Hacker News new | comments | show | ask | jobs | submit login

Choose OpenBSD for your Unix needs. OpenBSD -- the world's simplest and most secure Unix-like OS. Creator of the world's most used SSH implementation OpenSSH, the world's most elegant firewall PF, and the world's most elegant mail server OpenSMTPD. OpenBSD -- the cleanest kernel, the cleanest userland and the cleanest configuration syntax.

<strike>No</strike> Only <strike>1</strike> 2 remote root holes in the default install.

Are you implying this is a bad thing? What other operating system can claim even just an order of magnitude more holes? 2, in what, over a decade? That's incredibly good.

The problem is that the default install doesn't do much. It's almost like saying that MS-DOS is secure because networking is not working by default.

The default OpenBSD install ships with plenty of software. It comes with pretty much everything but graphical web browsers that the devs use. It includes web and email servers, opensshd and openntpd, openldap, gnome, etc. It's a system fully functional for many purposes.

Very little of that was enabled in the default install. The no vulnerabilities claim rubbed a lot of people the wrong way. Sometimes things were patched that could have been remotely exploitable, but not called vulnerabilities because nobody checked when bugs were fixed.

Even so, I still I really like OpenBSD. I'm glad they finally got started with code signing. This work on Xorg is fantastic, although I can't see the point of running Xorg on OpenBSD.

Wish OpenBSD had better SMP support and ZFS.

Is this true?

Not necessarily.

Only two has been discovered, but how many there really is?

Actually, Theo is a mole working for the NSA and he's throughout the code that looks clean, he has hidden loads of backdoors and weak crypto…

And because the coders and security consultants reading OpenBSD's source code spend so much time laughing at the jokes in the comments, that they just don't notice the hidden evil!

But Ssh! don't tell anyone the door is opened! :-D

It's funny you joke about that...

The alleged FBI backdoor in OpenBSD's IPSec implementation:


It is from December 2010. In regards of the Snowden revelations have any of the backdoors been found since?


OpenSMTPD is great for people who need a basic MTA. The configuration is not voodoo and the man pages are good.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact