I'll start by quoting myself from another thread, wherein the question was raised about an OpenBSD bastion firewall protecting one's network, one's privacy, one's digital life (business or personal). The question rose recently in a couple of different threads, but I believe this sums up the general case, whether or not OpenBSD is involved in any fashion.
Quote:
Originally Posted by jggimi
Security is not a product. It its a process, and any chink in the armor can become a problem.
|
I had pointed to application level errors such as SQL Injection as something that OpenBSD is not able to prevent.
Network administrators, OS administrators, application architects, application developers, and, of course, users themselves all have a role to play in the pantheon of security risk mitigation.
I give you, as an example of insecure-by-design web applications: amazon.com, facebook.com, twitter.com, and 23 other major web players that send information to clients completely in the clear. Whether or not these major players use complex firewalls and security software themselves, they expose personal information, including accounts and passwords. B
y design. OpenBSD would have no impact on
this Firesheep example. (Excepting, of course, astute, technically aware clients who might route traffic through an OpenBSD-based VPN or tunnel.)