From owner-freebsd-questions@freebsd.org Mon Jun 8 16:30:00 2020 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4A107335240 for ; Mon, 8 Jun 2020 16:30:00 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: from mail-lj1-x244.google.com (mail-lj1-x244.google.com [IPv6:2a00:1450:4864:20::244]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 49gdyH2tWhz3yCY for ; Mon, 8 Jun 2020 16:29:59 +0000 (UTC) (envelope-from dwilde1@gmail.com) Received: by mail-lj1-x244.google.com with SMTP id 9so21291175ljc.8 for ; Mon, 08 Jun 2020 09:29:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc:content-transfer-encoding; bh=IHVByivEISEexE0MZWsdM1gq0x20IXXZObVC7i2YdCc=; b=OBI1j58tg4fSOhazyP/iU5NcccDLBMobF1ZU2+OmH6gZupLZyDrFp2vAnRV3OXr0vY 9PYqZMvwEuhjZfJhOyDONoYO9k62fkeF/rBXvTYKNAfO09w/w6XptfaWg1cJq8tkrktg nQLD/pDTJzGVP+V2vFLa3tXOHQTjgnSc09MMtjdLy+gCaI0zHah7h3CHsWmdWIpyNLt0 K2BFhdYyGMp4BNti/tisjBH+7UHsBy3oLh6uIYA9nrGQvMhV3sovHTT+aMWfJSHxbtby Hln2fYXlxAUeyXpOVbJrLf8F2w6+OOpzlxd8AGVhNGXvuvhoFazM1LmLjYEoL7neUo+m dfEQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:reply-to:in-reply-to:references :from:date:message-id:subject:to:cc:content-transfer-encoding; bh=IHVByivEISEexE0MZWsdM1gq0x20IXXZObVC7i2YdCc=; b=fdAXpbjDoTaWnaFAciA+5wyYLffpIy9gGs0RAD2l/NC5/gXukyrmpl9vVxNPmS3eeC 5pYk2h2419uplrkzAemHZRxyjkjnk6gpDPDSLWcM9n4qHGRMta66kBxGKm0Yx19d0YyJ Lkns2jt7GkU49W/OL7q9v46l4UVpLBMvJVt+q44FDjfS2ymwD5igg+L4c+xVUSYZamKV qIgkqOKN9R2vN4VUOEUmooQ4K3CAZdYi7YwBhn/3DqzRcU4Ibicu1qOg8/IVS+sahy0p o74TW7q+x34PoIctpkv252YtKvvZ/AQuo1bVFeTz6VfiA22lfdHswWWpCeoNj/ayeZy9 QpTw== X-Gm-Message-State: AOAM533Qx8Q7Scz9wAl7kmm9xkzV3HMp6QJvI211N2clFGQE2EHFc84L xWAceaGOWSurqZyS8j861G0DH7MPPyrRdk9YN98= X-Google-Smtp-Source: ABdhPJxxUQUbywd/F1T85zjtats+hzIHJaaDIA9apZ78m3rXvLHWKjgBpQbgAsEqZGr9Gssmbaso64UFeqOmAszSDw4= X-Received: by 2002:a2e:8255:: with SMTP id j21mr11422616ljh.85.1591633797477; Mon, 08 Jun 2020 09:29:57 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a05:6504:47:0:0:0:0 with HTTP; Mon, 8 Jun 2020 09:29:56 -0700 (PDT) Reply-To: dwilde1@gmail.com In-Reply-To: <70c87d1a-a5d1-60ed-ef75-3a363bfd4c9e@kicp.uchicago.edu> References: <171506d5-19aa-359e-c21d-f07257c52ebd@freenetMail.de> <62d10000-e068-922e-23bd-f7a61e7a4e89@anatoli.ws> <637eed20-1326-dabf-ac9d-fac12a9dbaa5@kicp.uchicago.edu> <70c87d1a-a5d1-60ed-ef75-3a363bfd4c9e@kicp.uchicago.edu> From: Donald Wilde Date: Mon, 8 Jun 2020 09:29:56 -0700 Message-ID: Subject: Re: freebsd vs. netbsd To: Valeri Galtsev Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 49gdyH2tWhz3yCY X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=OBI1j58t; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of dwilde1@gmail.com designates 2a00:1450:4864:20::244 as permitted sender) smtp.mailfrom=dwilde1@gmail.com X-Spamd-Result: default: False [-3.46 / 15.00]; HAS_REPLYTO(0.00)[dwilde1@gmail.com]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; REPLYTO_ADDR_EQ_FROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.38)[-0.381]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.02)[-1.020]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.05)[-1.055]; MIME_GOOD(-0.10)[text/plain]; FREEMAIL_REPLYTO(0.00)[gmail.com]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::244:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jun 2020 16:30:00 -0000 On 6/8/20, Valeri Galtsev wrote: > > > On 2020-06-08 10:46, Valeri Galtsev wrote: >> >> >> On 2020-06-08 09:29, Donald Wilde wrote: >>> On 6/8/20, Valeri Galtsev wrote: >>>> >>>> >>>>> On Jun 7, 2020, at 11:26 PM, Anatoli wrote: >>>>> >>>>> IMO >>>>> >>>>> * FreeBSD: servers (performance, stability, relative security, zfs), >>>>> competes directly with Linux >>>>> >>>>> * OpenBSD: routers/firewalls, desktops (the most secure OS >>>> >>>> The most secure=E2=80=A6 if you dismiss the fact that one of the devel= oper (who >>>> wrote network stack if my memory serves me) was simultaneously receivi= ng >>>> payments from one of three letter agencies for several years. >>>> >>> The OpenBSD crew made major contributions to the FOSS community in SSH >>> and SSH components, but everybody incorporates them so they are now >>> all at the same level. >> >> This is absolute truth for me and I appreciate that fact since forever. > > Not only it is absolute truth, but I too was considering OpenBSD the > most secure operating system out there. Till the moment I've learned > that [network stack, or was it IPsec?] programmer was receiving payments > from one of 3 letter agencies some decade before it became known by > everybody. Does not mean any code he wrote for OpenBSD was affected, > being top programmer, he likely was doing unrelated stuff for them, but > realizing that to audit the code written by top programmer is virtually > impossible, I decided for myself to just shy away from OpenBSD. But > everybody can arrive at their educated decisions on their own. > > Still with utmost respect to OpenBSD for openSSH and general ultimate > security focused approach, > I think the fact that the other two root projects (NetBSD and FreeBSD) have included that code says it has all been audited at the highest level by people of equal capability. --=20 Don Wilde **************************************************** * What is the Internet of Things but a system * * of systems including humans? * ****************************************************