[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: arguments about OpenBSD's Security
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: arguments about OpenBSD's Security
- From: Jon Drews <jon_(_dot_)_drews_(_at_)_gmail_(_dot_)_com>
- Date: Fri, 5 Nov 2004 23:13:50 -0700
- Reply-to: Jon Drews <jon_(_dot_)_drews_(_at_)_gmail_(_dot_)_com>
Well...
... seems the author of this website has an axe to grind. I quote the
following passages from Spafford and Garfinkel's book on security:
>From the section on Businesses adopt UNIX
"A number of network appliance vendors found the stability and
security of the OpenBSD platform to be appealing, and they adopted it
for their projects"
from "Practical UNIX & Internet Security" Simson Garfinkel, Gene
Spafford and Alan Schwartz, pg. 20.
"We should note that these [security] problems are not confined to
commercial versions... ...There are some exceptions, such as the
careful code review conducted on OpenBSD, but, paradoxically, the code
that is more carefully tested and developed in the open software
community also seems to be the code that is least used"
from "Practical UNIX & Internet Security", pg. 27.
I'd also note that the paradox mentioned above was encountered by Theo:
from http://star-techcentral.com/tech/story.asp?file=/2004/10/26/itfeature/9170256&sec=itfeature
"De Raadt said he was puzzled as to why software developers and
vendors have generally chosen to ignore his call to improve the state
of IT security by following the example set by the OpenBSD project. "
On Sat, 6 Nov 2004 10:56:33 +0530, Siju George <sgeorge_(_dot_)_ml_(_at_)_gmail_(_dot_)_com> wrote:
> Hi Dear OpenBSD people,
>
> I happened to come across a website that criticizes and mocks the
> security of OpenBSD.
>
> http://wideopenbsd.org/
Visit your host, monkey.org