On 1/22/06, NetNeanderthal <[EMAIL PROTECTED]> wrote: > On 1/22/06, Scott Francis <[EMAIL PROTECTED]> wrote: > > you mean, aside from including man38.tgz? What else are you looking > > for? There's some docs on their website, but why would you need > > anything beyond what ships with OpenBSD? There's a man page for > > everything, and while they don't include a "we did the following steps > > in this order, and here's why we have privoxy and pf and how they're > > configured", it's easy enough to just read the config files and the > > relevant man pages. Keep in mind also that this is, at best, a beta > > release (if not alpha). > 'They' as in you, sure.. and they didn't. Go to the site. Go to
I'm not involved with the project - just a user. I didn't even make it to ShmooCon this year to see it firsthand. At any rate, what I said stands - everything _in_ the CD is documented. It's just OpenBSD, after all (and some things from the ports tree, which all come with man pages of their own). They may not have included a "project rationale" or purpose statement or anything like that, but this is no great loss, IMO. It's OpenBSD. We all know how to read man pages for ourselves. > So, by my own determination, I choose not to trust it. You can find > no fault with that logic, especially considering the purpose of your > project. again, not my project. > > the packages are from the ports tree - are you saying they're somehow > > less trusted because you didn't install/build them yourself? The boot > > script is there for anybody to peruse who wants to; no "trust" is > > required - or at least, no more than is required for, say, flashdist > > or any other project based on a modified OpenBSD install. There's no > > secret sauce, no binary blobs, no closed source or NDAs. > So, if it's just a group of ports and a boot script, the kernel was > left untouched? I did notice some .dist files in /etc.. perhaps > 'diff' is all the documentation required. The flashdist script isn't > applicable, they don't hand out images of OpenBSD but show you how to > 'roll your own' and provide a script. Sure, documentation there is > loose as well, but it's more than the sparse peppering of a > description provided by Anonym.OS. How do you plan to keep this > patched? How are vulnerabilities handled? Errata? All the project is, as far as I can see, is OpenBSD with a few changes made to the boot sequence, and some stuff from ports. All things one could easily roll for oneself, especially since their changes are all available to view/diff/patch/apply for oneself. I really think you're making a mountain out of a molehill, but maybe that's just me. > > As far as "unwilling or unable to use OpenBSD in its native form", > > keep in mind the purpose of the project and their target audience. Not > > everybody has the luxury of their own laptop, and it's always nice to > > have something relatively secure to fall back on when stuck with a > > less-than-sanitary public-use PC. > Agreed, somewhat. This topic has been bludgeoned to death on misc, > your reasoning fails -- search the list archives. My reasoning is that if you don't have your own PC, it's nice to have something that provides a little extra security. Nothing is 100%, and if you're waiting for something that is, you've got a long wait ahead of you. blah blah keystroke loggers blah blah paranoia etc. A dose of reality is called for, I think. Granted, not everyone faces the same level of risk, so a solution that's good for J. Random User may not be sufficient for you (or me), and vice versa. I'd rather have a reasonably secure platform that I can get some work done on than no platform at all (getting no work done, while I wait for the 100% secure platform). Risk analysis and mitigation and all that. Nothing new here. > Copying a free OS and adding a few packages hardly constitutes the tag > 'developer', perhaps .. installer? scripter? I'm quite certain *shrug* they developed the live CD. I didn't say it was a work of art, genius or Herculean effort. :) Just that it's nice to see some effort ongoing in that area, and that I'd like to see more. > OpenBSD developers really could care less if their project is taken > from its natural habitat and bastardized for the consumption of a > wider audience. By your own words, this project is really not much > more than a HOWTO, sans end-user effort and the actual HOWTO document. > Or did I miss something? They went ahead and provided something for the casual user that nobody had bothered to package yet. I think that's at least worthy of a "thanks for the effort (misguided or not)" rather than pissing in their Cheerios because it's not (yet) up to OpenBSD development standards. Alpha release, etc. > > This: > > > It reeks of a clumsily-staged publicity stunt. > > definitely comes off more like sour grapes than any kind of valid > > criticism, IMO. Perhaps you didn't intend it that way. > I never claimed it as valid criticism, it's my opinion and I've a > right to it. This is *yet another* (failed) attempt at positive PR > for this script+package project. Sour grapes would imply that I am > pushing down your project to further my own agenda. I won't lose > sleep over that one until I decouple myself from OpenBSD; until then, > good luck with your PR campaign! again, not my project. Seriously, I haven't got anything to do with it, other than having downloaded the image and run it a few times. You're barking up the wrong tree here. And sour grapes doesn't necessarily imply you've got a competing agenda; oftentimes, it's just somebody who's jealous of somebody else's success. As I said before, that was my observation; it's entirely possible you didn't intend it that way (and from what you said, it sounds like you didn't). > Despite our philosophical differences, here's my constructive criticism: > > 1) If you're going to produce a bootable ISO image, also produce a > siteXX.tgz file and make it available via your website for download > during a 'regular' OpenBSD installation. > http://openbsd.org/faq/faq4.html#site *nod* all the source, and mods to the source, should be available, ideally with step-by-step details on how it gets put together, and why. > 2) Consider, perhaps, even a script that will generate the bootable CD > ISO from that siteXX.tgz customization as well. Also a good idea. > 3) Documentation _always_ a good idea. :) I'm a big fan of accurate, comprehensive documentation. I don't think we really disagree about much here, maybe just approach. At any rate, discussion is always good (although I'm taking anything further off-list). (really not sure how I ended up the apologist for this project, I certainly didn't set out as such.) cheers, -- [EMAIL PROTECTED],darkuncle.net} || 0x5537F527 encrypted email to the latter address please http://darkuncle.net/pubkey.asc for public key
