Verified OS concerns

2013-09-19 Thread josef . winger 
Does OpenBSD plan to varify its (main) components, to
reach the level of zero-bug software?

If not, isn't there any concern that (future) varified OS
will render OBSD redundant one day?


/jo

Re: OpenBSD crypto and NSA/Bruce Schneier

2013-09-11 Thread josef . winger 
 Gesendet: Mittwoch, 11. September 2013 um 11:42 Uhr
 Von: Rudolf Leitgeb rudolf.leit...@gmx.at
 An: es...@nerim.net
 Cc: misc@openbsd.org
 Betreff: Re: OpenBSD crypto and NSA/Bruce Schneier

  Second, low hanging fruit.
 
 Contrary to what some hysterical reports may claim, and some violations
 of rules aside, NSA is mostly after bad guys, some of which know quite
 well what they are doing. These bad guys will not necessarily be kind
 enough to present NSA with unpatched Windows desktops.

I think that is not true. What they (and others) are after are 
CORRELATIONS, as much correlation as one can get. Thats because from
a Bayesian POV causality it isn't really needed to understand beaviour
if you have enough correlation.

Social Science becomes obsolete, if enough correlation is gathered.
See for example 
http://www.wired.com/science/discoveries/magazine/16-07/pb_theory

That paper really sounds strange on a first sight, but with big data, it is
anoter situation.

So back on topic, even if they are after the 'bad guys' they are by getting
as much data i.e.correlations as they can get...




 
  why bother with us ? people are most generally NOT careful. So, hey, 
  what if you can't break in OpenBSD ?
 
 This is not a marketing operation run by NSA which can claim success if
 they catch the 90% dumbest. Quite to the contrary, they should be most
 interested in the most sophisticated ones, and why wouldn't bad guys
 use OpenBSD if they had the impression it was more secure?

No they want it all, because much data is better than any behaviour theory
can be, just because you don't have tomake assumptions.

 
 
 As I have mentioned before: what good is perfect security in an OS if you
 have no control over the hardware? Put some back doors into the CPU or the
 networking hardware and OpenSSH will fall. There is really no point in 
 trying to outwit three letter agencies with our laptops.
 

Do you have any example for that? I mean the hardware needs software
to run, not? So you say that there a cases where there is firmware
that makes the hardware do things we can not control or encapsulate?

After all, we could change to hardware that does not have theses things.


Another think is, that today mathematically proven correct (aka zero-bug)
software is more and more faseable. See te guys from seL4.. 
Ok it is still a bit future, but soner or later we will become able to 
proof our algorithms; at least partly...

/jo

Two primary OBSD partitions on a HDD

2013-08-25 Thread josef . winger 
I read fdisk(8) carefully (At least I think so), but I repeatedly failed to
install two OBSDS on two primary partitions of a HDD.

The idea was to realize a multiboot by toogleing the boot-flag to the primary
partition of the particular OBSD system I want to boot.

However, I think that the install process always chooses the same primary
OBSD partition for installation (the first that appears in the table?) 
and I have no control.


/jo

Install drivers

2013-08-12 Thread josef . winger 
How can I force OBSD to install drivers, that are not needed
on the running hardware?

This may sound strange on a first sight, but in my situation I
have OBSD on a flash drive that runs via flashrd from RAM and
this RAM can be located in various (i386/ARM64) systems.

I want to support as much hardware as possible 'out of the box'
and since a network can't be assumed, I need to preinstall the 
drivers.


--Josef