>1. OpenBSD is a great example of the difference that having security as >a primary design and development objective makes, unlike most other >OSes (including all flavors of linux) which do "added" security.
Yes, primary objective. Definitely. It is also form of "added" security, because it is based on constantly iterating and auditing old source and design. It isn't made cleanroom software development process from ground up. Of course, me and probably everyone else here appreciate the real security which is achieved by correcting the bugs. >A quick look at [0] demonstrates your utter ignorance of EAL I know EAL. My point was that ancient unsecure stuff can be secured by auditing, re-engineering and using mitigation. OpenBSD is prime example. These methods also apply running Javascript. >It's probably high time to let this utterly degenerated thread die.. I agree. It has done its purpose when Matthew pointed that sandboxing is not implemented in Chromium or Firefox.
