DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 10th March 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 54
Default Do you think there's any truth to this?

https://www.csoonline.com/article/32...-think-so.html

https://bsd.slashdot.org/story/18/01...chers-think-so

I care very little for Linux--in any incarnation in which it is available. But epistemologically Ilja's opinion makes sense. I hate to think of the day OpenBSD might not be as actively and professionally developed as it is currently but the numbers paint an alarming trend that might see Ilja's prediction come to fruition.

What do the developers and/or foundation committee members say or think about the fate of OpenBSD?
Reply With Quote
  #2   (View Single Post)  
Old 10th March 2018
Head_on_a_Stick's Avatar
Head_on_a_Stick Head_on_a_Stick is offline
Real Name: Matthew
Bitchy Nerd Elitist
 
Join Date: Dec 2015
Location: London
Posts: 461
Default

This meme has been around for a long time now:

http://uncyclopedia.wikia.com/wiki/BSD_is_Dying

It may be worth noting that NetFlix use FreeBSD for their servers and they boast of performance that exceeds anything Linux can manage.

The donations page for OpenBSD state that the project received $376,000 in 2017 — does that sound "dead" to you?

http://www.openbsdfoundation.org/activities.html
__________________
Are you infected with Wetiko?
Reply With Quote
  #3   (View Single Post)  
Old 10th March 2018
sacerdos_daemonis's Avatar
sacerdos_daemonis sacerdos_daemonis is offline
Real Name: Will forever be a secret.
Spam Deminer
 
Join Date: Sep 2014
Posts: 283
Default

Quote:
Originally Posted by toprank View Post
I hate to think of the day OpenBSD might not be as actively and professionally developed as it is currently but the numbers paint an alarming trend that might see Ilja's prediction come to fruition.
In order for the numbers to show a trend they would need to: 1) Include numbers for Linux, Windows and OSX, so a comparison could made.
2) Be shown over time, which is what a trend is.

Simply saying "A few bugs were found, so the BSDs are dying" is just sensationalism to get attention.
Reply With Quote
  #4   (View Single Post)  
Old 10th March 2018
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default

OpenBSD community is quite actively doing great job. It doesn't seem for me like dead OS.

One thing is true: More people is looking at Linux code.
On the other hand security is complicated matter. The less people and companies use the OS, the less interest Internet criminals have to find vulnerabilities and write exploits.
OpenBSD actively is fixing reported bugs. OpenBSD has some security mitigations such as W^X enabled by default. OpenBSD has some great security mechanisms such as pledge and uses them to create daemons with carefully designed privilege-separation to accomplish principle of least privilege.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
  #5   (View Single Post)  
Old 10th March 2018
girarde girarde is offline
Fdisk Soldier
 
Join Date: Nov 2010
Location: NW FL
Posts: 75
Default Yes, quantity has a quality all its own...

...but whose eyes are looking is important.

Many, MANY people are looking at Linux code. But what are they looking *for*? Linus says that security bugs are just another kind of bug. Theo thinks they are the most important kind. Does anybody think that Linux developers are looking as hard for security bugs as OpenBSD developers do? Or as likely to drop what they were doing to fix *security* bugs when found? Supporting that new nVidia adapter is important, too.

I use Linux when I'm paid to. But when that goes away for me, I will bid Linux adieu.
Reply With Quote
  #6   (View Single Post)  
Old 11th March 2018
gpatrick gpatrick is offline
Spam Deminer
 
Join Date: Nov 2009
Posts: 245
Default

Wishful thinking from Linux zealots. It is always amusing when Redhat or Oracle come in to my place of work to marvel about the “new” features they’re getting; features that existed in AIX and Solaris for 10-20 years.

Plan 9 has always been extremely secure and fewer eyes than any UNIX or variant.
Reply With Quote
  #7   (View Single Post)  
Old 11th March 2018
Prevet Prevet is offline
Shell Scout
 
Join Date: Oct 2017
Posts: 84
Default

Quote:
Originally Posted by girarde View Post
...but whose eyes are looking is important.

Many, MANY people are looking at Linux code. But what are they looking *for*? Linus says that security bugs are just another kind of bug. Theo thinks they are the most important kind. Does anybody think that Linux developers are looking as hard for security bugs as OpenBSD developers do? Or as likely to drop what they were doing to fix *security* bugs when found? Supporting that new nVidia adapter is important, too.

I use Linux when I'm paid to. But when that goes away for me, I will bid Linux adieu.
I can't speak for Linux developers, but what I've noticed with the Linux users I've interacted with is they don't care about security or spyware, any more than Windows and Apple users do. Trying to get them to take an interest is like talking to sheep. "Baaaaaahhhh!"
Reply With Quote
  #8   (View Single Post)  
Old 11th March 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 54
Default

Quote:
Originally Posted by Head_on_a_Stick View Post
This meme has been around for a long time now:

http://uncyclopedia.wikia.com/wiki/BSD_is_Dying

It may be worth noting that NetFlix use FreeBSD for their servers and they boast of performance that exceeds anything Linux can manage.

The donations page for OpenBSD state that the project received $376,000 in 2017 — does that sound "dead" to you?

http://www.openbsdfoundation.org/activities.html
I'm not sure of the veracity of this claim, but this post suggests FreeBSD constitutes a very small part of Netflix infrastructure[0].

The last ~5 years of donations looks promising; however, when you consider that one company is responsible for ~50% of the funding, it could mean that things are more volatile than it appears.

2017 = $376k
2016 = $573k ($280k from Smartisan alone)
2015 = $256k
2014 = $397k
2013 = $30,949k
2012 = $19,851k

[0] https://bsd.slashdot.org/comments.pl...9&cid=56012685

Quote:
Originally Posted by sacerdos_daemonis View Post
In order for the numbers to show a trend they would need to: 1) Include numbers for Linux, Windows and OSX, so a comparison could made.
2) Be shown over time, which is what a trend is.

Simply saying "A few bugs were found, so the BSDs are dying" is just sensationalism to get attention.
Again, the veracity and accuracy of the numbers in this post[1] aren't known to me, but there are statistics that do include Linux and Windows, and span a period of time[2] that aren't showing an increase in BSD use. And even more general data pertaining to popularity or interest show a decline for OpenBSD[3] over the last two years, at least.

Quote:
Originally Posted by Anonymous Coward
"It is now official. Netcraft has confirmed: *BSD is dying One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test. You don't need to be the Amazing Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood. FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying. Let's keep to the facts and look at the numbers. OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts. Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house. All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead."
[1] https://bsd.slashdot.org/comments.pl...9&cid=56008103
[2] https://w3techs.com/technologies/det...s-unix/all/all ; https://w3techs.com/technologies/details/os-bsd/all/all
[3] https://www.distrowatch.com ; https://en.wikipedia.org/wiki/Compar...rating_systems

Quote:
Originally Posted by e1-531g View Post
OpenBSD community is quite actively doing great job. It doesn't seem for me like dead OS.

One thing is true: More people is looking at Linux code.
On the other hand security is complicated matter. The less people and companies use the OS, the less interest Internet criminals have to find vulnerabilities and write exploits.
OpenBSD actively is fixing reported bugs. OpenBSD has some security mitigations such as W^X enabled by default. OpenBSD has some great security mechanisms such as pledge and uses them to create daemons with carefully designed privilege-separation to accomplish principle of least privilege.
I'm a huge fan of the underlying ethos and philosophy of OpenBSD. I sincerely hope this is just unsubstantiated rhetoric and that the future of OpenBSD is long and healthy.

Quote:
Originally Posted by girarde View Post
...but whose eyes are looking is important.

Many, MANY people are looking at Linux code. But what are they looking *for*? Linus says that security bugs are just another kind of bug. Theo thinks they are the most important kind. Does anybody think that Linux developers are looking as hard for security bugs as OpenBSD developers do? Or as likely to drop what they were doing to fix *security* bugs when found? Supporting that new nVidia adapter is important, too.

I use Linux when I'm paid to. But when that goes away for me, I will bid Linux adieu.
I, too, am no fan of Linux. Or any of the other BSDs, for that matter. I once used FreeBSD but they've really fallen off of late. I have hopes for Dragonfly but development seems stagnant.

Quote:
Originally Posted by gpatrick View Post
Wishful thinking from Linux zealots. It is always amusing when Redhat or Oracle come in to my place of work to marvel about the “new” features they’re getting; features that existed in AIX and Solaris for 10-20 years.

Plan 9 has always been extremely secure and fewer eyes than any UNIX or variant.
I keep meaning to look into Plan 9; I'll have to do this soon.
Reply With Quote
  #9   (View Single Post)  
Old 11th March 2018
scottro's Avatar
scottro scottro is offline
Real Name: Scott Robbins
ISO Quartermaster
 
Join Date: Apr 2008
Location: NYC
Posts: 652
Default

https://en.wikipedia.org/wiki/Better...w_of_headlines

If a headline asks a question, the answer is usually no.
Reply With Quote
Old 11th March 2018
johnR johnR is offline
Fdisk Soldier
 
Join Date: Nov 2017
Posts: 57
Default

Quote:
Originally Posted by Prevet View Post
I can't speak for Linux developers, but what I've noticed with the Linux users I've interacted with is they don't care about security or spyware, any more than Windows and Apple users do. Trying to get them to take an interest is like talking to sheep. "Baaaaaahhhh!"
This is an unfortunate trend. I've used Debian for nearly two decades and have seen Linux go from an easily customised system for technically minded users to one aimed at those who want Windows but don't want to pay for it. Userland development has changed accordingly, with every new release from the major distros containing changes that seem to be driven by fashion rather than sound technical decisions.

I recently changed my desktop PC to OpenBSD to try it out. I liked it enough to start changing most of my other systems. I still have a couple of dedicated audio workstations running Debian as I need realtime privileges and ALSA drivers. That may change if systemd avoidance becomes too painful (FreeBSD and Dragonfly look promising, but I'd have to learn to write BSD drivers).

I know of quite a few long-term Linux users who have switched (or are thinking about switching) to *BSD. Those articles about the supposedly imminent death of *BSD don't tally with my own observations.
Reply With Quote
Old 11th March 2018
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default

I don't think everything Ilja van Sprundel said is false. He is a professional pentester who looked at source code and found bugs. He said a lot of bugs were low hanging fruits and I can believe that general opinion has some merit.
A the same time I don't think he is competent enough to predict future of *BSD OSes. For example many think that being out of commercial enterprise market is the death of OS. OpenBSD is probably generally out of that market, but... so what? OpenBSD is now introducing oneself as research project and development continues
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
Old 13th March 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 54
Default

Quote:
Originally Posted by johnR View Post
This is an unfortunate trend. I've used Debian for nearly two decades and have seen Linux go from an easily customised system for technically minded users to one aimed at those who want Windows but don't want to pay for it. Userland development has changed accordingly, with every new release from the major distros containing changes that seem to be driven by fashion rather than sound technical decisions.

I recently changed my desktop PC to OpenBSD to try it out. I liked it enough to start changing most of my other systems. I still have a couple of dedicated audio workstations running Debian as I need realtime privileges and ALSA drivers. That may change if systemd avoidance becomes too painful (FreeBSD and Dragonfly look promising, but I'd have to learn to write BSD drivers).

I know of quite a few long-term Linux users who have switched (or are thinking about switching) to *BSD. Those articles about the supposedly imminent death of *BSD don't tally with my own observations.
I've been giving this some thought, and I don't think the premise of Ilja's position is based on BSD's user base, but in its developers. As in, the lack of them. Or the lack of new young(er) programmers who posses the same qualities as Theo and the existing OpenBSD community joining the ranks to contribute to the development of the OS. I don't think OpenBSD would have a very high attrition rate among its users. But I also don't think there are high numbers of newcomers either. That's not really as critical to securing the OS's future as an influx of capable coders though.

I could be way off the mark; I'm just thinking aloud here. Mostly I'm just concerned that without a new contingent that values security, simplicity, and stability as much as the original authors, the future's uncertain.

Quote:
Originally Posted by e1-531g View Post
I don't think everything Ilja van Sprundel said is false. He is a professional pentester who looked at source code and found bugs. He said a lot of bugs were low hanging fruits and I can believe that general opinion has some merit.
A the same time I don't think he is competent enough to predict future of *BSD OSes. For example many think that being out of commercial enterprise market is the death of OS. OpenBSD is probably generally out of that market, but... so what? OpenBSD is now introducing oneself as research project and development continues
I, too, was divided on how much credence to give his claims. On the one hand he's well qualified to appraise the code but that doesn't necessarily translate to speculating on future development. But I think it's a valid argument, and it appears that even Theo concurs: when the workload > manpower there's a problem. The eventual outcome of that problem, though, is unclear.
Reply With Quote
Old 13th March 2018
IdOp's Avatar
IdOp IdOp is offline
Too dumb for a smartphone
 
Join Date: May 2008
Location: twisting on the daemon's fork(2)
Posts: 1,027
Default

Quote:
Originally Posted by toprank View Post
But I also don't think there are high numbers of newcomers either. That's not really as critical to securing the OS's future as an influx of capable coders though.

I could be way off the mark; I'm just thinking aloud here.
I don't know for sure, but I would think many/most of the developers start out as users and eventually they get more involved.

Quote:
I, too, was divided on how much credence to give his claims. On the one hand he's well qualified to appraise the code but that doesn't necessarily translate to speculating on future development.
In the first linked article I only saw van Sprundel commenting on his findings. It was Argyroudis who opined that "NetBSD is practically dead" and prognosticated that OpenBSD had the greater chance for survival. Of course the latter is a pentester too so the same point can be transfered to him. To me, taking terms like death and survival literally is less interesting than to understand his meanings --- are they absolute or relative? --- and what reasons he has to think what he does. It was an interesting read.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD the truth latorion FreeBSD General 27 19th May 2008 02:26 AM


All times are GMT. The time now is 10:22 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick