From owner-freebsd-questions@freebsd.org Fri Jul 10 18:23:47 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CE8433FD7 for ; Fri, 10 Jul 2015 18:23:47 +0000 (UTC) (envelope-from jd1008@gmail.com) Received: from mail-ig0-x230.google.com (mail-ig0-x230.google.com [IPv6:2607:f8b0:4001:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 978BE149A for ; Fri, 10 Jul 2015 18:23:47 +0000 (UTC) (envelope-from jd1008@gmail.com) Received: by iggp10 with SMTP id p10so40824694igg.0 for ; Fri, 10 Jul 2015 11:23:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=lEGzVR/p1dgYcjacrkaBe0A5Cr7bx4MqDhd0fAZ09Ms=; b=saKFb/+c+YbrzwYW+bpEDPCXBJjPDWbxdK3f2w0r4qMKBu9GoXkYWGej81HyJccvcL YPz8BAepnPHlUf6ZsLPFpSxX7X0LMlocbgCHWLrp+L8A7V1otwN0T+39aJOfBNn2gC1x FRGZai4LMB3gzgoZ61pmZcIB40Ykctw/04zbqWWNT1TO5n9ceKiQWexf4TsbSKT+U1qf qu7empsIE9XWa8MkFB+QfdTI5p/ukLL1ea9LgDrdDC3UxcQSxvEL28d8HUp9a8Ay/9xu 6/RmjB7ArBoHsQ4RM5TY6knS7S+QVb2pxMahePuANwlsODeGvidMHuYio8OOqowRiPos XMlA== X-Received: by 10.107.31.134 with SMTP id f128mr34451240iof.19.1436552626933; Fri, 10 Jul 2015 11:23:46 -0700 (PDT) Received: from localhost.localdomain ([50.243.6.59]) by smtp.googlemail.com with ESMTPSA id y98sm6979189ioi.25.2015.07.10.11.23.45 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 10 Jul 2015 11:23:46 -0700 (PDT) Message-ID: <55A00DA7.4000902@gmail.com> Date: Fri, 10 Jul 2015 12:23:35 -0600 From: jd1008 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Microsoft Now OpenBSD Foundation Gold Contributor References: <559FF775.7030204@mgm51.com> <33650.128.135.70.2.1436549147.squirrel@cosmo.uchicago.edu> <20150710140324.362fd648@seibercom.net> In-Reply-To: <20150710140324.362fd648@seibercom.net> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Jul 2015 18:23:48 -0000 On 07/10/2015 12:03 PM, Jerry wrote: > On Fri, 10 Jul 2015 12:25:47 -0500 (CDT), Valeri Galtsev stated: > >> On Fri, July 10, 2015 11:48 am, Mike wrote: >>> On 7/10/2015 12:43 PM, Carmel NY wrote: >>>> I wonder why they choose OpenBSD over FreeBSD? >>>> >>>> http://undeadly.org/cgi?action=article&sid=20150708134520&mode=expanded&count=27 >>> Probably is related to: >>> >>> http://undeadly.org/cgi?action=article&sid=20150603090420 >> With all my scepticism I would more consider that as an excuse, implying >> the reason may be something like this: >> >> http://slashdot.org/story/10/12/15/004235/FBI-Alleged-To-Have-Backdoored-OpenBSDs-IPSEC-Stack >> >> (I didn't say exactly this, I said something like this...) So, I'm >> actually quite happy they didn't choose FreeBSD ;-) > > Sorry but that is impossible. Many eyes makes FOSS software invulnerable to > this sort of attack? Or, at least that is what fools like to believe. Say any > lie enough times and some moron will believe it. > +1 The fact is that there are NOT that many "expert and fully knowledgeable" eyes reviewing open source. The sheer volume of open source makes that task virtually impossible. Most reviewers have real jobs to pay the bills. They would not have the bandwidth to review so much code (kernel, compilers, assembler, compiler libraries, apps and their libraries). Add to all this, JAVA and all of it's components and variants. The volume is just to damned huge. Sometimes, "certain interests" insert into the distribution "malcode" without any peer review; and if there is peer review, then the "nay saying" reviewers are either dissed, called names or simply censored, so no ones knows about their objections. With the passage of time, the malcode is fully established and propagated and forgotten about. A friend of mine said "In the Kali Yuga (The Age of Darkness), all hell breaks loose upon the earth)".