At the end of the day, both OpenBSD and FreeBSD are niche systems. They don't have the popularity of Linux, and they probably never will. But that's not a problem. Both of them are major operating systems that do innovate, and hence they're worth paying attention to. That's where the compliment of FreeBSD as becoming Solaris's successor is really telling--Solaris was the operating system that brought us DTrace and ZFS, and it was FreeBSD who I believe had the first container system (jail).
This is an interesting tidbit that I had not considered before!
It would appear you are correct, but I would mention that the appearance of "jail" in FreeBSD 4.0 is very close to the appearance of OpenVZ (at least from the cursory look up I did).
This paper will look at some of the differences between the FreeBSD and OpenBSD operating systems.
It is not intended to be solely technical but will also show the different "visions" and design decisions that rule the way things are implemented. It is expected to be a subjective view from two BSD developers and does not pretend to represent these projects in any way.
We don't want it to be a troll talk but rather a casual and friendly exchange while nicely making fun of each other like we would do over a drink. Of course, we shall try and hit where it hurts when that makes sense. Obviously, we both have our personal subjective preferences and we will explain why. Showing some of the weaknesses may encourage people to contribute in some areas.
Most of the topics discussed here could warrant their own paper and talk and as such some may not get the deep analysis they deserve.
This is a totally biased talk from two different perspectives.
So, you may or may not know that, but you need FreeBSD and OpenBSD and they also need you! Every cent counts and so does every contributor, that helps the foundations keep their non-profit status.
if you use both, consider donating to OpenBSD first.
if you use OpenSSH, consider donating more to OpenBSD :-)
Do Netflix, Nintendo and Sony contribute financially to the FreeBSD project? They are the ones making money off the project after all.
From the new ssl-enabled sendfile syscall, general scalability and performance work to the IO-scheduler they required because they shredded the SSD garbage-collection - it is all upstreamed. They actively try to run the smallest Diff they can.
NetBSD wants to run everywhere.
OpenBSD wants to be secure.
DragonFly BSD wants to advanced.
FreeBSD wants to be Linux.
TrueOS wants to be Ubuntu.
In truth, they all aim to be portable, advanced, and secure, with desktop and server support. And there is plenty of sharing from each to the others. The differences amongst them are, in reality, not so easily pigeonholed.
As mentioned, the wireless and graphics areas are sorely lagging behind GNU/Linux os'. They only have support upto Haswell in the graphics department. Ouch. The priority of both BSDs is clearly not the regular desktop user where wireless and graphics support can be deal breakers. The FreeBSD based PC-BSD (now known as TrueOS) exists, but AFAIK it does not fix the wireless and graphics support situation.
Given that GPU based computing is becoming more prevalent with the advent of ML/DL, I wonder if there are efforts to improve support for graphics.
(It would have been interesting if a Linux guy also joined the conversation, along with a Windows guy and a MacOS guy.)
It worked fine on first install, including the Radeon graphics and old Intel WiFi (no -11n, just a/b/g). Used it for about a month. Traveled, tried to log onto a different WiFi, and it couldn't see the router. Got home, and now it couldn't see the home router that it used to work on, though it could see the neighbors' WiFi. Tried everything I could think of, with no luck.
I decided to try FreeBSD on it. WiFi worked, graphics worked, but then I broke my su login when I used chsh to change from the stock csh shell to mksh. Since I was already annoyed with some other FreeBSD things, I decided to completely give up and load OpenSUSE (ha!!) on it.
Linux makes me want to vomit, but I'll be damned if all the hardware doesn't work like a charm out of the box. It's made me seriously consider learning how to write drivers for the BSDs.
FWIW, I do recall hearing about some fairly extensive progress being made recently WRT both graphics and wireless support on both of the BSDs recently, so expect the situation to improve quite a bit in the near future if it hasn't already.
OpenBSD supports up to Broadwell graphics, but neither support Skylake or newer.. except in experimental branches, or patches.
Current effort is to reduce the difference between "upstream" FreeBSD (being 12.0-CURRENT) and the project branch, and make the code ready for merging into head.
TrueOS merges that `drm-next` work on an ongoing basis. Likewise, if you're on HardenedBSD, there are binary updates via hbsd-update, or if you'd rather compile things, clone the `hardened/current/drm-next` branch from https://github.com/hardenedbsd/hardenedbsd-playground.
While Linux certainly works well, I'm instinctively against monocultures of any kind or form. With Linux-only containers (Docker and co.) there's now the danger that we're loosing the BSDs terminally as a replacement for Linux. But is the isolation (or lack thereof) and interfacing to the host system provided by Docker/runC/whatever really worth it (compared to portable POSIX-based primitives eg. chroot jails, or modern capabilities-based generalizations of it such as FBSD's capsicum)?
It's also odd that a GPL-licensed OS, of all things, is making it to the top in containerland. But then the nominal "default" host OS for Docker (Alpine Linux) uses musl (MIT-licenses libc) rather than glibc. I'm not complaining, and there doesn't seem to be anything wrong with it legally, but the commercial Docker image ecosystem, to me, has the smell of a GPL-circumvention device of sorts in that many images routinely install the Debian/GNU userland tools on first load.
It's not that I think systemd is bad per se, it's just way too monolithic and heavy for my taste (and binary logs and ini files are a no-go for me; if I wanted that, I'd be using Windows).
Btw. the BSDs don't use SysV init but the somewhat saner/simpler BSD init (with full-blown service managers as optional add-ons in ports).
There are other aspects for why I do not recommend BSD to anyone who asks, most importantly their licensing and their general stance towards software freedoms, to the point where they are smug and happy when somebody violates the GPL, because "at least they get more users", as well as their relatively little upstream contribution to ZFS despite riding that train as fBSDs signature feature for years, but that's a different discussion altogether.
1 - https://www.youtube.com/watch?v=cofKxtIO3Is
Also, the title has a spelling error in it.
"P10A: Comprehensive and biaised comparison of OpenBSD and FreeBSD"
Here's a transcript.
"Take it away, take it away!"
— update: the title appears to now reflect that this is a PDF. It did not earlier.
The server does not send the Content-Disposition  header, so if your browser auto-downloads the PDF then either you've made poor choices about your browser config or you have a browser that can't itself show PDFs, in which case you may have made a poor choice of browser.
Surely a browser that shows PDFs itself downloads them in order to do so? (I don't know for sure what was bothering anw, but I'm often on a limited data connection, and, whether the PDF is displayed in my browser or dropped in the download folder, it hits my data allowance the same.)
If they file size was the concern, they would have said so. There are a lot of web pages that weigh in at more bytes than this PDF these days with all of their images and scripts and god-knows-what.
$ wget https://www.bsdfrog.org/pub/events/my_bsd_sucks_less_than_yours-AsiaBSDCon2017-paper.pdf
$ pdftotext \
$ pdftohtml -i -nomerge -s \
If you call linux: debian or ubuntu or centOS, even with unsafe defaults freeBSD is secured.
Compared to untuntu/debian/centOS freeBSD has got bleeding edge softwares coming from upstream. That is the power of SOURCE distribution. Theses packages being compiled it may suit you. I must admit FLAVORED packages (make.conf templates) make sense.
I remember being a linux sysadmins and building my openLDAP/python/php packages from source by hand that were 4 years old with envy wondering WHY?!
Since systemd and my migration to BSD I have no regrets.
PF, ipfw are way more powerful than any linux firewall tools.
I have upstream stable software in the stable distribution.
I don't have systemd.
I have jails... And I have no religion switching to openBSD for core servers that need security knowing I have very few knowledge costs in doing so.
And be it capsicum or privilege dropping I look at linux containers techno as a smoke screen for poor man's security through obfuscation.
My advice is be smart: don't trust me, but if you are in between experiment.
My interpretation of your comment was that there was some (not insignificant size) group of people who would be unable to view this document due to some inherent limitation of whatever platform they're using to access the Internet (e.g., some mobile phone OS that can't open PDFs or something similar).
If I'm understanding correctly, however, your complaint is either that 1) nobody has provided you with an application to render PDFs on an 80x25 dumb terminal screen or 2) this document wasn't created in the format that you prefer.
When you make a conscious decision to not utilize a "GUI DESKTOP" -- like >99.9% of the rest of the world -- you must be prepared to accept such inconveniences and/or find alternatives that meet your needs. The rest of the world has no burden or obligation to cater to your preferences.
(FWIW, in an earlier comment, I posted instructions for converting this PDF to both text and HTML as well as performing the conversion myself and making available those versions of this document. You're welcome.)
>but the ports tree is a rolling release not tight
to a FreeBSD release
>but the ports tree is a rolling release not tied
to a FreeBSD release
With -- at most -- a handful of exceptions (assuming maybe ajacoutot or bapt show up), no one here on HN has the ability to fix this so I really don't see the point.
There's way more than the single typo ...