On Thu, 19 Nov 2009 19:06:53 -0800, rhubbell wrote: 8>< snipped for brevity. >> You miss the point - the reason we toot that particular horn is that >> you don't have to worry about those sorts of things (well, apart from > >Definitely not missing the point. Maybe you missed mine. Not "worrying" >because you trust everything about OpenBSD and everyone that's worked on >it and every package you've installed and every piece of hardware you've >installed, etc., etc. It's naive to point elsewhere and say "see, they're >not secure". For example should I trust you and the other "tooters" just >because you insist OpenBSD's secure?
No. That isn't the point really. It's very rare for OpenBSD to have exploits against it but I don't hear any of the developers saying that it is impregnable, just that it's as good as they can make it for their own peace of mind. They are continually re-reading the source and using various tools to do audits to help make the code correct. Correct code is a foundation of security. As you are new here, you may not yet know that OpenBSD doesn't give a stuff about "market share" and is developed by the devs for their own use and if someone else likes it, it's a case of "Here's the ftp server or you can buy a CD and if it suits your purpose, that's fine. If it doesn't then we won't cry when you leave." That has suited me for about 8 years and it has guarded quite a few "crown jewels" for my clients in that time. Oh, and I'm a retired IBM Linux instructor so I have a pretty good insight into the relative merits of this community vs that one. The point of most chuckling about others (distros,versions, dev teams) silly actions is that the OpenBSD community doesn't suffer the stupidity du jour. Recent sightings elsewhere are binary blobs, proprietary drivers and the really stupid Debian key messup. Just a bit of Schaudenfreude really when you consider that their woe is self-inflicted. *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
