clients to support the project financially, but all of that is irrelevant and we are deemed unimportant because we do not or cannot submit diffs? Your statement actually is pretty shocking and disappointing. We may have to rethink our IT decisions and those of our customers if our use and support of the project is unimportant.

              Comments
              1. By Anonymous Coward (74.13.39.27) on

                It has been repeatedly stated that the people developing OpenBSD are volunteers, that they work on what they want to work on, and if someone wants something they can either make it or pay for it to be made. This has been a consistant statement that has been repeated in various ways for years now.

                The people who matter in OpenBSD are the people who make OpenBSD, if you're supporting development via hardware donations, you matter in the context of now the developers have the hardware to develop OpenBSD on, you get them an unsupported nic that you also have and you've contributed to the driver, even an already supported nic, you've supported it's continued development. If you're sending bug reports, you're helping make OpenBSD, diffs, dmesgs, acpidumps, hardware, money, these all help make OpenBSD. But if you're just giving money, you're not in a position to tell people what you want done with it. If donate hardware, that's different, the money has been invested in what you want developed, like with the laptop donation drive earlier and other similar events.

                A bounty system doesn't really work, because one has no absolute means of ensuring the pledges donate when the amount is met, but a system like that may be the only means to which one can attempt to direct development without really hiring a developer. But someone has to organize it, manage the funds and ensure everything gets done - that's a lot of oversight, that almost requires someone working part-time on that alone.

                Comments
                1. By Anonymous Coward (69.134.34.168) on

                  > It has been repeatedly stated that the people developing OpenBSD are volunteers, that they work on what they want to work on, and if someone wants something they can either make it or pay for it to be made. This has been a consistant statement that has been repeated in various ways for years now.
                  >
                  > The people who matter in OpenBSD are the people who make OpenBSD, if you're supporting development via hardware donations, you matter in the context of now the developers have the hardware to develop OpenBSD on, you get them an unsupported nic that you also have and you've contributed to the driver, even an already supported nic, you've supported it's continued development. If you're sending bug reports, you're helping make OpenBSD, diffs, dmesgs, acpidumps, hardware, money, these all help make OpenBSD. But if you're just giving money, you're not in a position to tell people what you want done with it. If donate hardware, that's different, the money has been invested in what you want developed, like with the laptop donation drive earlier and other similar events.
                  >
                  > A bounty system doesn't really work, because one has no absolute means of ensuring the pledges donate when the amount is met, but a system like that may be the only means to which one can attempt to direct development without really hiring a developer. But someone has to organize it, manage the funds and ensure everything gets done - that's a lot of oversight, that almost requires someone working part-time on that alone.

                  Hi, I am the OP to this WPA thread. I had no idea it would get this involved. :-)

                  Anyway, I just wanted to reply to this to say that I totally understand your points. And you're right, of course. I, for one, am not making any demands at all. I will continue to buy my CD sets whether or not OpenBSD implements WPA. I was just saying -- without intending to anger anyone -- that WPA is the one feature that I would love to see added one day since I could then use OpenBSD in certain customer situations where it cannot be used currently. And I say that out of love for this great operating system that the entire team of volunteers put together. I was simply providing some feedback, no big deal. There are no demands or anything. It's just a humble request that in my dreams will be answered one day.

                  I don't know enough to provide diffs so I guess I don't count in that sense, but I do want you all to know that I love what you do and that I try to turn my customers on to OpenBSD whenever I can and get them to buy it. It's the only way I know how and am able to contribute. I do what I can with what I got. I honestly wish I could code so I _could_ submit diffs. And if there was some sort of bounty system I would gladly contribute what I could to put my money where my mouth is. The difficulties of implementing such a system, as you point out, are many for sure. Still, it would be neat to find a way to do that to give us users who don't know how to code and who don't have hardware to contribute, to "work on" stuff in a vicarious sort of way -- though a pass-the-hat around system where a developer exchanges some time for some extra money.

                  In any event, thanks again to all the devs and volunteers. OpenBSD is such a wonderful thing and I am greatly appreciative of all the work you do.

    2. By Ray Percival (sng) on http://undeadly.org/cgi?action=search&sort=time&query=sng

      > For me, WPA is the #1 feature that I would like to see added to OBSD. I don't care about DRI or the latest XYZ desktop or bling effect and the lack of blobs and proprietary stuff is of course a strength, not a weakness, but I must use WPA in various client and corporate settings. I understand that some feel WPA is a poor security solution, and I know that using authpf and OpenVPN might be a better solution (I use that at home). Nevertheless, the lack of WPA has prevented me from using and deploying OBSD in certain situations where it would otherwise excel.
      >
      > I know the standard response is "nobody else cares so code it yourself" and I would be happy to do that if I had time and knew how (I'm a user, not a developer). So I am not criticizing -- I buy every release of OBSD and I love it and use it at work and at home. I just hope that maybe one day WPA will be added, that's all.

      WPA is, mostly, pointless and OpenBSD already comes with some very cool and effective tools for securing a wifi connection. Use them instead.

      Comments
      1. By Anonymous Coward (193.63.217.208) on

        > WPA is, mostly, pointless and OpenBSD already comes with some very cool
        > and effective tools for securing a wifi connection. Use them instead.

        We, as users of OpenBSD, know this. However the rest of the world we need to interact/interoperate with does not. They believe that WPA is good and useful. The correctness of their belief is moot, they use it and if we want to not be shut out of many places with our OpenBSD boxes, we need WPA support.

