Lets not forget Debian maintainers who think entropy is optional in encryption.
On Tue, Dec 23, 2008 at 5:34 AM, Henning Brauer <lists-open...@bsws.de>wrote: > * Douglas A. Tutty <dtu...@vianet.ca> [2008-12-23 05:45]: > > On Tue, Dec 23, 2008 at 02:41:08AM +0100, Henning Brauer wrote: > > > * Jussi Peltola <pe...@pelzi.net> [2008-12-11 20:52]: > > > > On Thu, Dec 11, 2008 at 10:30:50AM -0800, Jeff_1981 wrote: > > > > > > That said, OpenBSD base services are extremely secure, compared to > the > > > > competition, when properly configured and patched. Note that no > security > > > > audits are done to software in the ports tree; you're on your own > with > > > > 3rd party software. > > > > > > many thing from ports are patched or otherwise modified for security > > > reasons, and many things are deliberately NOT in ports due to security > > > considerations. nontheless there is truth in your above statement; > > > averaged things from ports are not on the same level as openbsd. > > > > Has anybody done any comparisons to see how things from ports > > (especially commone things like firefox) compare to the competition's > > packages (rpms, debs, whatever)? I know that the ports don't get > > audited like base, but then I don't think anyone else's does either. > > > > In other words, if you need a box with multiple third-party apps, (lets > > say that none of them are server apps), (eg, firefox, a window manager or > > DTE, mutt, LaTex, gv, a pdf reader), which box would be more secure > > (with the same admin): OpenBSD with ports or a Linux (e.g. Debian)? > > easy - OpenBSD. Linux doesn't have propolice, randomized malloc/mmap, > randomized library addresses etc yadda yadda yadda. > > crappy applications are still crappy applications on OpenBSD, but > worse on pretty much any other OS. > > -- > Henning Brauer, h...@bsws.de, henn...@openbsd.org > BS Web Services, http://bsws.de > Full-Service ISP - Secure Hosting, Mail and DNS Services > Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam > > -- /"\ ASCII Ribbon Campaign \ / Respect for low technology. X Keep e-mail messages readable by any computer system. / \ Keep it ASCII.
