Re: facts about OpenBSD
On Wed, Jan 09, 2008 at 05:07:35PM -0600, Jacob Yocom-Piatt wrote: > Marc Balmer wrote: > >Nikns Siankin wrote: > > > >>Facts about OpenBSD: > >> > >># Stable release cycle. If you want to run latest bugfree ClamAV or > >>FireFox - upgrade to CURRENT! But don't forget to buy release CD's!!! > >># Secure By Default. > >> OpenBSD uses broken WEP for securing WiFi networks. > >> Has no WPA/WPA2 support. > >># Do not let serious problems sit unsolved. OpenBSD doesn't need > >>MAC because it has their own security flawed systrace. > >># Use of Cryptography. OpenBSD uses file-backed encryption (svnd) > >>which is very suited > >> for Full-disk-encryption. NOT. > >># Full Disclosure. OpenBSD at first denies remote exploitable > >>flaws. DoS flaws gets marked as reliability not security issues. > >># Easy maintainable. OpenBSD distributes source patches to make > >>your farm of > >> Pentium2 firewalls updated easly. > >># Secure Distribution. > >> The most secure operation system gets distributed on FTP servers > >> as unsigned binaries. > > > Facts about Nikns Siankin: > > # Whiner. He bitches incessantly about stuff and does nothing to fix > it. AFAICT he's even saying that purchasing the CDs is pointless. > # Jerk. He ignores that most of the development time that goes into > OpenBSD is DONATED by highly-skilled individuals. You can only add as > many bells and whistles as you have resources and time. > # Misleading. He claims the system is distributed on FTP servers and > elects not to note that code is available via cvs over ssh. > # Ignorant. OpenBSD has myriad additional security technologies in it > that help to moderate vulnerabilities in poorly coded applications like > firefox and clamav. > # Idiot. By whining in a totally counterproductive fashion he alienates > himself from those who would otherwise, provided his requests were > reasonable, help him out. I'd add some points: # Possibly frustrated because quite a few diffs never made it into ports. I guess due to lack of time or interest of the devs # Helpful with testing ports and get bugs fixed there Thanks Nikns, for your help so far. I don't feel great about the situation with -stable ports. But as I only run 2 OpenBSD boxes at the moment, I usually stick to -current anyway. And as I don't have time nor machines to contribute/test -stable ports I think I don't should complain about the -stable situation. What is a bit unclear to me: are some developers willing to commit security patches for -stable ports if # posts of security patches for -stable ports are welcome on @ports? # someone put them together? # they get enough testing? Apart from this, I haven't seen any posts of security patches (not updates) for -stable on @ports during last months. At least I can't remember any. Regards, Markus
Re: facts about OpenBSD (FOOOLS)
On Mon, 14 Jan 2008 12:53:35 -0800 johan beisser <[EMAIL PROTECTED]> wrote: > Bitching and whining get you nothing. When will you people stop responding to whiners like this!? He's bitching and your just bitching back. Leave the ignorant fool alone, and he will stop barking up your three! It's not that difficult!!
Re: facts about OpenBSD
On Jan 14, 2008, at 12:09 PM, Nikns Siankin wrote: If you get money from selling CDs/soft, its just clearly unfair to not support it. Yes, I'm talking about stable ports. Actually, the OpenBSD OS is supported. Your argument is pointless. Stable ports are NOT supported because, well, it's not really part of the OS. If you want stable ports, build it all yourself, for the architectures you need. If you really think they're so important, donate hardware to OpenBSD, and create your own position in the ranks of various devs. Bitching and whining get you nothing. If you claim to produce the most secure OS, you have to prove that by provaiding secure wifi encryption for masses (WPAx) and usable disk encryption design for laptops and so on... I fail to see where those features make you "more secure." WPA is a clusterfuck. Wireless by its very nature is almost un-securable, even with cruft like WPA added in. If you want "more secure" you should look at alternate solutions (IPSec, OpenVPN, etc). And, even then, you may want to just review your code and implementation. Full disk encryption also only provides so much benefit to code complexity increase. I like OpenBSD, but if I need full disk encryption I still use vnd(4), a passphrase that's different from my account password, and mount that locally. Manually. Every time you mount the image. If you want FileVault style access, write your own login patch to handle mounting the image, and submit it. ...or let's just call it perfect wired firewall... Does quite well for me.
Re: facts about OpenBSD
On Jan 14, 2008 10:09 PM, Nikns Siankin <[EMAIL PROTECTED]> wrote: > On Mon, Jan 14, 2008 at 01:39:15PM -0600, Jacob Yocom-Piatt wrote: > > you are correct that some of the issues you brought up are actual > > shortcomings in openbsd. however, **bitching** that these are problems > that > > need to be fixed is about as rude as you can get. a number of the issues > > you complained about are in the process of getting fixed, but you > obviously > > neglected to thoroughly investigate the options. i see no reason these > > issues "MUST" be fixed (you've provided no compelling argument) only > that > > they can and likely are being fixed. > > > > if openbsd had a steady budget of several 100K CAD per annum and more > devs, > > your bitching might be perceived as reasonable since it would likely > mean > > that those areas had been disproportionately or unreasonably neglected. > as > > it stands there is only so much dev time for so many things and nobody > is > > actively neglecting the areas you've complained about. > > > > i was just thinking about emailing volkswagen corporate HQ and bitching > > about how my VW is not a porsche and that they should immediately double > my > > car's horsepower and torque, fix the suspension, refit the brakes, etc. > > does that seem reasonable? > > If you get money from selling CDs/soft, its just clearly unfair to not > support it. Yes, I'm talking about stable ports. > > If you claim to produce the most secure OS, you have to prove that by Cam you prove that another OS is more secure? > > provaiding secure wifi encryption for masses (WPAx) and usable disk > encryption design for laptops and so on... > ...or let's just call it perfect wired firewall... Less talking. More coding. kthnkbye > > > > > > > >> > >>> Oh, no wait. you want *other* people todo the work for you, > >>> its not enough that you got what they gave already you want > >>> more, you ungrateful whining dick. > >>> > >>> -- > >>> Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein > >>> Lebelang. > >>> (Who does not love wine, women, and song, Remains a fool his whole > life > >>> long.) > >>>-- Johann Heinrich Voss > >>> > >> > >> > > > > > > --
Re: facts about OpenBSD
On Mon, Jan 14, 2008 at 01:39:15PM -0600, Jacob Yocom-Piatt wrote: > you are correct that some of the issues you brought up are actual > shortcomings in openbsd. however, **bitching** that these are problems that > need to be fixed is about as rude as you can get. a number of the issues > you complained about are in the process of getting fixed, but you obviously > neglected to thoroughly investigate the options. i see no reason these > issues "MUST" be fixed (you've provided no compelling argument) only that > they can and likely are being fixed. > > if openbsd had a steady budget of several 100K CAD per annum and more devs, > your bitching might be perceived as reasonable since it would likely mean > that those areas had been disproportionately or unreasonably neglected. as > it stands there is only so much dev time for so many things and nobody is > actively neglecting the areas you've complained about. > > i was just thinking about emailing volkswagen corporate HQ and bitching > about how my VW is not a porsche and that they should immediately double my > car's horsepower and torque, fix the suspension, refit the brakes, etc. > does that seem reasonable? If you get money from selling CDs/soft, its just clearly unfair to not support it. Yes, I'm talking about stable ports. If you claim to produce the most secure OS, you have to prove that by provaiding secure wifi encryption for masses (WPAx) and usable disk encryption design for laptops and so on... ...or let's just call it perfect wired firewall... > > >> >>> Oh, no wait. you want *other* people todo the work for you, >>> its not enough that you got what they gave already you want >>> more, you ungrateful whining dick. >>> >>> -- >>> Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein >>> Lebelang. >>> (Who does not love wine, women, and song, Remains a fool his whole life >>> long.) >>>-- Johann Heinrich Voss >>> >> >> > > > --
Re: facts about OpenBSD
On 1/14/08, Nikns Siankin <[EMAIL PROTECTED]> wrote: > Well, before you ask for diffs, > I have to hear from devs, that these ARE > considered to be issues that MUST be fixed. they are not issues that must be fixed.
Re: facts about OpenBSD
Nikns Siankin wrote: On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote: Lots of whining. Where are your diffs to fix these issues ? Well, before you ask for diffs, I have to hear from devs, that these ARE considered to be issues that MUST be fixed. Until that, i can stick my diffs in your ass. you are correct that some of the issues you brought up are actual shortcomings in openbsd. however, **bitching** that these are problems that need to be fixed is about as rude as you can get. a number of the issues you complained about are in the process of getting fixed, but you obviously neglected to thoroughly investigate the options. i see no reason these issues "MUST" be fixed (you've provided no compelling argument) only that they can and likely are being fixed. if openbsd had a steady budget of several 100K CAD per annum and more devs, your bitching might be perceived as reasonable since it would likely mean that those areas had been disproportionately or unreasonably neglected. as it stands there is only so much dev time for so many things and nobody is actively neglecting the areas you've complained about. i was just thinking about emailing volkswagen corporate HQ and bitching about how my VW is not a porsche and that they should immediately double my car's horsepower and torque, fix the suspension, refit the brakes, etc. does that seem reasonable? Oh, no wait. you want *other* people todo the work for you, its not enough that you got what they gave already you want more, you ungrateful whining dick. -- Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang. (Who does not love wine, women, and song, Remains a fool his whole life long.) -- Johann Heinrich Voss --
Re: facts about OpenBSD
On Monday 14 January 2008 11:30:11 Nikns Siankin wrote: > On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote: > >Lots of whining. > > > >Where are your diffs to fix these issues ? > > Well, before you ask for diffs, > I have to hear from devs, that these ARE > considered to be issues that MUST be fixed. > Until that, i can stick my diffs in your ass. Actually, writing something and submitting it is a very reasonable thing to do. It could solve your problem, and might help someone else. It's also educational, in that diffs need to be of high quality (ie, correct) to be accepted. --STeve Andre'
Re: facts about OpenBSD
On Mon, Jan 14, 2008 at 02:58:17PM +0100, Thordur I. Bjornsson wrote: >Lots of whining. > >Where are your diffs to fix these issues ? Well, before you ask for diffs, I have to hear from devs, that these ARE considered to be issues that MUST be fixed. Until that, i can stick my diffs in your ass. > >Oh, no wait. you want *other* people todo the work for you, >its not enough that you got what they gave already you want >more, you ungrateful whining dick. > >-- >Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang. >(Who does not love wine, women, and song, Remains a fool his whole life long.) >-- Johann Heinrich Voss
Re: facts about OpenBSD
Lots of whining. Where are your diffs to fix these issues ? Oh, no wait. you want *other* people todo the work for you, its not enough that you got what they gave already you want more, you ungrateful whining dick. -- Wer nicht liebt Wein, Weib und Gesang / Der bleibt ein Narr sein Lebelang. (Who does not love wine, women, and song, Remains a fool his whole life long.) -- Johann Heinrich Voss
Re: facts about OpenBSD
Nikns Siankin <[EMAIL PROTECTED]> writes: > hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP. > see ya the other option of course is to just buy the CDs. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: facts about OpenBSD
Nikns Siankin P=P0P?P8QP0: On Mon, Jan 14, 2008 at 01:14:07PM +0100, Peter N. M. Hansteen wrote: Nikns Siankin <[EMAIL PROTECTED]> writes: When we will meet in Riga, I will like to hear from you explanation, how does putting md5 checksum file *along* with installables on the same vulnerable channel, helps to make sure, that they are not backdoored ;] you don't have to wait that long. fetch the files from different mirrors. hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP. see ya -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. Go buy the CD set, Mr. Security - or you don't trust the postman either? Now - seriuosly - let's stop all the shit. The misc@ has been 99% flame these days... Regards, Doichin
Re: facts about OpenBSD
On Mon, Jan 14, 2008 at 01:14:07PM +0100, Peter N. M. Hansteen wrote: >Nikns Siankin <[EMAIL PROTECTED]> writes: > >> When we will meet in Riga, I will like to hear from you explanation, >> how does putting md5 checksum file *along* with installables on the >> same vulnerable channel, helps to make sure, that they are not backdoored ;] > >you don't have to wait that long. fetch the files from different mirrors. hahaha. yeah. different vulnerable mirror, while I'm MITM'ing your ISP. see ya > >-- >Peter N. M. Hansteen, member of the first RFC 1149 implementation team >http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ >"Remember to set the evil bit on all malicious network traffic" >delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: facts about OpenBSD
On Mon, Jan 14, 2008 at 12:11:13PM +0100, Peter N. M. Hansteen wrote: >Joe <[EMAIL PROTECTED]> writes: > >>> # Secure Distribution. >>> The most secure operation system gets distributed on FTP servers >>> as unsigned binaries. >> >> You should create your own binaries if you want secure binaries. > >He's also conveniently forgetting about the MD5 sums, conveniently >provided in a file called MD5 along with the installables. IMO >'signed binaries' is an overhyped buzzword. When we will meet in Riga, I will like to hear from you explanation, how does putting md5 checksum file *along* with installables on the same vulnerable channel, helps to make sure, that they are not backdoored ;] > >-- >Peter N. M. Hansteen, member of the first RFC 1149 implementation team >http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ >"Remember to set the evil bit on all malicious network traffic" >delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: facts about OpenBSD
Nikns Siankin <[EMAIL PROTECTED]> writes: > When we will meet in Riga, I will like to hear from you explanation, > how does putting md5 checksum file *along* with installables on the > same vulnerable channel, helps to make sure, that they are not backdoored ;] you don't have to wait that long. fetch the files from different mirrors. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: facts about OpenBSD
Joe <[EMAIL PROTECTED]> writes: >> # Secure Distribution. >> The most secure operation system gets distributed on FTP servers >> as unsigned binaries. > > You should create your own binaries if you want secure binaries. He's also conveniently forgetting about the MD5 sums, conveniently provided in a file called MD5 along with the installables. IMO 'signed binaries' is an overhyped buzzword. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: facts about OpenBSD
On Jan 9, 2008, at 1:03 PM, Nikns Siankin wrote: Facts about OpenBSD: # Stable release cycle. If you want to run latest bugfree ClamAV or FireFox - upgrade to CURRENT! But don't forget to buy release CD's!!! # Secure By Default. OpenBSD uses broken WEP for securing WiFi networks. Search the list for why WPA is considered a "mess" and "complicated". Has no WPA/WPA2 support. # Do not let serious problems sit unsolved. OpenBSD doesn't need MAC because it has their own security flawed systrace. # Use of Cryptography. OpenBSD uses file-backed encryption (svnd) which is very suited for Full-disk-encryption. NOT. # Full Disclosure. OpenBSD at first denies remote exploitable flaws. That's just not true. DoS flaws gets marked as reliability not security issues. That is true. Do you propose lumping every issue as a security issue? I hope they don't. # Easy maintainable. OpenBSD distributes source patches to make your farm of Pentium2 firewalls updated easly. Are you hoping for "apt-get upgrade"? There are lots of people that compile their updates and apply them to multiple servers with ease. Just because you don't know how to do something, doesn't mean it can't be done. # Secure Distribution. The most secure operation system gets distributed on FTP servers as unsigned binaries. You should create your own binaries if you want secure binaries. Disclaimer: Like it or not. I'm OpenBSD user for 4 years. Shit on my head - shit on all OpenBSD supporters. I'm not subscribed, cc me, if have something to say. I too have been an OpenBSD user for number of years. All of the issues that you bring up have been addressed a number of times on this list. Solutions for most of these issues exist. OpenBSD does not claim to be an auto-magic do-it-all-for-you OS like some of the linux distros. You don't really think OpenBSD provided binaries are more secure than building your own do you? I am no developer, however, I have learned that to get something done, you need to contribute something. As a user I don't fully understand the technical reasons for implementing something a certain way or not implementing something at all. You have different expectations of OpenBSD than what OpenBSD actually does and provides. If you want to see changes, this email is the wrong way to do that. If you just want to complain, well now you did it and now you should try another OS. Regarding your email etiquette, you should have thought through your email a little more before sending it. I would hate to work with you or be one of your customers if that's how you write emails.
Re: facts about OpenBSD
On Jan 10, 2008 7:52 PM, Stuart Henderson <[EMAIL PROTECTED]> wrote: > > maybe also because, having just had a something of a flamefest, > they're wary of fanning this fire. > That describes me :-)
Re: facts about OpenBSD
4 years using OpenBSD . huh ? i guess now, u stop using OpenBSD and start making your ownOS ... LOL and you just whining + flamer = junker = rest in hell ... On 1/12/08, Nikns Siankin <[EMAIL PROTECTED]> wrote: > > Thanks everyone who responded in constructive fashion, > and thanks for all additions to list, sorry for not answering you all! > > These who got hurt about these truthfull facts, rest in peace. hehehe > > > On Wed, Jan 09, 2008 at 11:03:29PM +0200, Nikns Siankin wrote: > >Facts about OpenBSD: > > > ># Stable release cycle. > > If you want to run latest bugfree ClamAV or FireFox - upgrade to > CURRENT! > > But don't forget to buy release CD's!!! > ># Secure By Default. > > OpenBSD uses broken WEP for securing WiFi networks. > > Has no WPA/WPA2 support. > ># Do not let serious problems sit unsolved. > > OpenBSD doesn't need MAC because it has their own security flawed > systrace. > ># Use of Cryptography. > > OpenBSD uses file-backed encryption (svnd) which is very suited > > for Full-disk-encryption. NOT. > ># Full Disclosure. > > OpenBSD at first denies remote exploitable flaws. > > DoS flaws gets marked as reliability not security issues. > ># Easy maintainable. > > OpenBSD distributes source patches to make your farm of > > Pentium2 firewalls updated easly. > ># Secure Distribution. > > The most secure operation system gets distributed on FTP servers > > as unsigned binaries. > > > > > >Disclaimer: Like it or not. I'm OpenBSD user for 4 years. > >Shit on my head - shit on all OpenBSD supporters. > > > > > > > >I'm not subscribed, cc me, if have something to say. > > -- number one puffy fans !
Re: facts about OpenBSD
Thanks everyone who responded in constructive fashion, and thanks for all additions to list, sorry for not answering you all! These who got hurt about these truthfull facts, rest in peace. hehehe On Wed, Jan 09, 2008 at 11:03:29PM +0200, Nikns Siankin wrote: >Facts about OpenBSD: > ># Stable release cycle. > If you want to run latest bugfree ClamAV or FireFox - upgrade to CURRENT! > But don't forget to buy release CD's!!! ># Secure By Default. > OpenBSD uses broken WEP for securing WiFi networks. > Has no WPA/WPA2 support. ># Do not let serious problems sit unsolved. > OpenBSD doesn't need MAC because it has their own security flawed systrace. ># Use of Cryptography. > OpenBSD uses file-backed encryption (svnd) which is very suited > for Full-disk-encryption. NOT. ># Full Disclosure. > OpenBSD at first denies remote exploitable flaws. > DoS flaws gets marked as reliability not security issues. ># Easy maintainable. > OpenBSD distributes source patches to make your farm of > Pentium2 firewalls updated easly. ># Secure Distribution. > The most secure operation system gets distributed on FTP servers > as unsigned binaries. > > >Disclaimer: Like it or not. I'm OpenBSD user for 4 years. >Shit on my head - shit on all OpenBSD supporters. > > > >I'm not subscribed, cc me, if have something to say.
Re: facts about OpenBSD
On Thu, Jan 10, 2008 at 03:03:02PM +0200, Nikns Siankin wrote: > On Thu, Jan 10, 2008 at 12:43:48PM +, Edd Barrett wrote: > >Hello, > > > >A lot of this is down to manpower or lack thereof. You can make it > >better if you put some effort in. Failing that, If it's so bad, then > >why don't you use another operating system? > > Hi, > I don't believe anymore, that someone from side can make it better. > The only people who could make it better are talking to community > only when release CD needs to get sold or donations are needed. Well, duh, the rest of the time, they're writing code and fixing various little problems. I don't think you have any actual idea how much time it takes to write code that would do any of the things you complain about.
Re: facts about OpenBSD
On Wed, Jan 09, 2008 at 11:03:29PM +0200, Nikns Siankin wrote: > # Secure By Default. > OpenBSD uses broken WEP for securing WiFi networks. > Has no WPA/WPA2 support. Where is your wpa code for OpenBSD ?
Re: facts about OpenBSD
On Thu, 10 Jan 2008 14:24:33 +0200 Nikns Siankin <[EMAIL PROTECTED]> wrote: > On Thu, Jan 10, 2008 at 09:56:01PM +1100, Rod Whitworth wrote: > >On Thu, 10 Jan 2008 12:00:53 +0200, Nikns Siankin > ><[EMAIL PROTECTED]> wrote: > >>[..] > >> > >We have had several pointless trolls too many lately. As a result your > >pointless humour does not raise a laugh. > > > > Stay on-topic or fuck off like jacob does. > Who *pays* you for this? I'd need to be paid, and well. Dhu > > >Rod/ > >/earth: write failed, file system is full > >cp: /earth/creatures: No space left on device
Re: facts about OpenBSD
In article <[EMAIL PROTECTED]>, Nikns Siankin wrote: > > I don't believe anymore, that someone from side can make it better. > The only people who could make it better are talking to community > only when release CD needs to get sold or donations are needed. So you think that the community at large can have an effect on the actual code that gets written? Possibly. You think that the best way to do this is to "shit on" OpenBSD and somehow reduce the number of CD's sold? To reduce the minimal amount of funding that any of the developers could have? And to top it off, to piss them off and make coding a chore as opposed to a fun thing? While I certainly don't code as much as all the other OpenBSD developers, I can say that removing my enjoyment of spending any of my scarce time coding will be spent coding on things I enjoy first, and patches for people I enjoy working with second. People like you don't even come on the horizon. If you believe that these things need to be done, and can not be done from "inside", by all means, the code is all there. Feel free to start producing this much needed code. -Toby. -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Re: facts about OpenBSD
On Thu, 10 Jan 2008 12:33:57 -0600 "Tony Abernethy" <[EMAIL PROTECTED]> wrote: > Nikns Siankin wrote: > > I see people keep repeating nonsense like this > > instead of talking about topic. > At least he can read. And think. Leave the troll alone, he wants someone to play with, and he got that.