        The developers are lucky, and presumably happy, that they can dictate their wifi environment so they don't need WPA. The rest of us can't, especially in a mixed environment.

      2. By Anonymous Coward (66.79.224.205) on

        > > For me, WPA is the #1 feature that I would like to see added to OBSD. I don't care about DRI or the latest XYZ desktop or bling effect and the lack of blobs and proprietary stuff is of course a strength, not a weakness, but I must use WPA in various client and corporate settings. I understand that some feel WPA is a poor security solution, and I know that using authpf and OpenVPN might be a better solution (I use that at home). Nevertheless, the lack of WPA has prevented me from using and deploying OBSD in certain situations where it would otherwise excel.
        > >
        > > I know the standard response is "nobody else cares so code it yourself" and I would be happy to do that if I had time and knew how (I'm a user, not a developer). So I am not criticizing -- I buy every release of OBSD and I love it and use it at work and at home. I just hope that maybe one day WPA will be added, that's all.
        >
        > WPA is, mostly, pointless and OpenBSD already comes with some very cool and effective tools for securing a wifi connection. Use them instead.
        >
        >

        I agree, but it seems you didn't even bother to read Anonymous' point. We can't dictate and control other people's wireless connections. It's not a matter of personal preference, it's a desire to use OpenBSD in wireless networks that are currently unavailable for use.

        Like having a website that refuses to display for Windows users, you can't simply ignore the standards that exist - I completely agree that WPA is not a proper security feature, but it's a humble request to support a fairly common standard, not a claim that WPA is superior.

        Comments
        1. By alephzain (alephzain) on

          What I think is great about OpenBSD is that it chooses the BEST technology and features for the job, not necessary the most popular ones. The decision of not implementing WPA is an example of that.

          Just because 3D-acceleration and gaming is popular, should OpenBSD support it? And thus compromise security/stability?

          Just because telnet and clear-text passwords are easier to use and understand, should OpenBSD condone and implement it? And thus compromise security/stability?

          It is called correctness and is one of the goals for the OpenBSD project, if one wants greatness in an operating system one must sometimes sacrifice the meaningless needs of others.
          The need in this case is the need for WPA because people "don't know better". Should OpenBSD meet the demands of idiots just because they don't know any better?

          If OpenBSD is to be "the best" it cannot always meet the demands of the masses. And I think that's just the way it has to be, and that is great! :)

          If the rest of the world is using a weaker solution to a security problem, then it is THEY who must change, not us.

          AlephZain


          > > > For me, WPA is the #1 feature that I would like to see added to OBSD. I don't care about DRI or the latest XYZ desktop or bling effect and the lack of blobs and proprietary stuff is of course a strength, not a weakness, but I must use WPA in various client and corporate settings. I understand that some feel WPA is a poor security solution, and I know that using authpf and OpenVPN might be a better solution (I use that at home). Nevertheless, the lack of WPA has prevented me from using and deploying OBSD in certain situations where it would otherwise excel.
          > > >
          > > > I know the standard response is "nobody else cares so code it yourself" and I would be happy to do that if I had time and knew how (I'm a user, not a developer). So I am not criticizing -- I buy every release of OBSD and I love it and use it at work and at home. I just hope that maybe one day WPA will be added, that's all.
          > >
          > > WPA is, mostly, pointless and OpenBSD already comes with some very cool and effective tools for securing a wifi connection. Use them instead.
          > >
          > >
          >
          > I agree, but it seems you didn't even bother to read Anonymous' point. We can't dictate and control other people's wireless connections. It's not a matter of personal preference, it's a desire to use OpenBSD in wireless networks that are currently unavailable for use.
          >
          > Like having a website that refuses to display for Windows users, you can't simply ignore the standards that exist - I completely agree that WPA is not a proper security feature, but it's a humble request to support a fairly common standard, not a claim that WPA is superior.

          Comments
          1. By Anonymous Coward (66.79.224.205) on

            > What I think is great about OpenBSD is that it chooses the BEST technology and features for the job, not necessary the most popular ones. The decision of not implementing WPA is an example of that.
            >
            > Just because 3D-acceleration and gaming is popular, should OpenBSD support it? And thus compromise security/stability?
            >
            > Just because telnet and clear-text passwords are easier to use and understand, should OpenBSD condone and implement it? And thus compromise security/stability?
            >
            > It is called correctness and is one of the goals for the OpenBSD project, if one wants greatness in an operating system one must sometimes sacrifice the meaningless needs of others.
            > The need in this case is the need for WPA because people "don't know better". Should OpenBSD meet the demands of idiots just because they don't know any better?
            >
            > If OpenBSD is to be "the best" it cannot always meet the demands of the masses. And I think that's just the way it has to be, and that is great! :)
            >
            > If the rest of the world is using a weaker solution to a security problem, then it is THEY who must change, not us.
            >
            > AlephZain
            >
            >
            > > > > For me, WPA is the #1 feature that I would like to see added to OBSD. I don't care about DRI or the latest XYZ desktop or bling effect and the lack of blobs and proprietary stuff is of course a strength, not a weakness, but I must use WPA in various client and corporate settings. I understand that some feel WPA is a poor security solution, and I know that using authpf and OpenVPN might be a better solution (I use that at home). Nevertheless, the lack of WPA has prevented me from using and deploying OBSD in certain situations where it would otherwise excel.
            > > > >
            > > > > I know the standard response is "nobody else cares so code it yourself" and I would be happy to do that if I had time and knew how (I'm a user, not a developer). So I am not criticizing -- I buy every release of OBSD and I love it and use it at work and at home. I just hope that maybe one day WPA will be added, that's all.
            > > >
            > > > WPA is, mostly, pointless and OpenBSD already comes with some very cool and effective tools for securing a wifi connection. Use them instead.
            > > >
            > > >
            > >
            > > I agree, but it seems you didn't even bother to read Anonymous' point. We can't dictate and control other people's wireless connections. It's not a matter of personal preference, it's a desire to use OpenBSD in wireless networks that are currently unavailable for use.
            > >
            > > Like having a website that refuses to display for Windows users, you can't simply ignore the standards that exist - I completely agree that WPA is not a proper security feature, but it's a humble request to support a fairly common standard, not a claim that WPA is superior.
            >
            >

            You fail to explain how implementing WPA would compromise the security of OpenBSD. I may not be a developer, but I do buy the CD releases regularly. I'm simply supporting a humble request. Implementing WPA2 costs nothing more then time.

            But of course, the developers are under no obligation to listen. I mean, it's only $100 US a year from me, hardly enough to warrant me having much say. However, I hardly think WPA can be compared to telnet or 3d acceleration, and it's not as horrendously insecure as you seem to think. A perfect solution, no. A solution I would use, no. But I know a number of different systems I would love to use OpenBSD with, if it werne't for the lack of WPA.

            If I have to learn C and code it myself, well then, give me a year or two, likely more, and I'll see what I can do. :)

          2. By jb (jb) on

            > What I think is great about OpenBSD is that it chooses the BEST technology and features for the job, not necessary the most popular ones. The decision of not implementing WPA is an example of that.
            >

            I would LOVE to see that explained properly.

            > Just because 3D-acceleration and gaming is popular, should OpenBSD support it? And thus compromise security/stability?
            >

            That does not work as a comparison.

            > Just because telnet and clear-text passwords are easier to use and understand, should OpenBSD condone and implement it? And thus compromise security/stability?
            >

            Also not appropriate. Since Telnet AND clear-text passwords are supported pretty well in OpenBSD.

            > It is called correctness and is one of the goals for the OpenBSD project, if one wants greatness in an operating system one must sometimes sacrifice the meaningless needs of others.
            > The need in this case is the need for WPA because people "don't know better". Should OpenBSD meet the demands of idiots just because they don't know any better?
            >

            If you're using this as an argument, why does OpenBSD support WEP? WEP is a worse protocol, easily broken, and fairly useless.

            Yet, OpenBSD supports it.

            > If OpenBSD is to be "the best" it cannot always meet the demands of the masses. And I think that's just the way it has to be, and that is great! :)
            >

            See above. Your arguments are not just foolish, they're baseless. Your comparisons of DRI and clear-text passwords inappropriate and not related to WPA at all.

            > If the rest of the world is using a weaker solution to a security problem, then it is THEY who must change, not us.
            >

            Weaker? Not really. Yes, AuthPF or a VPN solution may work better for authentication, but that's not what WPA is entirely about. AuthPF doesn't do encryption of base protocols. It doesn't prevent someone from being *on the network* without permission. WPA and WEP both provide a manner of saying "No" to casual users of the network.

            WPA is an improvement of WEP, even if it still isn't very secure in comparison to better methods.

            Supporting WPA as a client would be a good extension to OpenBSD. Argueing against it like you have is horribly reasoned.

          3. By Anonymous Coward (128.171.90.200) on

            > Just because telnet and clear-text passwords are easier to use and understand, should OpenBSD condone and implement it? And thus compromise security/stability?

            Are you suggesting that OpenBSD does not support telnet ?

            Comments
            1. By Anonymous Coward (74.13.39.27) on

              > > Just because telnet and clear-text passwords are easier to use and understand, should OpenBSD condone and implement it? And thus compromise security/stability?
              >
              > Are you suggesting that OpenBSD does not support telnet ?

              It has no telnetd, that would imply it does not support it.

              Comments
              1. By Brynet (Brynet) on

                > >
                > > Are you suggesting that OpenBSD does not support telnet ?
                >
                > It has no telnetd, that would imply it does not support it.

                It has a telnet client... :P Really, I would never use WEP or WAP in my lifetime (or wireless networks..) but I do know it's widely used, support would be beneficial for those companies who deny its flaws.

                Again, nobody is demanding anything, but it should be worth looking into instead of dismissing completely.

              2. By Anonymous Coward (128.171.90.200) on

                > > > Just because telnet and clear-text passwords are easier to use and understand, should OpenBSD condone and implement it? And thus compromise security/stability? > > > > Are you suggesting that OpenBSD does not support telnet ? > > It has no telnetd, that would imply it does not support it. You mean like telnetd(8) ? http://www.openbsd.org/cgi-bin/man.cgi?query=telnetd&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html

                Comments
                1. By Anonymous Coward (128.171.90.200) on

                  Should have read ...

                  >> It has no telnetd, that would imply it does not support it.
                  >
                  > You mean like telnetd(8) ?
                  >
                  >http://www.openbsd.org/cgi-bin/man.cgi?query=telnetd&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html

                  Comments
                  1. By sthen (85.158.44.149) on

                    > Should have read ...
                    >
                    > >> It has no telnetd, that would imply it does not support it.
                    > >
                    > > You mean like telnetd(8) ?
                    > >
                    > >http://www.openbsd.org/cgi-bin/man.cgi?query=telnetd&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html

                    If you still have OpenBSD telnetd around, you haven't done a clean install for a couple of years.

                    http://archives.neohapsis.com/archives/openbsd/cvs/2005-05/0897.html

      3. By Anonymous Coward (216.68.198.57) on

        #1 feature I want, FFS2 support, solid, and later, some special crypto integration.
        #2 feature I want, lynx fixed up some more, but, its acceptable.
        #3 feature I want, better crypto, like serpent and others, especially hash stuff.
        #4 feature I want, Openssl, really worked over...- -... WPA, naw, I don't use wireless. WPA waste of time for OpenBSD developers. But I defer to them.
        One can pay for #2, and #3, and perhaps #4. And thats ok. I'd hope that some governments wake up and solve some last mile problems. It would also help them.
        OpenBSD integration with FFS2 in underway. I wait on crypto special magic later, although, one can pay for that.

        Point: Happy with OpenBSD amazing progress over the last few years!
        I also understand and respect that IT developers are 100% maxed out, things only can change so much, even with perfect work.

        Point2: If you want extra in OpenBSD, either get top coders, or use FreeBSD and have more security problems, and complexity issues, although FreeBSD is a serious system as well, just a different approach, which is also needed.

        A great thank you to OpenBSD team, they set a good path to follow with what works and is sustainable! Something that is priceless in IT.
        Peace all.

        Comments
        1. By Anonymous Coward (85.222.21.198) on

          > #1 feature I want, FFS2 support, solid, and later, some special crypto integration.
          > #2 feature I want, lynx fixed up some more, but, its acceptable.
          > #3 feature I want, better crypto, like serpent and others, especially hash stuff.
          > #4 feature I want, Openssl, really worked over...- -... WPA, naw, I don't use wireless. WPA waste of time for OpenBSD developers. But I defer to them.
          #1 compiz-fusion

      4. By Lars Hansson (203.65.245.11) lars@unet.net.ph on

        "WPA is, mostly, pointless and OpenBSD"

        That's not how reyk@ feels. WPA, at least shared key, will most likely be implemented sometime in the future.
        While it does have all the elegance and simplicity one can expect from a committee designed protocol (it sucks, in other words) it will be increasingly used.

        "already comes with some very cool and effective tools for securing a wifi connection. Use them instead."

        That doesn't really help when I'm at the univesity/company/cafe/whatever that is using shared-key WPA. Saying "you guys need to change to WEP and IPSEC" isn't likely to have any effect.

        Comments
        1. By Massimo Lusetti (massimo) on http://www.cedoc.mo.it/

          > That doesn't really help when I'm at the univesity/company/cafe/whatever that is using shared-key WPA. Saying "you guys need to change to WEP and IPSEC" isn't likely to have any effect.
          >

          Completely agree. In my day to day work i've never missed WPA but when it comes to (say) spare time or anything outside job time two or three times i find myself looking for WPA support.

  2. By Anonymous Coward (24.37.242.64) on

    Framebuffer console support. 80x25 is fine for most command line work, but sometimes you really need more than that, especially if you're monitoring processes through top or ps. Scrolling up and down can distort continuity in the output. A barebones X.org session with an xterm is not really a good solution because it involves a lot of overhead; a framebuffer console is a superior option, and one that is available in FreeBSD and GNU, so there is plenty of existing code to reference.

    I personally would be willing to help in paying someone to implement this specifically and I would even go as far as donating more money as time goes by... I don't know how the developers can stand 80x25; not everyone uses, likes or wants to use X so I think this itself would attract a lot more people and interest in OpenBSD as a whole.

    Comments
    1. By Anonymous Coward (70.173.172.228) on

      > Framebuffer console support. 80x25 is fine for most command line work, but sometimes you really need more than that, especially if you're monitoring processes through top or ps. Scrolling up and down can distort continuity in the output. A barebones X.org session with an xterm is not really a good solution because it involves a lot of overhead; a framebuffer console is a superior option, and one that is available in FreeBSD and GNU, so there is plenty of existing code to reference.
      >
      > I personally would be willing to help in paying someone to implement this specifically and I would even go as far as donating more money as time goes by...
      >
      > I don't know how the developers can stand 80x25; not everyone uses, likes or wants to use X so I think this itself would attract a lot more people and interest in OpenBSD as a whole.

      http://www.openbsd.org/faq/faq7.html#80x50

      Comments
      1. By John (69.70.68.38) on

        > > Framebuffer console support. 80x25 is fine for most command line work, but sometimes you really need more than that, especially if you're monitoring processes through top or ps. Scrolling up and down can distort continuity in the output. A barebones X.org session with an xterm is not really a good solution because it involves a lot of overhead; a framebuffer console is a superior option, and one that is available in FreeBSD and GNU, so there is plenty of existing code to reference.
        > >
        > > I personally would be willing to help in paying someone to implement this specifically and I would even go as far as donating more money as time goes by...
        > >
        > > I don't know how the developers can stand 80x25; not everyone uses, likes or wants to use X so I think this itself would attract a lot more people and interest in OpenBSD as a whole.
        >
        > http://www.openbsd.org/faq/faq7.html#80x50

        Still doesn't compare. =)

  3. By Anonymous Coward (128.171.90.200) on

    Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?

