
Comprehensive and biased comparison of OpenBSD and FreeBSD [pdf] - oherrala
https://www.bsdfrog.org/pub/events/my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.pdf
======
jcranmer
One of the nice things about this is the last section (if you can bear to read
that long). Both people comment on the strengths of the opponent's BSD:
OpenBSD is complemented on "tackling very important project [sic] which would
probably have never happened otherwise" (e.g., OpenSSH), particularly also the
fact that OpenBSD cares to see their projects ported to !BSD (e.g., Linux).
Meanwhile, FreeBSD is complemented on "its [sic] a real “enterprise” oper-
ating system and I think it is slowly filling the spot left by Solaris."

At the end of the day, both OpenBSD and FreeBSD are niche systems. They don't
have the popularity of Linux, and they probably never will. But that's not a
problem. Both of them are major operating systems that do innovate, and hence
they're worth paying attention to. That's where the compliment of FreeBSD as
becoming Solaris's successor is really telling--Solaris was the operating
system that brought us DTrace and ZFS, and it was FreeBSD who I believe had
the first container system (jail).

~~~
_delirium
I can see FreeBSD picking up a good part of the ex-Solaris marketshare in
terms of users, but have they really taken over the role in terms of
development? As far as I can tell, ZFS in particular has its canonical
upstream development in the Illumos repository (Illumos is the successor to
OpenSolaris), which FreeBSD pulls from, rather than development having really
moved to FreeBSD as the new canonical home. FreeBSD developers are certainly
involved in contributing code upstream, but then, so are a number of other
developers, including from the major Illumos vendors (OmniTI and Joyent), and
even some from ZFSonLinux.

~~~
RantyDave
SmartOS also has working Linux compatible Zones. Last time I looked, FBSD was
a way short of this...

~~~
_delirium
Even without the Linux-compatible aspect, Illumos Zones are considerably ahead
of FreeBSD jails these days imo. Better tooling, resource limiting
infrastructure, etc., especially if you want to run multi-tenant with
untrusted tenants. Jails did pioneer the concept, though.

------
Mark_B
FYI - Abstract

This paper will look at some of the differences between the FreeBSD and
OpenBSD operating systems.

It is not intended to be solely technical but will also show the different
"visions" and design decisions that rule the way things are implemented. It is
expected to be a subjective view from two BSD developers and does not pretend
to represent these projects in any way.

We don't want it to be a troll talk but rather a casual and friendly exchange
while nicely making fun of each other like we would do over a drink. Of
course, we shall try and hit where it hurts when that makes sense. Obviously,
we both have our personal subjective preferences and we will explain why.
Showing some of the weaknesses may encourage people to contribute in some
areas.

Most of the topics discussed here could warrant their own paper and talk and
as such some may not get the deep analysis they deserve.

This is a totally biased talk from two different perspectives.

------
tachion
While you're here, have you donated[0][1] yet? :) You may or may not be aware,
but FreeBSD runs your movies on Netflix, your games on PlayStation 4 and
Nitendo Switch, your files on FreeNAS and ZFS, your friends on WhatsApp and
OpenBSD runs everything else on OpenSSH. ;)

So, you may or may not know that, but you need FreeBSD and OpenBSD and they
also need you! Every cent counts and so does every contributor, that helps the
foundations keep their non-profit status.

[0]
[https://www.freebsdfoundation.org/donate/](https://www.freebsdfoundation.org/donate/)

[1]
[https://www.openbsd.org/donations.html](https://www.openbsd.org/donations.html)

~~~
jhlgkhkhil
> You may or may not be aware, but FreeBSD runs your movies on Netflix, your
> games on PlayStation 4 and Nitendo Switch

Do Netflix, Nintendo and Sony contribute financially to the FreeBSD project?
They are the ones making money off the project after all.

~~~
boomboomsubban
Netflix a ton, as others have pointed out. Sony, not that I can see. There was
talk of code going upstream, but I never heard more about it. Nintendo hasn't,
but people are overselling the "Switch runs FreeBSD" line. A copy of the
kernel license was included on the switch, which could mean just one line of
code taken technically. From what I've heard, the sys calls don't look like
FreeBSD.

~~~
mioelnir
I can't recall where I read it, but it said that the Switch likely uses the
FreeBSD networking stack running in userland. To me, this makes some sense,
since if I remember correctly the 4G/5G/some-future-wireless-thing alliance
uses a userland version of the FreeBSD network stack in their reference
implementation.

~~~
boomboomsubban
From what I've seen, it originated here,and it's only speculation. It does
seem likely though.

------
ploek
This appears to be a written down version of the talk they gave at FOSDEM:
[https://fosdem.org/2017/schedule/event/my_bsd_sucks_less/](https://fosdem.org/2017/schedule/event/my_bsd_sucks_less/)

------
Esau
When it comes to the BSDs, here is my impressions of them:

    
    
      NetBSD wants to run everywhere.
      OpenBSD wants to be secure.
      DragonFly BSD wants to advanced.
      FreeBSD wants to be Linux.
      TrueOS wants to be Ubuntu.
    

(I don't list MacOS because I don't feel that it is a true BSD.)

~~~
JdeBP
Beware that this sort of grouping is as superficial and wrong as categorizing
people into blondes, brunettes, and redheads.

In truth, they _all_ aim to be portable, advanced, and secure, with desktop
and server support. And there is plenty of sharing from each to the others.
The differences amongst them are, in reality, not so easily pigeonholed.

------
ploggingdev
Very interesting read!

As mentioned, the wireless and graphics areas are sorely lagging behind
GNU/Linux os'. They only have support upto Haswell in the graphics department.
Ouch. The priority of both BSDs is clearly not the regular desktop user where
wireless and graphics support can be deal breakers. The FreeBSD based PC-BSD
(now known as TrueOS) exists, but AFAIK it does not fix the wireless and
graphics support situation.

Given that GPU based computing is becoming more prevalent with the advent of
ML/DL, I wonder if there are efforts to improve support for graphics.

(It would have been interesting if a Linux guy also joined the conversation,
along with a Windows guy and a MacOS guy.)

~~~
sverige
The statement that wireless sucks on both is pretty accurate. I recently got
an old ThinkPad specifically to run OpenBSD. I have run OpenBSD on a desktop
since 4.8 and a home server since 5.1, but never on a laptop. I got the
ThinkPad because I have often heard it is the best supported on OpenBSD.

It worked fine on first install, including the Radeon graphics and old Intel
WiFi (no -11n, just a/b/g). Used it for about a month. Traveled, tried to log
onto a different WiFi, and it couldn't see the router. Got home, and now it
couldn't see the home router that it used to work on, though it could see the
neighbors' WiFi. Tried everything I could think of, with no luck.

I decided to try FreeBSD on it. WiFi worked, graphics worked, but then I broke
my su login when I used chsh to change from the stock csh shell to mksh. Since
I was already annoyed with some other FreeBSD things, I decided to completely
give up and load OpenSUSE (ha!!) on it.

Linux makes me want to vomit, but I'll be damned if all the hardware doesn't
work like a charm out of the box. It's made me seriously consider learning how
to write drivers for the BSDs.

------
tannhaeuser
What could be done in order to help the BSDs to become mainstream or more
visible as server-side alternative to Linux? I've operated a small FBSD mail
server until 2004 (FBSD 4, vinum RAID, sendmail, cyrus IMAP) and was extremely
pleased with the performance, robustness and overall coherency of it (though I
wouldn't use that stack today).

While Linux certainly works well, I'm instinctively against monocultures of
any kind or form. With Linux-only containers (Docker and co.) there's now the
danger that we're loosing the BSDs terminally as a replacement for Linux. But
is the isolation (or lack thereof) and interfacing to the host system provided
by Docker/runC/whatever really worth it (compared to portable POSIX-based
primitives eg. chroot jails, or modern capabilities-based generalizations of
it such as FBSD's capsicum)?

It's also odd that a GPL-licensed OS, of all things, is making it to the top
in containerland. But then the nominal "default" host OS for Docker (Alpine
Linux) uses musl (MIT-licenses libc) rather than glibc. I'm not complaining,
and there doesn't seem to be anything wrong with it legally, but the
commercial Docker image ecosystem, to me, has the smell of a GPL-circumvention
device of sorts in that many images routinely install the Debian/GNU userland
tools on first load.

~~~
eatonphil
FreeBSD jails are on a different level in terms of stability (and simplicity,
that contributes to stability) compared to Docker. Personally -- having run
Docker containers for over a year in testing -- I would take jails over
containers in a heartbeat.

~~~
AsyncAwait
Yeah, I would take jails over Docker as well, but systemd is just so much
better, (more so than jails over Docker in my opinion), than init, that I am
hoping for a better tool to come about, the underlying LXC technology appears
to be solid.

~~~
tannhaeuser
For me, systemd is another reason to move _away_ from Linux actually (or at
least not deepen the dependency on Linux-exclusive features).

It's not that I think systemd is bad per se, it's just _way_ too monolithic
and heavy for my taste (and binary logs and ini files are a no-go for me; if I
wanted that, I'd be using Windows).

Btw. the BSDs don't use SysV init but the somewhat saner/simpler BSD init
(with full-blown service managers as optional add-ons in ports).

~~~
AsyncAwait
systemd is not for everyone, but for me is way saner than any other init
system, including BSDs init. Writing service files for systemd just makes
sense in my mind.

There are other aspects for why I do not recommend BSD to anyone who asks,
most importantly their licensing and their general stance towards software
freedoms, to the point where they are smug and happy when somebody violates
the GPL, because "at least they get more users", as well as their relatively
little upstream contribution to ZFS despite riding that train as fBSDs
signature feature for years, but that's a different discussion altogether.

~~~
tannhaeuser
I don't know about BSD being smug and the other things you say. This sounds to
me like what could be perceived when reading clickbaity and polarizing
articles of the "Linux vs BSD" variety. I'm seeing BSD as a welcome
choice/alternative to Linux that I would hate to loose.

~~~
AsyncAwait
Yeah, I don't want BSDs to disappear as well, (not likely), but watching this,
(among other things) definitely left a bad taste[1].

1 -
[https://www.youtube.com/watch?v=cofKxtIO3Is](https://www.youtube.com/watch?v=cofKxtIO3Is)

------
mrstone
I don't understand how this is a paper. It's just two dudes in a chatroom and
the 'authors' felt it was necessary to format it with LaTEX?

Also, the title has a spelling error in it.

~~~
brynet
The authors of the paper are French, it's in the form of a loose transcript of
a recent talk given at this years AsiaBSDCon.

[https://2017.asiabsdcon.org/program.html.en](https://2017.asiabsdcon.org/program.html.en)

    
    
      "P10A: Comprehensive and biaised comparison of OpenBSD and FreeBSD"
    

In was probably presented and formatted this way because of tradition, also..

[https://www.openbsd.org/events.html](https://www.openbsd.org/events.html)

~~~
tedunangst
"Slides are useless. We want talk transcripts."

Here's a transcript.

"Take it away, take it away!"

~~~
sverige
"Or at least clean up their funny pronunciation and grammar first!"

------
anw
Warning: this takes you directly to a PDF which may automatically download
(such as on Chrome for Android).

— update: the title appears to now reflect that this is a PDF. It did not
earlier.

~~~
eriknstr
The title already has the pdf tag and I think that's automatic so it was there
when you clicked the link also.

The server does not send the Content-Disposition [1] header, so if your
browser auto-downloads the PDF then either you've made poor choices about your
browser config or you have a browser that can't itself show PDFs, in which
case you may have made a poor choice of browser.

[1]: [https://developer.mozilla.org/en-
US/docs/Web/HTTP/Headers/Co...](https://developer.mozilla.org/en-
US/docs/Web/HTTP/Headers/Content-Disposition)

~~~
JadeNB
> if your browser auto-downloads the PDF then … you have a browser that can't
> itself show PDFs ….

Surely a browser that shows PDFs itself downloads them in order to do so? (I
don't know for sure what was bothering anw, but I'm often on a limited data
connection, and, whether the PDF is displayed in my browser or dropped in the
download folder, it hits my data allowance the same.)

~~~
tedunangst
If a 100K download is of great concern, it's probably best not to click any
link on HN. There are pages that have style sheets bigger than that.

------
donpdonp
This paper appears to be an IRC session formatted in LaTEX. It'd be easier to
read as text.

~~~
jlgaddis
You can easily make your own plain text version [0]:

    
    
      $ wget https://www.bsdfrog.org/pub/events/my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.pdf
      $ pdftotext \
        my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.pdf  \
        my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.txt
    

Or, if you prefer HTML [1]:

    
    
      $ pdftohtml -i -nomerge -s \
        my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.pdf  \
        my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.html
    

_ETA_ : Surprisingly, the PDF is quite lightweight. File sizes, in bytes:

    
    
       PDF: 118,971
       TXT:  90,912
      HTML: 384,256
    

[0]: [http://evilrouters.net/foo/my_bsd_sucks_less_than_yours-
Asia...](http://evilrouters.net/foo/my_bsd_sucks_less_than_yours-
AsiaBSDCon2017-paper.txt)

[1]: [http://evilrouters.net/foo/my_bsd_sucks_less_than_yours-
Asia...](http://evilrouters.net/foo/my_bsd_sucks_less_than_yours-
AsiaBSDCon2017-paper-html.html)

~~~
jakebasile
I have my issues with HN, but this type of comment is one of parts I relish.
Thanks!

~~~
jlgaddis
Indeed, learning new little tricks like this is one of the great things about
HN! Many times, I get more "value" from the comments than I do the
submissions.

------
lacampbell
Has anyone run both Linux and BSD on a server? What was your experience?

~~~
julie1
It depends.

If you call linux: debian or ubuntu or centOS, even with unsafe defaults
freeBSD is secured.

Compared to untuntu/debian/centOS freeBSD has got bleeding edge softwares
coming from upstream. That is the power of SOURCE distribution. Theses
packages being compiled it may suit you. I must admit FLAVORED packages
(make.conf templates) make sense.

I remember being a linux sysadmins and building my openLDAP/python/php
packages from source by hand that were 4 years old with envy wondering WHY?!

Since systemd and my migration to BSD I have no regrets.

PF, ipfw are way more powerful than any linux firewall tools.

I have upstream stable software in the stable distribution.

I don't have systemd.

I have jails... And I have no religion switching to openBSD for core servers
that need security knowing I have very few knowledge costs in doing so.

And be it capsicum or privilege dropping I look at linux containers techno as
a smoke screen for poor man's security through obfuscation.

My advice is be smart: don't trust me, but if you are in between experiment.

------
r0brodz
If I was on my rig right now I would definitely convert this PDF to text so
everyone could access it.

~~~
jlgaddis
Are there common platforms where PDFs are inaccessible?

~~~
r0brodz
Not everyone runs GUI DESKTOP. Smartypants

~~~
jlgaddis
It was an honest question.

My interpretation of your comment was that there was some (not insignificant
size) group of people who would be unable to view this document due to some
inherent limitation of whatever platform they're using to access the Internet
(e.g., some mobile phone OS that can't open PDFs or something similar).

If I'm understanding correctly, however, your complaint is either that 1)
nobody has provided you with an application to render PDFs on an 80x25 dumb
terminal screen or 2) this document wasn't created in the format that you
prefer.

When you make a conscious decision to not utilize a "GUI DESKTOP" \-- like
>99.9% of the rest of the world -- you must be prepared to accept such
inconveniences and/or find alternatives that meet your needs. The rest of the
world has no burden or obligation to cater to your preferences.

(FWIW, in an earlier comment, I posted instructions for converting this PDF to
both text and HTML as well as performing the conversion myself and making
available those versions of this document. You're welcome.)

------
eriknstr
Typo:

>but the ports tree is a rolling release not tight to a FreeBSD release

should be

>but the ports tree is a rolling release not tied to a FreeBSD release

~~~
jlgaddis
What is the point of mentioning this here as opposed to, say, e-mailing the
authors?

With -- at most -- a handful of exceptions (assuming maybe _ajacoutot_ or
_bapt_ show up), no one here on HN has the ability to fix this so I really
don't see the point.

~~~
aairey
Also, I guess he gave up shortly after.

There's way more than the single typo ...

~~~
jlgaddis
Yeah, I noticed that and that's part of the reason I asked. If one pointed out
every typo in this document (as well as all other HN submissions), the signal-
to-noise ratio of the comments section would be intolerable.