Re: facts about OpenBSD
In article <[EMAIL PROTECTED]>, Nikns Siankin wrote: > > # Stable release cycle. >If you want to run latest bugfree ClamAV or FireFox - upgrade to CURRENT! >But don't forget to buy release CD's!!! Well, by buying the release CD you get a fairly secure method of getting the majority of the bits. (Most snail-mails take security at least a little bit serious). > # Secure By Default. >OpenBSD uses broken WEP for securing WiFi networks. >Has no WPA/WPA2 support. Do you have a need for WPA/WPA2 support? Please feel free to submit patches to implement this functionality. I'm sure that a nuymber of people will be pleased. > # Do not let serious problems sit unsolved. >OpenBSD doesn't need MAC because it has their own security flawed systrace. MAC? As in mandatory access control? Sure we have it. Any unix out there has it. It's called a uid and a list of gid's. Now, if that does not fit your needs, you have options. > # Use of Cryptography. >OpenBSD uses file-backed encryption (svnd) which is very suited >for Full-disk-encryption. NOT. Again, feel free to submit patches. > # Full Disclosure. >OpenBSD at first denies remote exploitable flaws. >DoS flaws gets marked as reliability not security issues. If your network/systems are setup in such a way that a DoS causes a security issue, the insecure portion is your system, not the machine that happens to tank. > # Easy maintainable. >OpenBSD distributes source patches to make your farm of >Pentium2 firewalls updated easly. I've never had a problem. If you do, feel free to build an infrastructure that you (and others?) can use that is better. > # Secure Distribution. >The most secure operation system gets distributed on FTP servers >as unsigned binaries. Nah, we sell you real CD's. The FTP servers are there for the convenience of people much less annoying than you. :) > Disclaimer: Like it or not. I'm OpenBSD user for 4 years. > Shit on my head - shit on all OpenBSD supporters. Huh? I'd prefer a toilet, but if you're really in the mood, I'm sure there is a place on the internet looking for someone with your particular type of phantasy... *shrug* to each his own I guess. -Toby. PS: Nah, I won't bother CC'ing you. -- [100~Plax]sb16i0A2172656B63616820636420726568746F6E61207473754A[dZ1!=b]salax
Re: facts about OpenBSD
Nikns Siankin wrote: > I see people keep repeating nonsense like this > instead of talking about topic. At least he can read. And think.
Re: facts about OpenBSD
Amarendra Godbole schrieb: > On Jan 10, 2008 6:14 PM, Nikns Siankin <[EMAIL PROTECTED]> wrote: > [...] > >> I get lot of response offlist. >> It seems that people... > [...] > > I am relatively new to OpenBSD, I am merely a user, and I read the > misc@ list always. I do my homework mostly before posting/asking for > doubts, and IMHO, OpenBSD folks have been the most kind and helpful > till now. The S/N ratio on these lists is "very-high" (unless folks > like RMS topple it). The learning method here is very difficult - you > do your homework, and expect no handholding at all. > [...] > Are you upset because: > - your patches were not accepted > - RMS paid you to topple the S/N ratio one more time > - you don't get any handholding from the devs > - reason unknown to me > (tick one, then have a cup of coffee, take a walk in the woods, and come > back). > > If you still don't like OpenBSD and are totally fed up with it, DON'T USE IT. > I like that post, Amarendra, I think you have written what many people are thinking. -- Michael Schmidt MIRRORS: Watcom ftp://ftp.fh-koblenz.de/pub/CompilerTools/Watcom/ OpenOffice ftp://ftp.fh-koblenz.de/pub/OpenOffice/
Re: facts about OpenBSD
On 2008/01/10 14:44, Nikns Siankin wrote: > >> # Do not let serious problems sit unsolved. > >> OpenBSD doesn't need MAC because it has their own security flawed > >> systrace. > > > >i do not get the point. seriously, have you ever used systrace? > > Sure I do, but it's flawed now anyway. even flawed, systrace is damn useful, porters use it all the time to help detect when ports need extra work to make sure they install things to the right place. > OpenBSD needs MAC. you haven't said anything to convince me about that... you might see a need for it, but plenty of people don't. > >> # Use of Cryptography. > >> OpenBSD uses file-backed encryption (svnd) which is very suited > >> for Full-disk-encryption. NOT. > > > >wrong. i use it on a whole raid 1 disk for example, no problems here. > > Me too. I'm talking about full-disk-encryption, which doesn't seem to > be easy hack. of course not. if it were easy, it would most likely be already available. it *is* being worked on though. see the last paragraph in http://www.onlamp.com/pub/a/bsd/2007/11/01/whats-new-in-bsd-42.html?page=last > >> # Full Disclosure. > >> OpenBSD at first denies remote exploitable flaws. > >> DoS flaws gets marked as reliability not security issues. > > > >what's the problem? > > Denial of Service stands for AVAILABILITY. > Information security goals are confidentiality, integrity AND availability. 'security fix' is a way of saying, look, this is *important*, read it right away, if it affects you and you can't work around, patch urgently. if you start calling every problem a security fix, people won't take the real security fixes seriously. of *course* people interested in availability should treat reliability fixes as a high priority too. and it's absolutely clear how OpenBSD errata are labelled so there's no excuse not to. but for some (I think most) people, a bug resulting in crashes is *far* less of a problem than a bug resulting in unauthorised control of your machines. so it's a good thing that they're labelled differently. > I get lot of response offlist. > It seems that people are afraid to discuss these issues onlist, > guess because of this "YOURE WHINER" or "DONT LIKE DONT USE" attitude. maybe also because, having just had a something of a flamefest, they're wary of fanning this fire.
Re: facts about OpenBSD
On Thu, Jan 10, 2008 at 09:04:52AM -0500, Curt Micol wrote: >On Jan 10, 2008 8:39 AM, Nikns Siankin <[EMAIL PROTECTED]> wrote: >> I see people keep repeating nonsense like this >> instead of talking about topic. > >This is due to the fact that people don't feel your thoughts are on >topic. Bitch elsewhere, thats what blogs are for. Leave misc@ for >those people who want to work on or with the OS. Your stupid thoughts >are unimportant unless you are willing to contribute to assist with >fixing what it is you think is wrong. If my stupid thoughts are unimportant for you, fuckoff and go shit elsewhere. > >Please unsubscribe and stop trolling. > >-- ># Curt Micol >"Today is the tomorrow I was so worried about yesterday." -Anthony Hopkins
Re: facts about OpenBSD
On Jan 10, 2008 8:39 AM, Nikns Siankin <[EMAIL PROTECTED]> wrote: > I see people keep repeating nonsense like this > instead of talking about topic. This is due to the fact that people don't feel your thoughts are on topic. Bitch elsewhere, thats what blogs are for. Leave misc@ for those people who want to work on or with the OS. Your stupid thoughts are unimportant unless you are willing to contribute to assist with fixing what it is you think is wrong. Please unsubscribe and stop trolling. -- # Curt Micol "Today is the tomorrow I was so worried about yesterday." -Anthony Hopkins
Re: facts about OpenBSD
Amen to this. On Jan 10, 2008 8:18 AM, Peter N. M. Hansteen <[EMAIL PROTECTED]> wrote: > Damn, misc@ used to have such a nice signal to noise ratio. -- # Curt Micol "Today is the tomorrow I was so worried about yesterday." -Anthony Hopkins
Re: facts about OpenBSD
On Jan 10, 2008 6:14 PM, Nikns Siankin <[EMAIL PROTECTED]> wrote: [...] > I get lot of response offlist. > It seems that people are afraid to discuss these issues onlist, > guess because of this "YOURE WHINER" or "DONT LIKE DONT USE" attitude. [...] I am relatively new to OpenBSD, I am merely a user, and I read the misc@ list always. I do my homework mostly before posting/asking for doubts, and IMHO, OpenBSD folks have been the most kind and helpful till now. The S/N ratio on these lists is "very-high" (unless folks like RMS topple it). The learning method here is very difficult - you do your homework, and expect no handholding at all. For people having "very less patience", and who wish to always be spoon fed, and who whine without offering a solution (at least I did not see it on misc@), there are many Linux mailing lists around. Not OpenBSD for sure. Now please, if you feel something is not working, or broken, or needs improvement - send a patch to tech@, and if its worth it will be accepted (no I haven't submitted yet a single patch, heck, I don't even know 0.5% of OBSD source code. But I am learning, and I will take my own time). Are you upset because: - your patches were not accepted - RMS paid you to topple the S/N ratio one more time - you don't get any handholding from the devs - reason unknown to me (tick one, then have a cup of coffee, take a walk in the woods, and come back). If you still don't like OpenBSD and are totally fed up with it, DON'T USE IT. -Amarendra
Re: facts about OpenBSD
On Thu, Jan 10, 2008 at 07:02:16PM +0530, Amarendra Godbole wrote: >On Jan 10, 2008 6:14 PM, Nikns Siankin <[EMAIL PROTECTED]> wrote: >[...] >> I get lot of response offlist. >> It seems that people are afraid to discuss these issues onlist, >> guess because of this "YOURE WHINER" or "DONT LIKE DONT USE" attitude. >[...] > >I am relatively new to OpenBSD, I am merely a user, and I read the >misc@ list always. I do my homework mostly before posting/asking for >doubts, and IMHO, OpenBSD folks have been the most kind and helpful >till now. The S/N ratio on these lists is "very-high" (unless folks >like RMS topple it). The learning method here is very difficult - you >do your homework, and expect no handholding at all. > >For people having "very less patience", and who wish to always be >spoon fed, and who whine without offering a solution (at least I did >not see it on misc@), there are many Linux mailing lists around. Not >OpenBSD for sure. Now please, if you feel something is not working, or >broken, or needs improvement - send a patch to tech@, and if its worth >it will be accepted (no I haven't submitted yet a single patch, heck, >I don't even know 0.5% of OBSD source code. But I am learning, and I >will take my own time). Ok. You are new to OpenBSD and naive. I see people keep repeating nonsense like this instead of talking about topic. >Are you upset because: >- your patches were not accepted >- RMS paid you to topple the S/N ratio one more time >- you don't get any handholding from the devs >- reason unknown to me >(tick one, then have a cup of coffee, take a walk in the woods, and come back). > >If you still don't like OpenBSD and are totally fed up with it, DON'T USE IT. > >-Amarendra
Re: facts about OpenBSD
Nikns Siankin <[EMAIL PROTECTED]> writes: > The only people who could make it better are talking to community > only when release CD needs to get sold or donations are needed. This tells me mainly you don't actually read the OpenBSD mailing lists. Damn, misc@ used to have such a nice signal to noise ratio. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: facts about OpenBSD
On Thu, Jan 10, 2008 at 12:43:48PM +, Edd Barrett wrote: >Hello, > >A lot of this is down to manpower or lack thereof. You can make it >better if you put some effort in. Failing that, If it's so bad, then >why don't you use another operating system? Hi, I don't believe anymore, that someone from side can make it better. The only people who could make it better are talking to community only when release CD needs to get sold or donations are needed. > >-- >Best Regards > >Edd > >--- >http://students.dec.bournemouth.ac.uk/ebarrett
Re: facts about OpenBSD
On Thu, Jan 10, 2008 at 11:56:15AM +0100, Joerg Zinke wrote: >On Wed, 9 Jan 2008 23:03:29 +0200 >Nikns Siankin <[EMAIL PROTECTED]> wrote: > >> Facts about OpenBSD: >> >> # Stable release cycle. >> If you want to run latest bugfree ClamAV or FireFox - upgrade to >> CURRENT! But don't forget to buy release CD's!!! > >if you do not like to use CURRENT, send a patch which backports >these versions to stable. >you are listed as maintainer for some ports, means you should >know how things work. Take a look on ports@ and see how much submited -stable patches are commited. None!? >> # Secure By Default. >> OpenBSD uses broken WEP for securing WiFi networks. >> Has no WPA/WPA2 support. > >wpa is not much better than wep. useful alternative: ipsec, another >alternative: secure your wlan with pf/authpf. WPA and IPSEC secures your wlan in different layers. WPA *is* much better than wep. > >> # Do not let serious problems sit unsolved. >> OpenBSD doesn't need MAC because it has their own security flawed >> systrace. > >i do not get the point. seriously, have you ever used systrace? Sure I do, but it's flawed now anyway. OpenBSD needs MAC. > >> # Use of Cryptography. >> OpenBSD uses file-backed encryption (svnd) which is very suited >> for Full-disk-encryption. NOT. > >wrong. i use it on a whole raid 1 disk for example, no problems here. Me too. I'm talking about full-disk-encryption, which doesn't seem to be easy hack. > >$ df -h >Filesystem SizeUsed Avail Capacity Mounted on >[...] >/dev/svnd0c411G249G141G64%/media > >> # Full Disclosure. >> OpenBSD at first denies remote exploitable flaws. >> DoS flaws gets marked as reliability not security issues. > >what's the problem? Denial of Service stands for AVAILABILITY. Information security goals are confidentiality, integrity AND availability. > >> # Easy maintainable. >> OpenBSD distributes source patches to make your farm of >> Pentium2 firewalls updated easly. > >if you own such a cluster (i doubt that) you would compile the patch >only once and then distriubute the binaries. > >> # Secure Distribution. >> The most secure operation system gets distributed on FTP servers >> as unsigned binaries. > >buy the cd or use cvs+ssh if you do not like unsigned ftp binaries. That CD gets sent by traditional mail + not all packages are on CD. Compiling everything from sources doesn't look like solution for masses. > >> Disclaimer: Like it or not. I'm OpenBSD user for 4 years. >> Shit on my head - shit on all OpenBSD supporters. > >why did you start such a flame-mail? it makes you look like a >whiner. >if you do not like openbsd, use something else. Wrong. I like OpenBSD. But these are things I consider for the most secure os to be fixed. I get lot of response offlist. It seems that people are afraid to discuss these issues onlist, guess because of this "YOURE WHINER" or "DONT LIKE DONT USE" attitude. > >regards, > >joerg
Re: facts about OpenBSD
Hello, On Jan 9, 2008 9:03 PM, Nikns Siankin <[EMAIL PROTECTED]> wrote: > Facts about OpenBSD: > > # Stable release cycle. > If you want to run latest bugfree ClamAV or FireFox - upgrade to CURRENT! > But don't forget to buy release CD's!!! > # Secure By Default. > OpenBSD uses broken WEP for securing WiFi networks. > Has no WPA/WPA2 support. > # Do not let serious problems sit unsolved. > OpenBSD doesn't need MAC because it has their own security flawed systrace. > # Use of Cryptography. > OpenBSD uses file-backed encryption (svnd) which is very suited > for Full-disk-encryption. NOT. > # Full Disclosure. > OpenBSD at first denies remote exploitable flaws. > DoS flaws gets marked as reliability not security issues. > # Easy maintainable. > OpenBSD distributes source patches to make your farm of > Pentium2 firewalls updated easly. > # Secure Distribution. > The most secure operation system gets distributed on FTP servers > as unsigned binaries. A lot of this is down to manpower or lack thereof. You can make it better if you put some effort in. Failing that, If it's so bad, then why don't you use another operating system? -- Best Regards Edd --- http://students.dec.bournemouth.ac.uk/ebarrett
Re: facts about OpenBSD
On Thu, Jan 10, 2008 at 09:56:01PM +1100, Rod Whitworth wrote: >On Thu, 10 Jan 2008 12:00:53 +0200, Nikns Siankin ><[EMAIL PROTECTED]> wrote: >>[..] >> >We have had several pointless trolls too many lately. As a result your >pointless humour does not raise a laugh. > Stay on-topic or fuck off like jacob does. >Rod/ >/earth: write failed, file system is full >cp: /earth/creatures: No space left on device
Re: facts about OpenBSD
On Wed, 9 Jan 2008 23:03:29 +0200 Nikns Siankin <[EMAIL PROTECTED]> wrote: > Facts about OpenBSD: > > # Stable release cycle. > If you want to run latest bugfree ClamAV or FireFox - upgrade to > CURRENT! But don't forget to buy release CD's!!! if you do not like to use CURRENT, send a patch which backports these versions to stable. you are listed as maintainer for some ports, means you should know how things work. > # Secure By Default. > OpenBSD uses broken WEP for securing WiFi networks. > Has no WPA/WPA2 support. wpa is not much better than wep. useful alternative: ipsec, another alternative: secure your wlan with pf/authpf. > # Do not let serious problems sit unsolved. > OpenBSD doesn't need MAC because it has their own security flawed > systrace. i do not get the point. seriously, have you ever used systrace? > # Use of Cryptography. > OpenBSD uses file-backed encryption (svnd) which is very suited > for Full-disk-encryption. NOT. wrong. i use it on a whole raid 1 disk for example, no problems here. $ df -h Filesystem SizeUsed Avail Capacity Mounted on [...] /dev/svnd0c411G249G141G64%/media > # Full Disclosure. > OpenBSD at first denies remote exploitable flaws. > DoS flaws gets marked as reliability not security issues. what's the problem? > # Easy maintainable. > OpenBSD distributes source patches to make your farm of > Pentium2 firewalls updated easly. if you own such a cluster (i doubt that) you would compile the patch only once and then distriubute the binaries. > # Secure Distribution. > The most secure operation system gets distributed on FTP servers > as unsigned binaries. buy the cd or use cvs+ssh if you do not like unsigned ftp binaries. > Disclaimer: Like it or not. I'm OpenBSD user for 4 years. > Shit on my head - shit on all OpenBSD supporters. why did you start such a flame-mail? it makes you look like a whiner. if you do not like openbsd, use something else. regards, joerg
Re: facts about OpenBSD
On Thu, 10 Jan 2008 12:00:53 +0200, Nikns Siankin <[EMAIL PROTECTED]> wrote: >On Wed, Jan 09, 2008 at 05:07:35PM -0600, Jacob Yocom-Piatt wrote: >> Facts about Nikns Siankin: >> >> # Whiner. He bitches incessantly about stuff and does nothing to fix it. >> # Jerk. He ignores that most of the development time that goes into >> # Misleading. He claims the system is distributed on FTP servers and >> # Ignorant. OpenBSD has myriad additional security technologies in it that >> # Idiot. By whining in a totally counterproductive fashion he alienates >> >> > >Hey jacob! > >Sorry for hurting your feelings so badly. > >Anyway. With this you have earned a kiss from theo. > >I heard you will get your cvs access now really soon ;] > We have had several pointless trolls too many lately. As a result your pointless humour does not raise a laugh. & I don't give a shit about your feelings. replies to /dev/null. Rod/ /earth: write failed, file system is full cp: /earth/creatures: No space left on device
Re: facts about OpenBSD
On Wed, Jan 09, 2008 at 05:07:35PM -0600, Jacob Yocom-Piatt wrote: > Facts about Nikns Siankin: > > # Whiner. He bitches incessantly about stuff and does nothing to fix it. > # Jerk. He ignores that most of the development time that goes into > # Misleading. He claims the system is distributed on FTP servers and > # Ignorant. OpenBSD has myriad additional security technologies in it that > # Idiot. By whining in a totally counterproductive fashion he alienates > > Hey jacob! Sorry for hurting your feelings so badly. Anyway. With this you have earned a kiss from theo. I heard you will get your cvs access now really soon ;] > > --
Re: facts about OpenBSD
Marc Balmer wrote: Nikns Siankin wrote: Facts about OpenBSD: # Stable release cycle. If you want to run latest bugfree ClamAV or FireFox - upgrade to CURRENT! But don't forget to buy release CD's!!! # Secure By Default. OpenBSD uses broken WEP for securing WiFi networks. Has no WPA/WPA2 support. # Do not let serious problems sit unsolved. OpenBSD doesn't need MAC because it has their own security flawed systrace. # Use of Cryptography. OpenBSD uses file-backed encryption (svnd) which is very suited for Full-disk-encryption. NOT. # Full Disclosure. OpenBSD at first denies remote exploitable flaws. DoS flaws gets marked as reliability not security issues. # Easy maintainable. OpenBSD distributes source patches to make your farm of Pentium2 firewalls updated easly. # Secure Distribution. The most secure operation system gets distributed on FTP servers as unsigned binaries. Facts about Nikns Siankin: # Whiner. He bitches incessantly about stuff and does nothing to fix it. AFAICT he's even saying that purchasing the CDs is pointless. # Jerk. He ignores that most of the development time that goes into OpenBSD is DONATED by highly-skilled individuals. You can only add as many bells and whistles as you have resources and time. # Misleading. He claims the system is distributed on FTP servers and elects not to note that code is available via cvs over ssh. # Ignorant. OpenBSD has myriad additional security technologies in it that help to moderate vulnerabilities in poorly coded applications like firefox and clamav. # Idiot. By whining in a totally counterproductive fashion he alienates himself from those who would otherwise, provided his requests were reasonable, help him out. Disclaimer: Like it or not. I'm OpenBSD user for 4 years. Shit on my head - shit on all OpenBSD supporters. you are free to use any other operating system if you don't like OpenBSD. I'm not subscribed, cc me, if have something to say. --
Re: facts about OpenBSD
On Wed, 9 Jan 2008, Nikns Siankin wrote: Disclaimer: Like it or not. I'm OpenBSD user for 4 years. Shit on my head - shit on all OpenBSD supporters. What's your point? I mean, why do you want anyone to shit all over..? If you don't like it, don't use it. -- Antoine
Re: facts about OpenBSD
Nikns Siankin wrote: Facts about OpenBSD: # Stable release cycle. If you want to run latest bugfree ClamAV or FireFox - upgrade to CURRENT! But don't forget to buy release CD's!!! # Secure By Default. OpenBSD uses broken WEP for securing WiFi networks. Has no WPA/WPA2 support. # Do not let serious problems sit unsolved. OpenBSD doesn't need MAC because it has their own security flawed systrace. # Use of Cryptography. OpenBSD uses file-backed encryption (svnd) which is very suited for Full-disk-encryption. NOT. # Full Disclosure. OpenBSD at first denies remote exploitable flaws. DoS flaws gets marked as reliability not security issues. # Easy maintainable. OpenBSD distributes source patches to make your farm of Pentium2 firewalls updated easly. # Secure Distribution. The most secure operation system gets distributed on FTP servers as unsigned binaries. Disclaimer: Like it or not. I'm OpenBSD user for 4 years. Shit on my head - shit on all OpenBSD supporters. you are free to use any other operating system if you don't like OpenBSD. I'm not subscribed, cc me, if have something to say.