From owner-freebsd-questions@freebsd.org  Mon Jun  8 16:01:59 2020
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id F2586334119
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Mon,  8 Jun 2020 16:01:59 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: from kicp.uchicago.edu (kicp.uchicago.edu [128.135.20.70])
 by mx1.freebsd.org (Postfix) with ESMTP id 49gdKy6b7fz3bxw
 for <freebsd-questions@freebsd.org>; Mon,  8 Jun 2020 16:01:58 +0000 (UTC)
 (envelope-from galtsev@kicp.uchicago.edu)
Received: from point.uchicago.edu (point.uchicago.edu [128.135.52.6])
 (Authenticated sender: galtsev)
 by kicp.uchicago.edu (Postfix) with ESMTPSA id 425194E639
 for <freebsd-questions@freebsd.org>; Mon,  8 Jun 2020 11:01:58 -0500 (CDT)
Subject: Re: freebsd vs. netbsd
To: freebsd-questions@freebsd.org
References: <171506d5-19aa-359e-c21d-f07257c52ebd@freenetMail.de>
 <62d10000-e068-922e-23bd-f7a61e7a4e89@anatoli.ws>
 <ACE27C81-9437-41D6-BBD4-FA7A7B791428@kicp.uchicago.edu>
 <CAEC7392m+_AMfuLn-AgNzfWxgOFY=j_RrLaFFHtxHkeTjaR6+g@mail.gmail.com>
 <637eed20-1326-dabf-ac9d-fac12a9dbaa5@kicp.uchicago.edu>
From: Valeri Galtsev <galtsev@kicp.uchicago.edu>
Message-ID: <70c87d1a-a5d1-60ed-ef75-3a363bfd4c9e@kicp.uchicago.edu>
Date: Mon, 8 Jun 2020 11:01:53 -0500
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101
 Thunderbird/68.8.0
MIME-Version: 1.0
In-Reply-To: <637eed20-1326-dabf-ac9d-fac12a9dbaa5@kicp.uchicago.edu>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 49gdKy6b7fz3bxw
X-Spamd-Bar: +
Authentication-Results: mx1.freebsd.org; dkim=none;
 dmarc=fail reason="No valid SPF, No valid DKIM" header.from=uchicago.edu
 (policy=none); 
 spf=none (mx1.freebsd.org: domain of galtsev@kicp.uchicago.edu has no SPF
 policy when checking 128.135.20.70) smtp.mailfrom=galtsev@kicp.uchicago.edu
X-Spamd-Result: default: False [1.46 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.29)[0.289];
 MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
 NEURAL_SPAM_MEDIUM(0.15)[0.153]; RCPT_COUNT_ONE(0.00)[1];
 NEURAL_SPAM_LONG(0.92)[0.919]; R_SPF_NA(0.00)[no SPF record];
 RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[];
 R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:160, ipnet:128.135.0.0/16, country:US];
 RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[];
 DMARC_POLICY_SOFTFAIL(0.10)[uchicago.edu : No valid SPF, No valid DKIM,none]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jun 2020 16:02:00 -0000



On 2020-06-08 10:46, Valeri Galtsev wrote:
> 
> 
> On 2020-06-08 09:29, Donald Wilde wrote:
>> On 6/8/20, Valeri Galtsev <galtsev@kicp.uchicago.edu> wrote:
>>>
>>>
>>>> On Jun 7, 2020, at 11:26 PM, Anatoli <me@anatoli.ws> wrote:
>>>>
>>>> IMO
>>>>
>>>> * FreeBSD: servers (performance, stability, relative security, zfs),
>>>>   competes directly with Linux
>>>>
>>>> * OpenBSD: routers/firewalls, desktops (the most secure OS
>>>
>>> The most secure… if you dismiss the fact that one of the developer (who
>>> wrote network stack if my memory serves me) was simultaneously receiving
>>> payments from one of three letter agencies for several years.
>>>
>> The OpenBSD crew made major contributions to the FOSS community in SSH
>> and SSH components, but everybody incorporates them so they are now
>> all at the same level.
> 
> This is absolute truth for me and I appreciate that fact since forever.

Not only it is absolute truth, but I too was considering OpenBSD the 
most secure operating system out there. Till the moment I've learned 
that [network stack, or was it IPsec?] programmer was receiving payments 
from one of 3 letter agencies some decade before it became known by 
everybody. Does not mean any code he wrote for OpenBSD was affected, 
being top programmer, he likely was doing unrelated stuff for them, but 
realizing that to audit the code written by top programmer is virtually 
impossible, I decided for myself to just shy away from OpenBSD. But 
everybody can arrive at their educated decisions on their own.

Still with utmost respect to OpenBSD for openSSH and general ultimate 
security focused approach,

Valeri

> 
> Valeri
> 
>>
>> The main remaining difference is that OpenBSD doesn't turn on
>> _anything_ unless you specifically ask it to.
>>
> 

-- 
++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++