Hacker News new | comments | show | ask | jobs | submit login
OpenBSD 6.1 is not a CD release (marc.info)
149 points by cnst 11 months ago | hide | past | web | favorite | 74 comments

I guess CDs are outdated now, but perhaps they could go retro and do a vinyl release?


At an optimistic 5kB per second (via something like the protocol used on 56kb modems), and given a single side of vinyl can be pushed to about 30 minutes, that gives you ~10MB per side.

Have you thought about VHS instead? You can fit about 2GB on an E180 tape using the right piece of cutting edge technology: https://en.wikipedia.org/wiki/ArVid

OTOH, I have just put together a Minix 1.7 distribution which would fit on that vinyl disk, so if downgrading's an option...

"Embedded OpenBSD"

On that note, what's the smallest possible OpenBSD installation?

https://mirrors.evowise.com/pub/OpenBSD/6.1/amd64/ https://www.openbsd.org/faq/faq4.html#FilesNeeded

You can probably get a working system with bsd (~10m) and baseXX.tgz (~50m compressed, ~100m inflated).

Biggest offenders:

    89M     usr
    25M     usr/libdata/perl5
    22M     usr/share
    12M     usr/share/terminfo
    5.1M    usr/share/zoneinfo
    20M     usr/lib
    13M     usr/sbin
    9.5M    usr/bin
You could try removing perl, but that would probably result in a very broken system; the pkg_* tools use it, but also:

    $ find . -type f -exec head -1 '{}' \; | grep -E '^#.*perl' | wc -l

Hmm. From Minix 1.7:

    $ du -sh *
    144K	bin
    64K	etc
    0	fd0
    0	fd1
    108K	minix
    0	mnt
    0	root
    0	tmp
    22M	usr

    $ du -sh usr/*
    24K	usr/ast
    3.9M	usr/bin
    124K	usr/doc
    0	usr/etc
    436K	usr/include
    1.4M	usr/lib
    0	usr/local
    2.0M	usr/man
    36K	usr/mdec
    0	usr/preserve
    0	usr/run
    0	usr/spool
    14M	usr/src
    0	usr/tmp
So if you're willing to lose the source code, you could fit the entire system into about 8MB.

Of course, you don't get Perl. Or, uh, TCP/IP networking. You need Minix 2.0 for that, which is much bigger; 26MB with source, or 10MB without.

A proper comparison would be Minix 3 since it's a real OS. Include just the bare essentials that OpenBSD would include except for reincarnation server it doesn't have. ;)

What about a CED?

Just have a long sequence of hex codes printed so we can type it at home

I'm thinking now of 8-bit software on flexidiscs from the '70s and '80s.

I think retro for physical computer media would be tape decks or punch cards.

This is about audio CDs, with songs, that were released together with OpenBSD releases as a mean to gather some funding, not about data CDs as OpenBSD installation media.

It's both. The audio tracks were packaged with the installation CDs. They are no longer selling either.

> Sorry guys.

> Anyone want to buy some well-used CD burners?

CD burners that were used to burn OpenBSD CDs over the years? Well, that would be a nice collectors item :)

I guess CDs were not a revenue source after all:

"> If no OpenBSD CDs are going to be released, then probably it is better > to just send a donation to the OpenBSD foundation and/or to Theo de > Raadt.

Vijay, that is the correct way to sustain the software.

The CDs haven't pulled in sustaining revenue for many years.

Based upon income from contributors the Foundation performs a fantastic function -- making worries and problems disappear."

Donation-based software is a recipe for constantly having not enough money.

OpenBSD should provide an enterprise license for kilobucks. Not even call it a "support" program, just a license for enterprise use. It could even be the same terms as the BSD license, just name it and give it a price that can easily go on a corporate budget as a line item. It sounds stupid, but enterprise users would rather spend money than not spend money.

This is a great idea. I'm constantly having to justify that something we didn't pay for can actually be good. Many times I wish the company did have to pay for open source software just so I can throw it in the budget and avoid the argument.

Based on that mailing list post and other things I've seen, I'm a little concerned that OpenBSD lacks sufficient funding or that Theo De Raadt is burnt out enough not to care (which would be completely understandable; I'm certainly wouldn't blame him after his long, insufficiently remunerated, Herculean efforts). That would be a much bigger issue than the availability of CDs.

OTOH, he also suggests that the OpenBSD Foundation could be generating enough revenue. Does anyone know? Relevant excerpts from Theo's mailing list post:

I made 40 CD releases in 20 years, investing personal effort and risk to build and sustain the costs of this project and sub-projects.

I do not want to keep making CDs to sustain myself and the project anymore. Other ways need to work now.


The CDs haven't pulled in sustaining revenue for many years.

Based upon income from contributors the Foundation performs a fantastic function -- making worries and problems disappear.

"I think the audio CDs are undervalued. They contain no dorky software -- they are lyrics + music + drawing, just art. Dorky art sure, but no software..."

Perhaps an occasional audio CD might be fun? No pressure. No need to worry about freeze date impact on the development process. I just bought the 'Sargent Pepper' (5.8) poster as it has the developers on it.

They still offer ISO and other options like USB-stick image.

ISO image is important to install on virtual machine, and you csn burn it on DVD.

An ISO image is also important for older machines that don't support USB boot. This is often the case for PowerPC Macs.

ah, an OpenBSD submission on the front page! time to remind everyone that uses OpenSSH to donate to the OpenBSD Foundation.

Hey everybody who uses OpenSSH (I cannot fathom a single person reading this who does not regularly use OpenSSH), donate to the OpenBSD Foundation: http://www.openbsdfoundation.org/

Yes, it's Canadian. No, you can't write it off your taxes. Why? Because there aren't enough donations to make the accounting and legal costs to do so viable. Want your donations to be tax deductible? Get (more of) your OpenSSH using friends (and companies!) to donate (more) and it just might happen!

Heh. I wonder if someone could code up a PAM module that would make a tiny BitCoin donation every time a remote ssh login was performed. Like, a voluntary thing that people could install to support the project.

Oh yes, please make my logins traceable for all eternity....

logistically that's unworkable for a number of reasons (bitcoin fees make micro payments...less useful; PAM is...not ideal; etc.) but a fine thought nonetheless.

You could have it accumulate a wallet and send over when it reaches sufficient magnitude. Or have it tally the number of times it would have done it, and then ping you when you've used it a sufficient amount, for whatever definition that is for you. Think Sublime Text save dialogs for the non-paid version.

It could just count the number of logins and do a transaction at the end of the day|week|month

There's no PAM on OpenBSD.

Indeed, BSD Auth serves a similar function on OpenBSD, except for the ability to make silly configuration mistakes.



Individuals (and companies) can also donate directly to Theo, to thank him for the years of work that went into making CDs.


Also you can donate hardware to developers, who are volunteers:


Has the OpenBSD Foundation looked into registering with the IRS as a 501(c)(3) organization? The IRS probably has 10-12x more tax payers than the CRA which would make it easier to cover the required overhead.

It looks like the requirements are a $275 application fee, an EIN (so the Foundation would need to apply for one), and an annual information return. No need to incorporate or form a separate US entity.

Project is based in Canada.

> (I cannot fathom a single person reading this who does not regularly use OpenSSH)

We're real and we're here!

But.. How do you remotely connect to your machines?

For the most part, I just use one machine, which is physically adjacent to me. I'm not doing devops. I'm just doing dev. My workstation has a development database, web server, and everything else it needs. In the rare cases I need to connect interactively with other machines, I use graphical remote desktop.

Remote Desktop on Windows.


OpenSSH is "insecure and bug-ridden"? Perhaps you're thinking of OpenSSL? As I understand it OpenSSH has had a pretty good security track record.

If so, consider donating to the OpenBSD foundation. See libreSSL.

Huh? Perhaps you confused OpenSSH with OpenSSL? Just to clarify, OpenSSH implements the SSH protocol, an encrypted Telnet replacement for remote login into machines. OpenSSL is used to secure web traffic in transit and is the one with the Heartbleed fiasco. They're different entities.

I think the grandparent is indeed confused, but just to be pedantic: OpenSSH used to use OpenSSL as it's library for cryptography primitives. Of course, it switched to LibreSSL when LibreSSL was forked from OpenSSL.

No, I was indeed referring to OpenSSH which has had its share of security vulnerabilities too.

Now I'm really curious what software doesn't qualify as an "insecure, bug-ridden mess" in your book.

I'm going to guess you meant OpenSSL, in which case yes, there is a Foundation for that. Perhaps (not so) surprisingly, it's the same one that supports OpenSSH development. You'll find LibreSSL mentioned right on the front page!

Everyone knows that physical media is a thing of the past.

I can't shake the thinking that a properly stored CD or DVD will outlast any HDD or flash device.

Properly pressed CD, at that.

Burned discs rarely last longer than 5 years, a decade max.

Most if not all of my burners from the late 90s are just fine.

CD-ROM (physically pressed) should have the longest life. Write-once media can last decades but will degrade eventually. Rewritable media have the shortest life.

Variables include the quality of manufacturing, and storage environment.

CDs degrade over time, both flash and CDs are bad long-term choices.

Ink-based CD-Rs (or DVD-R or DVD+R) degrade over time (and due to exposure to the sun).

There are some other technologies that seem like they'll last a long time (MDISC), but I'm not really sure if they're worth their cost... or if I should just go for a Hard Drive at that point.

I just wish that HDDs didn't have all these layers between the data and the OS.

Blow the controll board in some way and your sunk. Blow the mechanics and your sunk.

with optical media at least you have this passive disc that just sits there.

> Blow the controll board in some way and your sunk. Blow the mechanics and your sunk.

Not to rain on your parade, but there are several data recovery and forensics services that will pull the data off of such disks.

If you have a clean room, you can even do it yourself: all you need is an identical model drive, and to just transfer the physical platters from the broken disk, to the good disk. Think of it like swapping the engine in a car instead of buying a new car.

Of course, with the new Helium-filled hard drives coming out these days, that's going to be a lot tougher ...

The lesson of the BBC Domesday Project is that there's more to it than that with optical media.

Not sure how much of that can be transferred to later optical media. Right now a fresh off the shelf BR drive can still read (and possibly write) a CD.

Flash storage too? As in SSDs?

SSDs have to hold electric charge to retain their data, so if they are unpowered they slowly discharge. The warmer they get, the worse it is: afaik common specifications only guarantee one year data retention at 30°C, but with lower temps it gets better.

> Flash storage too? As in SSDs?

All information storage media degrade over time, it ultimately comes down to differences in durability. Stone tablets outlast SSDs, but for both, the clock is ticking.

And yet there's still no sane way to move data from my laptop to my desktop without physical media.

As long as it is easier to send the data round trip to a datacentre in Kansas and back than it is to send it within my own lan, physical media will always be "a thing of the present"

Sorry to tease, but it's amusing to me that you are technically competent enough to upload files to a data center, but don't know how to do the easier task of networking two computers (presumably) in the same room.

Seriously, though, if the computers are (or can be) on the same network, then there are dozens of ways to achieve this. The easiest is probably shared network directories, but there's also NFS, rsync, scp, FTP, etc. IF the machines are on different networks it can be a little more work, but still not hard.

Worst case scenario: use Syncthing to sync one folder across two computers.

I wonder how many people have also thought "You missed out Laplink cable.". (-:

> And yet there's still no sane way to move data from my laptop to my desktop without physical media.

If the laptop and desktop are connected to a network, then there's no reason to use physical media, in fact the medium can only be an additional failure mode. Try this instead:

$ rsync -av (source path) (destination machine name):(destination path)

On your LAN, use Zeroconf (https://en.wikipedia.org/wiki/Zero-configuration_networking) to resolve local machine names to IPs.

> As long as it is easier to send the data round trip to a datacentre in Kansas and back than it is to send it within my own lan ...

Yes, but the premise isn't correct, and it only adds to the list of possible failure modes.

I transfer files like that all the time.

Run sshd on your desktop (assuming your behind a NAT there are nearly 0 security issues with this), when you want to transfer files

`rsync username@desktops_ip:remote_file local_file`.

Alternatively use something like syncthing.

Somewhere > 100GB, (or less, depending on connection speeds) sending physical media is faster.

I recently copied 2TB from one hard drive to another on the same computer and it took half a day. Trying to rsync that amount of data over the internet would take far longer than FedEx-ing a hard drive.

Even locally, it can be faster to copy data to a thumb drive, move it to the other machine, and copy it back than to send it over the network.

Not really true, 1Gib/s link is able to saturate HDD speed (if we are still talking local) and as you probably want to make a clone either way you might as well do it over network.

4x1Gib/s or 10Gib/s are more and more popular and in general local network latency is lower than HDD latency (surprising, isn't it).

Sending over 1Gib/s network will be for sure faster than copying it on flash drive. Even if flash drive is able to do 128MiB/s speed, you have to first write it, swap machine, read it. Via network you do the write and read at the same time.

Even Amazon recognize this...


They specify that snowball is a petabyte level solution. OP was discussing transferring files from his laptop. Does a laptop exist that can store petabytes? No.

Depends on how big your lap is, I guess.

All of my desktops and laptops run Unix-like operating systems with sshd either already running or ready to run. I just need the IP address of one of the machines, and for both machines to be on the same network.

With the advent of type-C USB, I expect things will become even simpler as long as at least one of the devices can expose itself as a mass-storage or MTP device.

I'm curious as to why you think long distance transfer of your data is a better option than LAN? Do you not have control of your network? I transfer huge amounts of data over the LAN all the time. You're making me feel like we don't live in the same decade.

> Everyone knows that physical media is [sic] a thing of the past.


You're being overly pedantic and on top of that you're plain wrong. Physical media here is a collective noun, so "is" is the correct word.

"Media is" sounds funny to me too, despite its ubiquity, but I wouldn't normally make an issue of it. I don't, however, agree that lutusp is "plain wrong".

> ... you're plain wrong.

If I expressed a preference for blondes over brunettes, would you describe that as wrong also?

Obviously thinking of "physical media" as a plural is a matter of opinion, as well as being consistent with widespread usage.

If I say there are an infinity of primes, I've stated a fact, and one would be free to label it right or wrong. If instead I try to produce a concise, general definition of infinity, the result can only ever be an opinion, a judgment call. No one would have the right to call it wrong -- because it's language, not mathematics.

> Physical media here is a collective noun ...

The singular form is "physical medium." The plural form is "physical media." This is not rocket science.


Quote: "Media (the singular form of which is medium)[1] is the collective communication outlets or tools that are used to store and deliver information or data."

Again, it's language, not mathematics -- it's a matter of opinion and judgment.

Applications are open for YC Summer 2018

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact