
BSD vs. Linux - jxub
http://www.over-yonder.net/~fullermd/rants/bsd4linux/01
======
gpcz
Previous Discussions:

\- Nov 26, 2010:
[https://news.ycombinator.com/item?id=1942778](https://news.ycombinator.com/item?id=1942778)

\- Aug 13, 2012:
[https://news.ycombinator.com/item?id=4374865](https://news.ycombinator.com/item?id=4374865)

\- Jul 5, 2016:
[https://news.ycombinator.com/item?id=12034277](https://news.ycombinator.com/item?id=12034277)

\- Nov 10, 2018:
[https://news.ycombinator.com/item?id=18421877](https://news.ycombinator.com/item?id=18421877)

~~~
CapitalistCartr
Lesser attempts, (this one gets around):

-June 2, 2010

[https://news.ycombinator.com/item?id=1396644](https://news.ycombinator.com/item?id=1396644)

-3 months ago

[https://news.ycombinator.com/item?id=17755501](https://news.ycombinator.com/item?id=17755501)

-Jan 16, 2016

[https://news.ycombinator.com/item?id=10915922](https://news.ycombinator.com/item?id=10915922)

------
pmoriarty
I've used Gentoo for a long time, and Gentoo (as the article notes) is quite
similar to BSD in some ways. It too has a base system. There too the user
compiles packages themselves from scratch (though precompiled binaries are
available for a handful of packages) in a system like ports (called "portage"
on Gentoo). It too has no systemd (unless you want it).

I like Gentoo and still use it, but my biggest problem with it is that
compiling packages takes a hell of a long time (especially some monstrosities
like QT or webkit, which can take me days or even a week to compile on my old,
slow laptop). You really have to have relatively modern system to compile all
your packages from scratch, if you don't want to have to do it non-stop,
virtually 24 hours a day. It's really annoying. I have better things to
dedicate my processor cycles to and my own time to than constantly compiling
packages.

So maybe I'll switch. I'm not sure to what, though. I've thought of BSD, but
it has the same problem. I don't really like the idea of binary distros
either, because of their relative inflexibility (no choice to include/omit
package features that you want/don't want), and honestly, I don't really trust
binary blobs as much as compiling from source... though maybe in the end it
doesn't really matter.

~~~
jolmg
How about you rent a VPS, build your packages there, and set up the VPS as
your own binary package repository? A $5/month ($0.0075/hr) Linode VPS comes
with an SSD, and they're absurdly fast with the network. If it helps (I'm not
sure where the bottleneck is most of the time), you can rent a more powerful
VPS for a few hours for the build and then copy the built packages to a cheap
$5/month VPS for hosting. Just don't forget to destroy the more powerful VPS
once you're done. Turned off VPSes are still reserved for you so they would
continue charging you for it until the hour you destroy it.

I haven't used Gentoo, but you say it can use binary packages. If it's too
complicated, another option could be Archlinux. Building packages is really
easy. It's just `asp export $package; cd $package; makepkg` and you'll get a
$package-$version.pkg.tar.xz in the directory. If you want to modify
something, just edit the PKGBUILD that asp downloaded. It's just a simple bash
script with standard conventions. Once you're done modifying PKGBUILD,
`makepkg` will make the package.

To make a repository, it's just a matter of putting all the _.pkg.tar.xz in a
directory and running `repose -J $repo_.pkg.tar.xz; gpg -b $repo.db`, then
hosting that directory with an http server.

Configuring the package manager to use your repo is just a matter of doing
something like:

    
    
      cat >> /etc/pacman.conf << EOF
      [$repo]
      Server = $url
      EOF
    

EDIT: Anyone know how we can escape asterisks? The .pkg.tar.xz above is
supposed to be a glob.

~~~
pmoriarty
I don't trust VPS's.

~~~
jolmg
Security sure is inconvenient. :)

But really, what's your threat model? For a VPS employee/company to mess with
your packages, they'd have to be personally targeting you. If you're only
worried about systematic, automated handling of all company VPS to insert
malware in the ones that have package repositories, then you can probably set
it up in an unusual way to evade such a program.

~~~
pmoriarty
What about someone who's located on another VM on the same hardware that hosts
mine breaking out of their VM and in to mine and compromising my packages?

~~~
jolmg
You have to chose to trust _something_. If you keep falling in this rabbit
hole of not wanting to trust anything, your only option will be to stay on an
airgapped computer, or even ditching that for a paper notebook in case the
hardware manufacturers did something. That's unless, of course, you have the
time and resources to manufacture your own computer down to implementing every
piece of circuitry in each microprocessor.

I think chances are pretty slim that a VPS company's vps isolation is so
crappy that you have the chances of getting your vps hardware shared with
someone that knows of such a gapping security hole that could be such a huge
liability to the VPS company.

EDIT: Also, why would someone go out of their way to compromise a neighboring
VPS, check if they, by chance, have a package repository, and insert malware
in that? Who are you, that someone would think that's a good use of their
time?

You know, society can't function without trust. Every person that's close to
you could suddenly turn around and try to kill you, but you have to trust that
they function by reason, and know that they have no reason for doing so. Locks
around the world are pretty useless to keep strangers from lock-picking them
and very many of them are keyed-alike. Their real reason is to simply make it
a greater hassle to get to whatever they're protecting and therefore make it a
less appealing target. Like so and with other methods, people implement their
security by making themselves a less appealing target. Some people setup the
outside of their home as a dump while building a mansion inside. These people
trust robbers to act on reason.

No one has perfect security. Security is a matter of choosing what to defend
against (your threat model), choosing what you can trust, and anchoring your
defenses on the things you trust.

EDIT 2: I removed the paragraph on VPSes being virtual in name only. Linode
apparently uses KVM.

------
geggam
My favorite

[https://web.archive.org/web/20050211001936/http://linuxisfor...](https://web.archive.org/web/20050211001936/http://linuxisforbitches.com/)

~~~
hhw
Last updated in 2003. Seems eerily prescient, most of what it said back then
would apply even more so today. All that would be needed is an amendment to 3)
so that it also applies for init systems, to bring that list fully up to date.

~~~
geggam
I have the site archived and a domain quite similar. Maybe one weekend and
some beer will breathe life back into it ;)

------
Apocryphon
Could iOS vs. Android be understood as a faint echo of BSD vs. Linux?

~~~
umanwizard
iOS has some copy-pasted BSD code, but is probably the mainstream operating
system that feels the least like {Free,Open,Net,Dragonfly}BSD. These feel even
more "open-source" than Linux. Every one I have used installs the source code
to the entire OS in /usr/src and make it very easy to change and recompile the
system. On the BSDs I mentioned, if you don't understand how something works
or you want to fix some bug, it's usually pretty easy to go find the source
code, read it and learn how it works, and fix it. On most Linux-based OSs you
would have to go figure out which random organization makes the component that
has a bug (Linux project for the kernel, GNU for a lot of utilities, zillions
of others for everything else), figure out how to download and build the
source and install it into your distro (which is probably totally unsupported
since your distro will expect to be using RPMs or DEBs rather than random
stuff installed from tarballs...)

This is the most salient feature of the modern pc BSDs to me. It's impossible
to describe how different it feels to be truly in control of your system and
understand/change it however you want.

------
trothamel
I'd say that Linux's popularity tend to translate to technical superiority,
which then contributes to continued popularity.

Take something like Docker. Because Linux is popular, it was initially
developed for Linux. And because Docker runs (best) on Linux, you get more
deployments of Linux, and hence whoever makes the next big thing is more
likely to develop it for Linux.

The end result is you have an OS that scales from smartphones to
supercomputers, and so one needs quite a good reason to replace it.

~~~
jcranmer
> I'd say that Linux's popularity tend to translate to technical superiority

Linux isn't exactly technically superior to other OS kernels, and it's
definitely lacking in innovation.

You cite Docker as an example, but that's a shining example of Linux taking
major innovations from other OSes and copying it badly. BSDs had jails and
Solaris had zones long before Linux got containers, and whereas those were
considered security features on other OSes, Docker containers are not seen as
improving the security of systems.

Other features like this exist too. Linux has refused to allow better IPC
mechanisms such as what Android to be upstreamed, and the Linux replacement
for select/poll is generally considered to be the worst of the bunch.

Another consideration is that both smartphones and supercomputers tend to use
lots of modifications to Linux not present in desktop kernels. Android, as
mentioned above, uses a different IPC mechanism, while supercomputer
applications rely a lot on libraries that bypass kernels because scaling to
highly parallel 100,000-core systems requires breaking POSIX a fair amount
(particularly the filesystem semantics).

------
ThJ
I had to stop reading when he claimed that the BSD heritage of macOS is only
of academic interest. The guy has clearly never tried to use macOS.

------
santoshalper
The article is meh, but the nostalgia was off the charts. I miss people having
their own personal web sites. I made my first in 1995. Good times.

------
victore
Linux has more drivers for the latest hardware.

~~~
2trill2spill
In my experience that only comes into play with Laptops. FreeBSD supports
pretty much any server or desktop hardware an organization or person has. Also
FreeBSD has never made Laptop support a goal of the operating system, FreeBSD
is primarily a server operating system for which it does a great job.

~~~
chousuke
My experience has been that FreeBSD in particular has issues with graphics
drivers. My 2015 desktop with a (at the time) mid-range Radeon card is only
barely stable (took some fiddling with ports) in the latest 12 release. I hear
Nvidia is better, but I refuse to use proprietary drivers.

I didn't really find that FreeBSD offered any advantage on the desktop over
Linux, and features like browser sandboxing seem to (understandably) be
lagging behind.

Lots of people are running away from Linux because of systemd, but that's a
non-issue for me. It works just fine.

Curiously enough OpenBSD works perfectly OOtB, but in the end I returned to
Fedora anyway because there's no support for Wine or Steam. I'd prefer it over
FreeBSD though since I like the design of the base system better.

------
ncmncm
The actual content is supremely uninteresting, even ignoring its obsolescence.
(And SCO never owned any Unix source code.)

But what a tour-de-force of passive aggression! I kneel.

------
coverband
"Unices"?

~~~
blattimwind
Unix -> unices, much like index -> indices.