    Comments
    1. By Anonymous Coward (74.13.39.27) on

      > Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?

      macppc and sparc have been mentioned when people speak of smp development.

    2. By Otto Moerbeek (otto) on http://www.drijf.net

      > Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?

      amd64 has been SMP capable for several releases.
      some progress is being made on macppc an luna88k

      Comments
      1. By Anonymous Coward (85.178.123.98) on

        > > Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?
        >
        > amd64 has been SMP capable for several releases.
        > some progress is being made on macppc an luna88k

        Any improvements in the SMP Implementation (I don't mean porting SMP to other architectures) itself?

        Comments
        1. By scot bontrager (216.62.11.163) on

          > > > Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?
          > >
          > > amd64 has been SMP capable for several releases.
          > > some progress is being made on macppc an luna88k
          >
          > Any improvements in the SMP Implementation (I don't mean porting SMP to other architectures) itself?

          Short answer: yes.

          Long answer: The lockmgr to rwlock conversion has helped quite a bit. Some of the other changes like interrupt routing and the uvm work has helped a lot too. SMP is actually faster than UP now (but not for make build). And make -j works properly now. It's really coming along.

          Comments
          1. By Anonymous Coward (70.179.176.82) on

            > > > > Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?
            > > >
            > > > amd64 has been SMP capable for several releases.
            > > > some progress is being made on macppc an luna88k
            > >
            > > Any improvements in the SMP Implementation (I don't mean porting SMP to other architectures) itself?
            >
            > Short answer: yes.
            >
            > Long answer: The lockmgr to rwlock conversion has helped quite a bit. Some of the other changes like interrupt routing and the uvm work has helped a lot too. SMP is actually faster than UP now (but not for make build). And make -j works properly now. It's really coming along.

            I would love to see undeadly-blog posts about this work.

    3. By dingo (68.30.10.105) af.dingo@gmail.com on

      > Just out of interest, is SMP support being worked on for any other hardware platform but i386 ?

      http://archive.openbsd.nu/?ml=openbsd-ppc&a=2007-05&m=4066746

      ....and nobody stepped up to the plate.

      so, yea, i guess they worked on something else.

  4. By Anonymous Coward (74.115.21.120) on

    I must be missing something here. What needs improved in the wireless networking tools department? I don't have any trouble with ifconfig, finding and connecting to access points, with or without WEP is trivial, I don't see how it can be improved.

    Comments
    1. By Anonymous Coward (85.178.73.66) on

      > I must be missing something here. What needs improved in the wireless networking tools department? I don't have any trouble with ifconfig, finding and connecting to access points, with or without WEP is trivial, I don't see how it can be improved.

      If you say "WEP" what kind of WEP do you mean?

      WEP has many flavors (WEP+ and some kinds of 256Bit WEP even) so "what WEP" do you mean?

      Can it connect to the most basic implementations? Yes...

      But if you talk about WPA as being useless you should start to study and own a Laptop with OpenBSD on it. Do you realy think they'll switch from WPA or WPA2 to WEP or IPSec because YOU can't connect to a WPA/WPA2 Network? I don't think so...

      Comments
      1. By Anonymous Coward (74.115.21.120) on

        > If you say "WEP" what kind of WEP do you mean?
        >
        > WEP has many flavors (WEP+ and some kinds of 256Bit WEP even) so "what WEP" do you mean?
        >
        > Can it connect to the most basic implementations? Yes...
        >
        > But if you talk about WPA as being useless you should start to study and own a Laptop with OpenBSD on it. Do you realy think they'll switch from WPA or WPA2 to WEP or IPSec because YOU can't connect to a WPA/WPA2 Network? I don't think so...

        Are you mentally challenged? This has nothing to do with WPA, read the quote. The review says openbsd needs better "wireless networking tools" because its too hard to setup a wireless interface to connect to APs, especially with WEP. I said this is wrong. You blathered on about WPA which has nothing to do with anything. If you want a WPA flamewar to participate in look up. If you have something sensible to say then try again. I posted both of these from my laptop, which has been running openbsd for 4 years. Its not hard to configure wireless, with or without WEP.

  5. By Anonymous Coward (71.197.194.170) on

    Well as everyone's talking about their wishlists, I might as well contribute my own thought: safer softupdates. I don't know about any of you, but whenever I have a power-outage, I always cringe if I was doing a fairly large disk operation, because it usually means much of my data was lost.

    Comments
    1. By Anonymous Coward (87.78.158.35) on

      UPS

      Comments
      1. By sthen (85.158.44.149) on

        > UPS

        careful, some people might not realise that you're joking...
        dump(8) is your friend.

    2. By Anonymous Coward (193.63.217.208) on

      > Well as everyone's talking about their wishlists, I might as well contribute my own thought: safer softupdates. I don't know about any of you, but whenever I have a power-outage, I always cringe if I was doing a fairly large disk operation, because it usually means much of my data was lost.

      Whereas I just cringe whenever there's a power outage. No background fsck means a ridiculously long delay while rebooting. A 250GB partition takes an age to check and 250GB can't be considered "large" any more. 1TB+ filesystems aren't exactly uncommon now.

      Comments
      1. By Chris Kuethe (129.128.11.75) ckuethe@ on

        > Whereas I just cringe whenever there's a power outage. No background fsck means a ridiculously long delay while rebooting. A 250GB partition takes an age to check and 250GB can't be considered "large" any more. 1TB+ filesystems aren't exactly uncommon now.

        I'm not so sure I'm fond of the background fsck. Maybe FreeBSD has made vast improvements in their background fsck, but the last time I had to use it on a 1TB file system, it still took six forevers and a day to complete, and my disk accesses were very slow the whole time. Much like doing a raid rebuild in the background slows down your array...

        But I guess I can see circumstances where being slow all day is better than totally unavailable for 20-30min. And the 1TB under my desk doesn't take that long to fsck.

        Comments
        1. By Anonymous Coward (193.63.217.208) on

          > > Whereas I just cringe whenever there's a power outage. No background fsck means a ridiculously long delay while rebooting. A 250GB partition takes an age to check and 250GB can't be considered "large" any more. 1TB+ filesystems aren't exactly uncommon now.
          >
          > I'm not so sure I'm fond of the background fsck. Maybe FreeBSD has made vast improvements in their background fsck, but the last time I had to use it on a 1TB file system, it still took six forevers and a day to complete, and my disk accesses were very slow the whole time. Much like doing a raid rebuild in the background slows down your array...
          >
          > But I guess I can see circumstances where being slow all day is better than totally unavailable for 20-30min. And the 1TB under my desk doesn't take that long to fsck.
          >

          Perhaps what I really want is simply an end to reboot delays, not background fsck. Background fsck seems a simple, obvious (and thus probably wrong ;) ) solution to this problem. When my Windows XP workstation (some of us don't get to choose :( ) inevitably crashes, the NTFS formatted disk doesn't take ages to integrity check on reboot and also doesn't seem to lose data. As a user that is the desirable behaviour even if I don't necessarily understand how it works.

          Your 1TB system is probably considerably newer and faster than my 250GB :)

          Comments
          1. By tedu (69.12.168.115) on


            > Perhaps what I really want is simply an end to reboot delays, not background fsck.

            mount -f

          2. By Mike Swanson (71.197.194.170) on

            > When my Windows XP workstation (some of us don't get to choose :( ) inevitably crashes, the NTFS formatted disk doesn't take ages to integrity check on reboot and also doesn't seem to lose data. As a user that is the desirable behaviour even if I don't necessarily understand how it works.

            NTFS is a journalled filesystem, so Windows NT just rolls back the changes on the next mount, making a (hopefully) non-corrupted filesystem in a relatively short amount of time. Linux has the same deal with ext3 (in my opinion the safest), ReiserFS, XFS, etc.

      2. By Anonymous Coward (216.68.198.57) on

        Re:Background FSCK. My opinion, waste of developer time. OpenBSD FFS works great overall for what OpenBSD is. Now FFS2 coming, yeah!
        OpenBSD can 16 partitions. With some planning, or even a decent install and some hacks and management you'll be happy overall. Linux ZFS had some errors in it, missed those regression tests. Not that crap here with OpenBSD.
        If one buys a 1TB disk and install all in one partion, and fsck -fv in rc, don't scream at me...you might lose big time in time and memory! :) Wrong install and config, well, you lose always anywhere.

        In fact having the old rm that didn't free/reallocate was nice for some reasons, features and auto whatever, can work against one. Happy with the rm though.

        Features are ok, but knowing how things work and what is good, with a solid implementation is BEST, that seems the OpenBSD way, it forces you to learn details you'd normally never consider with a feature rich system.

        As to OpenBSD 4.1 and review, happy, thank you OpenBSD team.

    3. By dingo (68.30.10.105) on

      > Well as everyone's talking about their wishlists, I might as well contribute my own thought: safer softupdates. I don't know about any of you, but whenever I have a power-outage, I always cringe if I was doing a fairly large disk operation, because it usually means much of my data was lost.

      filesystem development is very slow, and the few changes made for ffs2 support recently could have ruined thousands of machines if some small changes wern't polished before 4.2

      you can tune a filesystem, but you can't tuna fish

  6. By Thornz (203.111.237.55) arqtro@yahoo.com on

    Nice review.

    I've always been a fan of OpenBSD and will probably will always be. Having said that, and as a consultant I wish I could position OpenBSD as the platform for every computing requirement. I know that OpenBSD folks believe on the correct solution to right problem.

    Aside from being very secure, it is very stable and reliable.

    There is of course the issue of less application support. This is where my wish list usually comes in. My first wish is that I wish I am a good C programmer so that I will be able to code and develop my wish list. But I'm not and it would probably take quite sometime for me to become one if ever.

    As of the moment, my second biggest wish for OpenBSD is native support for a Directory Service like OpenLDAP for authentication, etc... There is of course login_ldap but there is still the need to create usernames on the local machine.

    PAM is being used by other BSD's to support directory authentication but I've read the sentiments of OpenBSD folks against PAM. As excellent developers OpenBSD programmers are, I'm sure they can device a better support for local, native Directory Service authentication that fit their goals. Of course, when and if they decide as OpenBSD committers to work on such a project.

    'Till then and more power.

    Comments
    1. By Anonymous Coward (85.178.83.170) on

      > Nice review.
      >
      > I've always been a fan of OpenBSD and will probably will always be. Having said that, and as a consultant I wish I could position OpenBSD as the platform for every computing requirement. I know that OpenBSD folks believe on the correct solution to right problem.
      >
      > Aside from being very secure, it is very stable and reliable.
      >
      > There is of course the issue of less application support. This is where my wish list usually comes in. My first wish is that I wish I am a good C programmer so that I will be able to code and develop my wish list. But I'm not and it would probably take quite sometime for me to become one if ever.
      >
      > As of the moment, my second biggest wish for OpenBSD is native support for a Directory Service like OpenLDAP for authentication, etc... There is of course login_ldap but there is still the need to create usernames on the local machine.
      >
      > PAM is being used by other BSD's to support directory authentication but I've read the sentiments of OpenBSD folks against PAM. As excellent developers OpenBSD programmers are, I'm sure they can device a better support for local, native Directory Service authentication that fit their goals. Of course, when and if they decide as OpenBSD committers to work on such a project.
      >
      > 'Till then and more power.

      Well aside of your good ideas OpenBSD realy has to focus on some very importent things.

      In my personal oppinion these things are:


      Better SMP Implementation (OpenBSD is just "damn slow" compared to others. But others do have more manpower too)
      - Will become the de-facto standard because nobody will be able to buy single Core CPUs in ~6Months - 1 Year (max!)

      Faster Network Stack (Well there was some efford if I remember correctly. At least PF is now 135% faster then on 4.1! So: Great work! Thanks to Henning and all others!))
      - This will become a GREAT argument for OpenBSD! OpenBSD can do "more"
      with "less"... :)
      It also helps to resist some more DdoS Bots! *muhahhaa* :)

      ACPI
      - Necessery, absolutly! Also for Power Managaement
      Even this standard sucks OpenBSD needs to implement it :-/

      I think that are the main problems of OpenBSD currently.
      Everything else, like Drivers or new stuff isn't as importent as these things.

      Btw: Feature request: If a CPU can throttle down OpenBSD should use APM -C by default! I think power saving gets more and more importent these days so saving some Power by default would be "cool".
      At least my FW throttles the speed down/up too and I don't have any "issue". Also the Webservers do so and they work just fine. :)

      Propably a idea worth thinking about... :)
      Because even Puffy needs a cool sea otherwise it wont survife :( :p

      Comments
      1. By Anonymous Coward (69.70.68.38) on

        Faster Network Stack (Well there was some efford if I remember correctly. At least PF is now 135% faster then on 4.1! So: Great work! Thanks to Henning and all others!))

        4.1 or 4.1-current (aka 4.2)?

      2. By tedu (69.12.168.115) on


        > Btw: Feature request: If a CPU can throttle down OpenBSD should use APM -C by default! I think power saving gets more and more importent these days so saving some Power by default would be "cool".

        -C interacts poorly with dual core machines. cpu never goes above 50%, so apmd won't spin up the CPU.

        Comments
        1. By Anonymous Coward (85.178.108.194) on

          >
          > > Btw: Feature request: If a CPU can throttle down OpenBSD should use APM -C by default! I think power saving gets more and more importent these days so saving some Power by default would be "cool".
          >
          > -C interacts poorly with dual core machines. cpu never goes above 50%, so apmd won't spin up the CPU.

          then it should be improved, or?

          Seriously: Power Saving becomes a good goal...

      3. By scot bontrager (216.62.11.163) on

        > ACPI
        > - Necessery, absolutly! Also for Power Managaement
        > Even this standard sucks OpenBSD needs to implement it :-/

        It's not fully functional, and it requires a kernel rebuild, but it exists... marco (IIRC) has been really making progress over the past few months

        % dmesg | grep acpi
        acpi0 at mainbus0: rev 0
        acpi0: tables DSDT FACP APIC OEMB ASF!
        acpitimer0 at acpi0: 3579545 Hz, 24 bits
        acpi device at acpi0 from table DSDT not configured
        acpi device at acpi0 from table FACP not configured
        acpimadt0 at acpi0 table APIC addr 0xfee00000: PC-AT compat
        acpi device at acpi0 from table OEMB not configured
        acpi device at acpi0 from table ASF! not configured
        acpiprt0 at acpi0: bus 0 (PCI0)
        acpiprt1 at acpi0: bus 2 (PCI1)
        acpiprt2 at acpi0: bus 1 (P0P2)
        acpicpu0 at acpi0
        acpicpu1 at acpi0
        acpicpu2 at acpi0
        acpicpu3 at acpi0
        acpibtn0 at acpi0: PWRB

        Comments
        1. By Anonymous Coward (74.13.39.27) on

          Yes, he has, and it should have already been something anyone who reads undeadly knows, since it's been mentioned a fair bit and there was even a funding drive to get a new laptop to help with the development at one point.

        2. By Anonymous Coward (85.178.93.133) on

          > > ACPI
          > > - Necessery, absolutly! Also for Power Managaement
          > > Even this standard sucks OpenBSD needs to implement it :-/
          >
          > It's not fully functional, and it requires a kernel rebuild, but it exists... marco (IIRC) has been really making progress over the past few months
          >
          > % dmesg | grep acpi
          > acpi0 at mainbus0: rev 0
          > acpi0: tables DSDT FACP APIC OEMB ASF!
          > acpitimer0 at acpi0: 3579545 Hz, 24 bits
          > acpi device at acpi0 from table DSDT not configured
          > acpi device at acpi0 from table FACP not configured
          > acpimadt0 at acpi0 table APIC addr 0xfee00000: PC-AT compat
          > acpi device at acpi0 from table OEMB not configured
          > acpi device at acpi0 from table ASF! not configured
          > acpiprt0 at acpi0: bus 0 (PCI0)
          > acpiprt1 at acpi0: bus 2 (PCI1)
          > acpiprt2 at acpi0: bus 1 (P0P2)
          > acpicpu0 at acpi0
          > acpicpu1 at acpi0
          > acpicpu2 at acpi0
          > acpicpu3 at acpi0
          > acpibtn0 at acpi0: PWRB


          I didn't said it doesn't exist but as you also pointed out it's not "complete" yet. That's why I didn't counted it and named it still as a major goal. The work wich had been done is great but I#m sure there's still a shitload to do... :-/

      4. By Anonymous Coward (128.171.90.200) on

        > Better SMP Implementation (OpenBSD is just "damn slow" compared to others. But others do have more manpower too)

        SMP doesn't mean it's faster, it means it can do more work at the same time. Secondly OpenBSD is slower in benchmarking than other OSes, but OpenBSD doesn't play as fast-and-loose as other OSes either.

        > - Will become the de-facto standard because nobody will be able to buy single Core CPUs in ~6Months - 1 Year (max!)

        I'm not a betting man, but I doubt you are correct

  7. By Dean (63.228.86.155) on

    While the Bounty system has an attraction, I think experience shows that in the OpenBSD world the way to have progress is through hackathons. So pick an area and donate toward a hackathon. When enough money is collected, developers will gather and stuff gets committed. You can't even plan or predict what will come out, but good things happen.

    Hackathons cost though, so it would take hundreds to thousands of users to cough up serious money, $20k or so to make it happen.

    This is so late on this topic, nobody will even read it, so I'll just send in my donation the regular way.

    Comments
    1. By Anonymous Coward (81.217.26.122) on

      > While the Bounty system has an attraction, I think experience shows that in the OpenBSD world the way to have progress is through hackathons.

      There are a lot of arguments on both sides which are reasonable. After much consideration I personally do understand now that the bounty system is not a good idea, as I have realized there's a matter in a way similar to what is going on here in my personal field of work. Some people want me to do the kind of computer service which I provided to them long ago when I was in school. I now consider this work to be unsatisfying, even though they would pay rather well for it. I simply don't want to do that.

      We are simply not entitled to express our "idea" in which direction the development should go, with or without money involved. I would not like it either if people were conspiring behind my back, getting me to do what I don't want to (be it temporarily or as a matter of principle).

      However, if there is a call for funding a one-man-hackathon (besides normal hackathons) I'd be happy to contribute. Guess that's the nearest thing which comes close to the original idea.

      Comments
      1. By pete gilman (24.147.199.104) on http://p3t3.net

        > We are simply not entitled to express our "idea" in which direction the
        > development should go

        of course we are - "everyone is entitled to his opinion." the developers, however, are not in the least obliged to pay any attention. they could *choose* to listen to some of the better ideas, but they don't *have* to.

        i do wish the devs seemed a bit more open-minded in some regards. i admit that a lot of boneheaded nonsense comes from the end-user community (myself included), but surely *some* of the ideas coming from that quarter are valid and worthy of consideration. sometimes it seems that the devs reject any idea that comes from the user community just *because* it come from users - please, let each idea be considered purely on its merits, not on its source...

        Comments
        1. By Anonymous Coward (81.217.26.122) on

          > of course we are - "everyone is entitled to his opinion." the developers, however, are not in the least obliged to pay any attention. they could *choose* to listen to some of the better ideas, but they don't *have* to.

          Yeah, of course everyone may speak out. I meant nothing is served by suggesting in a manner assuming what's best for the project, hence the quotes. Not implying you did so specifically, but your post says it all, there's a bad SNR on this topic.

          If you haven't already noticed, I put my own suggestion into action and put up a bounty/fundraising page:
          http://www.openbsd-wiki.org/index.php?title=Fundraising

  8. By Anonymous Coward (91.124.217.106) on

    Ok, look people...
    Suppose I need a feature in the OpenBSD kernel.
    Suppose I never mind to write something myself.
    But before - I need a documentation with some samples of code.
    The lack of documentation on how to develop a code for kernel if not a good thing because if one can and willing to write stuff he should waste days and weeks of his time hacking the things.
    There should be a good description for the things available on the site or in /usr/share/doc. Reading sources is good, but reading sources NEVER tell you about how things are supposed to work. That is what need to be done before yelling at BIG GUYS to open their specs.

    Just my 1e-10 cents.

    Comments
    1. By tedu (69.12.168.115) on

      > Ok, look people...
      > Suppose I need a feature in the OpenBSD kernel.
      > Suppose I never mind to write something myself.
      > But before - I need a documentation with some samples of code.
      > The lack of documentation on how to develop a code for kernel if not a good thing because if one can and willing to write stuff he should waste days and weeks of his time hacking the things.
      > There should be a good description for the things available on the site or in /usr/share/doc. Reading sources is good, but reading sources NEVER tell you about how things are supposed to work. That is what need to be done before yelling at BIG GUYS to open their specs.

      http://www.amazon.com/Design-Implementation-Operating-System-Systems/dp/0201549794/ref=pd_bbs_sr_9/104-7095157-0630352?ie=UTF8&s=books&qid=1183136539&sr=8-9

      ls /usr/share/man/cat9

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]