From owner-freebsd-questions@FreeBSD.ORG Sun Jun 15 22:13:11 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFF0037B401 for ; Sun, 15 Jun 2003 22:13:11 -0700 (PDT) Received: from smtp.us2.messagingengine.com (ny2.fastmail.fm [66.111.4.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA53443F85 for ; Sun, 15 Jun 2003 22:13:10 -0700 (PDT) (envelope-from thanjee@fastmail.fm) Received: from smtp.us2.messagingengine.com (server2.internal [10.202.2.133]) by server2.messagingengine.com (Postfix) with ESMTP id 470EB6C6DD for ; Mon, 16 Jun 2003 01:13:10 -0400 (EDT) Received: from 127.0.0.1 ([127.0.0.1] helo=smtp.us2.messagingengine.com) by messagingengine.com with SMTP; Mon, 16 Jun 2003 01:13:10 -0400 Received: by smtp.us2.messagingengine.com (Postfix, from userid 99) id 41F5C6D729; Mon, 16 Jun 2003 01:13:10 -0400 (EDT) Content-Disposition: inline Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="ISO-8859-1" MIME-Version: 1.0 X-Mailer: MIME::Lite 1.2 (F2.71; T1.001; A1.51; B2.12; Q2.03) From: "Thanjee Neefam" To: freebsd-questions@freebsd.org Date: Sun, 15 Jun 2003 21:13:10 -0800 X-Epoch: 1055740390 X-Sasl-enc: PPW2E+yWb84wTHYHZMM+Pg References: <20030616034216.AF44B341B4@www.fastmail.fm> In-Reply-To: <20030616034216.AF44B341B4@www.fastmail.fm> Message-Id: <20030616051310.41F5C6D729@smtp.us2.messagingengine.com> Subject: key barriers X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Jun 2003 05:13:12 -0000 Hello, I have a friend who is a Debian Linux user and I have been having a discussion with him about using FreeBSD. He wrote me a list of his concerns with changing to FreeBSD. I don't want to give him any incorrect answers or incorrect information. So could someone more knowledgable than me please give me some precise answers on the following points. Thanks! ----from email---- I like that a certain *BSD is getting funding from DARPA; the enhancements I was reading about sounded impressive. The key barrier to FreeBSD is java. I go to http://www.freebsd.org/java/ and the main text says FreeBSD supports 1.1.8, which isn't good enough for my needs. However, there is also a 1.4 link on that page, but that page says the FreeBSD version is currently missing features. This is the second key issue. I know of someone who runs an old open-source OS (about 3 versions behind the current), who doesn't know how to patch his box unless he downloads 4 or so CDs. That box was recently compromised and the fix that person performed was to rebuild the machine with the same old OS, and recover data from tape. I like being able to browse to www.debian.org/security and to know that on certain days as many as 5 patches are released. And that with a single command I can apply all the patches I need. Now, FreeBSD has a similar page freebsd.org/security but it doesn't list as many bugs. Does that mean FreeBSD has fewer holes? Or does it mean it takes longer to fix them in FreeBSD? Or that people are not testing the security of BSD as much as Debian? I don't know. At the top of the debian security page is directions on how to apply all relevent patches. There is no such information on the FreeBSD security page (that I could see, correct me if I am wrong). Instead the directions are attached to the Security Advisory, and involve recompiling your operating-system/kernal and rebooting (at least it did for the two I checked 'openssl' and 'syncookies' SA for 4.8 /////////// thanjee@fastmail.fm \\\\\\\\\\\ AAFE Audio, Amiga and FreeBSD Enthusiast :p \\\\\\\\\ http://www.fastmail.fm //////////