From owner-freebsd-advocacy@FreeBSD.ORG Sun Dec 27 04:48:56 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B62A1106566B for ; Sun, 27 Dec 2009 04:48:56 +0000 (UTC) (envelope-from jhellenthal@gmail.com) Received: from mail-gx0-f218.google.com (mail-gx0-f218.google.com [209.85.217.218]) by mx1.freebsd.org (Postfix) with ESMTP id 6C6768FC0C for ; Sun, 27 Dec 2009 04:48:55 +0000 (UTC) Received: by gxk10 with SMTP id 10so9129603gxk.3 for ; Sat, 26 Dec 2009 20:48:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:date:from:x-priority :message-id:cc:subject:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=f4Lep+NsRs3rhbfh1wfkfwN5aP2EGnOcIyYRIfv4RiM=; b=dTM3/xQvrAFZY5TgpU15hi9Ag7Ejus3ABvbaLGHZ+f8UoPcQA2aBXgmhbEmEEjh1DR 5GRb3F9rVEI+JPHl6aF0Ol4zg2RZ9MTQnwYocqXPDHssEFmrJBENAqngSS9Vpqeawgxx PpH8sNDJqUOQJpt0WZQq1MFEijA9O+/IirtPs= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:date:from:x-priority:message-id:cc:subject:in-reply-to :references:mime-version:content-type:content-transfer-encoding; b=nszWvjNcpAtxcNk1I3wPyOK0VU/k/W3HnwB+wLm6oQsH2QS2WxeOhRcFINOJbxk+yH 3ylQBmvfEX6wiud+3OCr57TvIkz+pLdGr3FcOw3e4/mZUcMZEgY//GHpLxMVB+REHJ4P U4vjFE1+K4g7KWGgVVAsumTeUBJys/d2bZktI= Received: by 10.100.234.26 with SMTP id g26mr13159141anh.38.1261887526252; Sat, 26 Dec 2009 20:18:46 -0800 (PST) Received: from blackcell.5p.local (ppp-21.2.dialinfree.com [209.172.21.2]) by mx.google.com with ESMTPS id 22sm9773724iwn.4.2009.12.26.20.18.39 (version=SSLv3 cipher=OTHER); Sat, 26 Dec 2009 20:18:44 -0800 (PST) Sender: "J. Hellenthal" Date: Sat, 26 Dec 2009 23:18:42 -0500 From: jhell X-Priority: 3 (Normal) Message-ID: <1443990337.20091226231842@dataix.net> CC: freebsd-advocacy@freebsd.org In-Reply-To: <2fd864e0912250624s7f51b127r991342baf8487100@mail.gmail.com> References: <4B31D6F9.6040608@infracaninophile.co.uk> <200912231450.nBNEoP1q063542@fire.js.berklix.net> <20091225015252.GW2100@over-yonder.net> <2fd864e0912250624s7f51b127r991342baf8487100@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: why BSDs got no love X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 27 Dec 2009 04:48:56 -0000 =0D=0AFriday, December 25, 2009, 9:24:25 AM, you wrote: > I think what we're looking at here is that sysinstall should probably > be replaced... but it works well enough that it doesn't *have* to be > replaced, and most people aren't bothered enough by it to write code > to come up with something new. Certainly, having things like zfs > support in sysinstall would be nice... but most of the people using > zfs boot know the system well enough to do it from the Fixit/LiveFS > shell anyway. > Basically... if you really want to see this change, I think you're > gonna have to do it yourself. Personally I would like to see something around the likes of shells/flash menu shell implemented with some modular scripting and drop-in binaries for other tasks that cannot be accomplished through the use of shell scripts as elegantly as they would in C. As for licensing of shells/flash I am unsure but it does bring the ease of scripting into play that can shield a user from some of the behind the scenes ugliness. Snip of the pkg-desc: Flash is an attempt to create a secure menu-driven shell for UNIX-derived O= Ses, while providing user-friendliness and easy configurability. An ideal situat= ion requiring the use of flash would be a student-run telnet server which needs= to: a) shelter the users from some of the nastiness of UNIX b) shelter the system from nasty users c) provide an easy way to launch applications d) support multitasking/job control as elegantly as possible e) support easy-to-get-right configuration by administrators ---- In that type of menu it would be easy to drop a script that asks: A) Would you like a GUI install menu... B) Would you like a CLI install menu... C) Get me out of here... ---- It also has a nice little notes side frame that could tell the user a little more about what is going on if they are confused about the choices that are selected. As for my self, I would be willing to contribute some bits & bytes to see this happen. As for the GUI I would be willing to write the hooks for it in the menu system but that is as far as I am willing to go with it. I don't see any satisfactory need or gain in GUI for just-a-installer. Best regards. --=20 Saturday, December 26, 2009 10:59:02 PM jhell From owner-freebsd-advocacy@FreeBSD.ORG Mon Dec 28 17:59:04 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 90DEE106568F for ; Mon, 28 Dec 2009 17:59:04 +0000 (UTC) (envelope-from petrus4@tpg.com.au) Received: from mail11.tpgi.com.au (mail11.tpgi.com.au [203.12.160.161]) by mx1.freebsd.org (Postfix) with ESMTP id 273178FC3B for ; Mon, 28 Dec 2009 17:59:03 +0000 (UTC) X-TPG-Junk-Status: Message not scanned DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tpg.com.au; s=alpha; t=1262023142; bh=dui/SMpJVa+kpytE6Ail9ppQWOvWChm6BAbnpWfI6gU=; h=X-TPG-Abuse:Message-ID:From:To:Subject:Date:MIME-Version: Content-Type; b=bBxiUSReLkS+oRNtDZgWYri0QiIGVt8epStrkNCPNncwD3huEFji5txjtSuYUNRsJ 8to4Yg9Y55W1X9+pb4+3HDZMXnLiIVa309x5xxdp8DcKiLAIyjWk/U6zG8r8yFBcsm sRRl3uAjkkjqmpC00BoT7ZwkkXuc+C3plKxJaNyY= X-TPG-Antivirus: Passed X-TPG-Abuse: host=203-219-254-191.static.tpgi.com.au; ip=203.219.254.191; date=Tue, 29 Dec 2009 04:59:02 +1100 Received: from jim4fb89194d83 (203-219-254-191.static.tpgi.com.au [203.219.254.191]) by mail11.tpgi.com.au (envelope-from petrus4@tpg.com.au) (8.14.3/8.14.3) with SMTP id nBSHx0ua016994 for ; Tue, 29 Dec 2009 04:59:02 +1100 Message-ID: <001001ca87e7$70b00760$0301a8c0@jim4fb89194d83> From: "Petrus" To: References: <75813f040912260730w40e7ebfge72fb0686c455cd9@mail.gmail.com> Date: Tue, 29 Dec 2009 03:59:00 +1000 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="UTF-8"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2905 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2962 Subject: Re: why BSDs got no love X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2009 17:59:04 -0000 > There is absolutely no reason to change the default FreeBSD installer in > my > opinion, when the PC-BSD one will suffice for the 'snazzy' desktop > installs. I won't say that sysinstall couldn't benefit from at least *some* renovation. ;) The interface is fine, sure, but what I'm primarily talking about is the download mechanism. Apparently when certain files get downloaded with it, they actually get copied in-place during the transfer process, which means that if you abort it, you can end up with partially digested conf files (my /etc/passwd got hosed once) all over the place. What I'd propose would be caching whatever files the system needs to download until everything is cached locally, and then installing the lot after that, rather than doing both downloading and installing/copying in the same step. That way you can safely abort during the process if you need to. A scenario where individual files that are to be rewritten, get temporarily backed up until the setup is complete would probably also really help. So as said, the interface is fine, but I think the internal mechanism could definitely benefit from being made a bit more robust. From owner-freebsd-advocacy@FreeBSD.ORG Mon Dec 28 18:20:32 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0A6B61065696 for ; Mon, 28 Dec 2009 18:20:32 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id BBB1E8FC24 for ; Mon, 28 Dec 2009 18:20:31 +0000 (UTC) Received: from ds4.des.no (des.no [84.49.246.2]) by smtp.des.no (Postfix) with ESMTP id D94A61FFC25; Mon, 28 Dec 2009 18:20:30 +0000 (UTC) Received: by ds4.des.no (Postfix, from userid 1001) id B0776844A1; Mon, 28 Dec 2009 19:20:30 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Astrodog References: <4B31D6F9.6040608@infracaninophile.co.uk> <200912231450.nBNEoP1q063542@fire.js.berklix.net> <20091225015252.GW2100@over-yonder.net> <2fd864e0912250624s7f51b127r991342baf8487100@mail.gmail.com> Date: Mon, 28 Dec 2009 19:20:30 +0100 In-Reply-To: <2fd864e0912250624s7f51b127r991342baf8487100@mail.gmail.com> (astrodog@gmail.com's message of "Fri, 25 Dec 2009 08:24:25 -0600") Message-ID: <86r5qf0xld.fsf@ds4.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.95 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-advocacy@freebsd.org Subject: Re: why BSDs got no love X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2009 18:20:32 -0000 Astrodog writes: > Basically... if you really want to see this change, I think you're > gonna have to do it yourself. What do you think this is, a collaborative open source project? Furrfu! DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-freebsd-advocacy@FreeBSD.ORG Mon Dec 28 18:48:49 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D01510656C1 for ; Mon, 28 Dec 2009 18:48:49 +0000 (UTC) (envelope-from sdavtaker@gmail.com) Received: from mail-qy0-f176.google.com (mail-qy0-f176.google.com [209.85.221.176]) by mx1.freebsd.org (Postfix) with ESMTP id D862E8FC0C for ; Mon, 28 Dec 2009 18:48:48 +0000 (UTC) Received: by qyk6 with SMTP id 6so4482096qyk.3 for ; Mon, 28 Dec 2009 10:48:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type; bh=VLwWssTjap+we/WZE9k5AZvY1nsMqOJAcuJRsketkQI=; b=T4J6aCk9bKM7Xb2W+arih08sx87JmzpAN8WjCLHwIjSO9K4gci+xfvUqNuDRc1jGbc yYHhwUiS9QvWZDKpJndBe5PJuOPxibzDnodL07u7bX900b6EG3cMbPYiGIIJc42XN2rv befY5DxxYGZJeEyPHp7GBgLQRTqzWJAmID2kI= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=aV/C0aLt897cybHnXMva9uBs16OIQK4HtjGl2Q/2TDoJBzrSKDm2w33+Ct/ef0+k2S 1zsyi3MEwa9E0MeiWHHNw/MwtVdh04ONneobMlQznaEJ7ZwrQtOjiC3hlsHSOh9bN2KO +kQjVJtSNUwfehyXIjBGPDDFXbJFou5uQAOfE= MIME-Version: 1.0 Received: by 10.224.61.148 with SMTP id t20mr7641728qah.253.1262024799227; Mon, 28 Dec 2009 10:26:39 -0800 (PST) In-Reply-To: <001001ca87e7$70b00760$0301a8c0@jim4fb89194d83> References: <75813f040912260730w40e7ebfge72fb0686c455cd9@mail.gmail.com> <001001ca87e7$70b00760$0301a8c0@jim4fb89194d83> Date: Mon, 28 Dec 2009 15:26:38 -0300 Message-ID: From: =?UTF-8?Q?Sd=C3=A4vtaker?= To: Petrus Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-advocacy@freebsd.org Subject: Re: why BSDs got no love X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2009 18:48:49 -0000 it will be nice make sysinstall use the port tree, since a lot of applications in the dvd use to fail the install because dependencies that can be resolved in the ports (as portinstall/portmaster does whena package dependency is not fulfilled). On Mon, Dec 28, 2009 at 14:59, Petrus wrote: > There is absolutely no reason to change the default FreeBSD installer in my >> opinion, when the PC-BSD one will suffice for the 'snazzy' desktop >> installs. >> > > I won't say that sysinstall couldn't benefit from at least *some* > renovation. ;) > > The interface is fine, sure, but what I'm primarily talking about is the > download mechanism. Apparently when certain files get downloaded with it, > they actually get copied in-place during the transfer process, which means > that if you abort it, you can end up with partially digested conf files (my > /etc/passwd got hosed once) all over the place. > > What I'd propose would be caching whatever files the system needs to > download until everything is cached locally, and then installing the lot > after that, rather than doing both downloading and installing/copying in the > same step. That way you can safely abort during the process if you need to. > A scenario where individual files that are to be rewritten, get temporarily > backed up until the setup is complete would probably also really help. > > So as said, the interface is fine, but I think the internal mechanism could > definitely benefit from being made a bit more robust. > _______________________________________________ > freebsd-advocacy@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-advocacy > To unsubscribe, send any mail to "freebsd-advocacy-unsubscribe@freebsd.org > " > -- http://dfbsd.trackbsd.org.ar From owner-freebsd-advocacy@FreeBSD.ORG Tue Dec 29 15:03:03 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4FB641065693 for ; Tue, 29 Dec 2009 15:03:03 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from poseidon.ceid.upatras.gr (poseidon.ceid.upatras.gr [150.140.141.169]) by mx1.freebsd.org (Postfix) with ESMTP id EC61B8FC12 for ; Tue, 29 Dec 2009 15:03:02 +0000 (UTC) Received: from mail.ceid.upatras.gr (unknown [10.1.0.143]) by poseidon.ceid.upatras.gr (Postfix) with ESMTP id 88BFAEB47B5 for ; Tue, 29 Dec 2009 16:38:31 +0200 (EET) Received: from localhost (europa.ceid.upatras.gr [127.0.0.1]) by mail.ceid.upatras.gr (Postfix) with ESMTP id CA4E244FE2 for ; Tue, 29 Dec 2009 16:38:33 +0200 (EET) X-Virus-Scanned: amavisd-new at ceid.upatras.gr Received: from mail.ceid.upatras.gr ([127.0.0.1]) by localhost (europa.ceid.upatras.gr [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L5v4aptESp6L for ; Tue, 29 Dec 2009 16:38:33 +0200 (EET) Received: from kobe.laptop (ppp-94-64-194-143.home.otenet.gr [94.64.194.143]) by mail.ceid.upatras.gr (Postfix) with ESMTP id 9169A44FDF for ; Tue, 29 Dec 2009 16:38:33 +0200 (EET) Received: from kobe.laptop (kobe.laptop [127.0.0.1]) by kobe.laptop (8.14.3/8.14.3) with ESMTP id nBTEcU7m087743 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Tue, 29 Dec 2009 16:38:30 +0200 (EET) (envelope-from keramida@ceid.upatras.gr) Received: (from keramida@localhost) by kobe.laptop (8.14.3/8.14.3/Submit) id nBTEcUHV087738; Tue, 29 Dec 2009 16:38:30 +0200 (EET) (envelope-from keramida@ceid.upatras.gr) From: Giorgos Keramidas To: "FreeBSD\, Advocacy" References: <541b7a870912150733m4bc34148j98790a6142d4521c@mail.gmail.com> <20091223103226.GC26235@guilt.hydra> <20091223235651.GA31167@guilt.hydra> Date: Tue, 29 Dec 2009 16:38:23 +0200 In-Reply-To: <20091223235651.GA31167@guilt.hydra> (Chad Perrin's message of "Wed, 23 Dec 2009 16:56:51 -0700") Message-ID: <87oclhzvz4.fsf@kobe.laptop> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.1.90 (berkeley-unix) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" Subject: Re: why BSDs got no love (and why security gets no love) X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2009 15:03:03 -0000 --=-=-= On Wed, 23 Dec 2009 16:56:51 -0700, Chad Perrin wrote: > Update: > > I confirmed that the scheduled publication date for my article will be > Tuesday the 29th. It's up at http://blogs.techrepublic.com.com/security/?p=2888 --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (FreeBSD) iEYEARECAAYFAks6FGUACgkQ1g+UGjGGA7YkMgCcDKIzLcenZhZ/MjiLvcTbYSm1 j9AAoKLCa6qO7IbjWlkZW9l0PFIsGjHf =1She -----END PGP SIGNATURE----- --=-=-=-- From owner-freebsd-advocacy@FreeBSD.ORG Tue Dec 29 20:52:15 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 430C4106566B for ; Tue, 29 Dec 2009 20:52:15 +0000 (UTC) (envelope-from corky1951@comcast.net) Received: from QMTA01.emeryville.ca.mail.comcast.net (qmta01.emeryville.ca.mail.comcast.net [76.96.30.16]) by mx1.freebsd.org (Postfix) with ESMTP id 28C898FC1D for ; Tue, 29 Dec 2009 20:52:14 +0000 (UTC) Received: from OMTA10.emeryville.ca.mail.comcast.net ([76.96.30.28]) by QMTA01.emeryville.ca.mail.comcast.net with comcast id P4fQ1d0030cQ2SLA18ecHQ; Tue, 29 Dec 2009 20:38:36 +0000 Received: from comcast.net ([98.203.142.76]) by OMTA10.emeryville.ca.mail.comcast.net with comcast id P8f31d0041f6R9u8W8f3vz; Tue, 29 Dec 2009 20:39:05 +0000 Received: by comcast.net (sSMTP sendmail emulation); Tue, 29 Dec 2009 12:39:01 -0800 Date: Tue, 29 Dec 2009 12:39:01 -0800 From: Charlie Kester To: freebsd-advocacy@freebsd.org Message-ID: <20091229203901.GD25393@comcast.net> Mail-Followup-To: freebsd-advocacy@freebsd.org References: <541b7a870912150733m4bc34148j98790a6142d4521c@mail.gmail.com> <20091223103226.GC26235@guilt.hydra> <20091223235651.GA31167@guilt.hydra> <87oclhzvz4.fsf@kobe.laptop> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <87oclhzvz4.fsf@kobe.laptop> X-Mailer: Mutt 1.5.20 X-Composer: VIM 7.2 User-Agent: Mutt/1.5.20 (2009-06-14) Subject: Re: why BSDs got no love (and why security gets no love) X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2009 20:52:15 -0000 On Tue 29 Dec 2009 at 06:38:23 PST Giorgos Keramidas wrote: >On Wed, 23 Dec 2009 16:56:51 -0700, Chad Perrin wrote: >> Update: >> >> I confirmed that the scheduled publication date for my article will be >> Tuesday the 29th. > >It's up at http://blogs.techrepublic.com.com/security/?p=2888 > Well done, Chad! One question, however. Are we prepared to back up the claim that the "sexy" bits of PC-BSD are the least secure? Your argument depends on that claim, since it's also implied in your description of development team's priorities. From owner-freebsd-advocacy@FreeBSD.ORG Tue Dec 29 22:58:57 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1D5811065695 for ; Tue, 29 Dec 2009 22:58:57 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from outbound-mail-22.bluehost.com (outbound-mail-22.bluehost.com [69.89.21.17]) by mx1.freebsd.org (Postfix) with SMTP id DB05C8FC22 for ; Tue, 29 Dec 2009 22:58:56 +0000 (UTC) Received: (qmail 1359 invoked by uid 0); 29 Dec 2009 22:58:56 -0000 Received: from unknown (HELO box543.bluehost.com) (74.220.219.143) by outboundproxy2.bluehost.com with SMTP; 29 Dec 2009 22:58:56 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=apotheon.com; h=Date:From:To:Subject:Message-ID:Mail-Followup-To:References:Mime-Version:Content-Type:Content-Disposition:In-Reply-To:User-Agent:X-Identified-User; b=fY+/MbQU7gbmBwgjPAAT4GJm2l52bYVX8jRgLq7GuZQKeBA1gSMDUAhnCkN6SqSjueyK4fU3N15oeww2DCKgdUjqlPI9I8ZV1Qtd+T1guZvdjMa3C4bUxQsP3qo4rj2H; Received: from c-24-8-180-234.hsd1.co.comcast.net ([24.8.180.234] helo=kukaburra.hydra) by box543.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1NPl1j-0001Rh-32 for freebsd-advocacy@freebsd.org; Tue, 29 Dec 2009 15:58:56 -0700 Received: by kukaburra.hydra (sSMTP sendmail emulation); Tue, 29 Dec 2009 15:51:23 -0700 Date: Tue, 29 Dec 2009 15:51:23 -0700 From: Chad Perrin To: freebsd-advocacy@freebsd.org Message-ID: <20091229225123.GB6542@guilt.hydra> Mail-Followup-To: freebsd-advocacy@freebsd.org References: <541b7a870912150733m4bc34148j98790a6142d4521c@mail.gmail.com> <20091223103226.GC26235@guilt.hydra> <20091223235651.GA31167@guilt.hydra> <87oclhzvz4.fsf@kobe.laptop> <20091229203901.GD25393@comcast.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="b5gNqxB1S1yM7hjW" Content-Disposition: inline In-Reply-To: <20091229203901.GD25393@comcast.net> User-Agent: Mutt/1.4.2.3i X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.org} {sentby:smtp auth 24.8.180.234 authed with ren@apotheon.org} Subject: Re: why BSDs got no love (and why security gets no love) X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2009 22:58:57 -0000 --b5gNqxB1S1yM7hjW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 29, 2009 at 12:39:01PM -0800, Charlie Kester wrote: > On Tue 29 Dec 2009 at 06:38:23 PST Giorgos Keramidas wrote: > >On Wed, 23 Dec 2009 16:56:51 -0700, Chad Perrin =20 > >wrote: > >>Update: > >> > >>I confirmed that the scheduled publication date for my article will be > >>Tuesday the 29th. > > > >It's up at http://blogs.techrepublic.com.com/security/?p=3D2888 > > >=20 > Well done, Chad! Thanks! >=20 > One question, however. Are we prepared to back up the claim that the > "sexy" bits of PC-BSD are the least secure? Your argument depends on > that claim, since it's also implied in your description of development > team's priorities. Define "we". As I'm not a core developer for FreeBSD, nor anyone in a position of official representation of either the OS development project or the Foundation, my statements in the article should not be taken as necessarily indicative of anyone's opinions but my own. The claim about the "sexy" bits of PC-BSD is based on my experience with tarted-up GUIs and "feature-rich" software. It is intended as a generalization rather than a categorical statement of absolute truth. All stuffy pedantry of mine aside, though, if you want to expand on your concerns, I'd be happy to read about them. --=20 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] --b5gNqxB1S1yM7hjW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAks6h+sACgkQ9mn/Pj01uKXGPgCgoPptAn5CMFLPuf0rmaIYK/KO oKcAn2AvA+/R+q3hXxlrmH73RvtSzQo9 =PGWA -----END PGP SIGNATURE----- --b5gNqxB1S1yM7hjW-- From owner-freebsd-advocacy@FreeBSD.ORG Tue Dec 29 23:17:09 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 34A211065679 for ; Tue, 29 Dec 2009 23:17:09 +0000 (UTC) (envelope-from corky1951@comcast.net) Received: from QMTA14.emeryville.ca.mail.comcast.net (qmta14.emeryville.ca.mail.comcast.net [76.96.27.212]) by mx1.freebsd.org (Postfix) with ESMTP id 1A01C8FC21 for ; Tue, 29 Dec 2009 23:17:08 +0000 (UTC) Received: from OMTA12.emeryville.ca.mail.comcast.net ([76.96.30.44]) by QMTA14.emeryville.ca.mail.comcast.net with comcast id PA4s1d0060x6nqcAEBH9RA; Tue, 29 Dec 2009 23:17:09 +0000 Received: from comcast.net ([98.203.142.76]) by OMTA12.emeryville.ca.mail.comcast.net with comcast id PBH71d00D1f6R9u8YBH8VK; Tue, 29 Dec 2009 23:17:09 +0000 Received: by comcast.net (sSMTP sendmail emulation); Tue, 29 Dec 2009 15:17:06 -0800 Date: Tue, 29 Dec 2009 15:17:05 -0800 From: Charlie Kester To: freebsd-advocacy@freebsd.org Message-ID: <20091229231705.GE25393@comcast.net> Mail-Followup-To: freebsd-advocacy@freebsd.org References: <541b7a870912150733m4bc34148j98790a6142d4521c@mail.gmail.com> <20091223103226.GC26235@guilt.hydra> <20091223235651.GA31167@guilt.hydra> <87oclhzvz4.fsf@kobe.laptop> <20091229203901.GD25393@comcast.net> <20091229225123.GB6542@guilt.hydra> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <20091229225123.GB6542@guilt.hydra> X-Mailer: Mutt 1.5.20 X-Composer: VIM 7.2 User-Agent: Mutt/1.5.20 (2009-06-14) Subject: Re: why BSDs got no love (and why security gets no love) X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Dec 2009 23:17:09 -0000 On Tue 29 Dec 2009 at 14:51:23 PST Chad Perrin wrote: >On Tue, Dec 29, 2009 at 12:39:01PM -0800, Charlie Kester wrote: >> >> One question, however. Are we prepared to back up the claim that the >> "sexy" bits of PC-BSD are the least secure? Your argument depends on >> that claim, since it's also implied in your description of development >> team's priorities. > >Define "we". As I'm not a core developer for FreeBSD, nor anyone in a >position of official representation of either the OS development project >or the Foundation, my statements in the article should not be taken as >necessarily indicative of anyone's opinions but my own. I said "we" rather than "you" because I agree with your argument. :) > >The claim about the "sexy" bits of PC-BSD is based on my experience with >tarted-up GUIs and "feature-rich" software. It is intended as a >generalization rather than a categorical statement of absolute truth. > >All stuffy pedantry of mine aside, though, if you want to expand on >your concerns, I'd be happy to read about them. I was wondering if anyone has done a study of reported security holes and if that data supports the assertion that the "sexy" GUI stuff PC-BSD adds was more likely to be involved than the base OS. But even if there hasn't been any such study, I think it would be worthwhile to flesh out your assertion with a few examples of the kind of security problems that arise when the "sexy" stuff is used. As I said above, I think the argument stands or falls on our ability to defend this point. From owner-freebsd-advocacy@FreeBSD.ORG Thu Dec 31 07:27:10 2009 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2862D106566B for ; Thu, 31 Dec 2009 07:27:10 +0000 (UTC) (envelope-from perrin@apotheon.com) Received: from outbound-mail-114.bluehost.com (outbound-mail-114.bluehost.com [69.89.24.4]) by mx1.freebsd.org (Postfix) with SMTP id EBFAE8FC14 for ; Thu, 31 Dec 2009 07:27:09 +0000 (UTC) Received: (qmail 27034 invoked by uid 0); 31 Dec 2009 07:27:09 -0000 Received: from unknown (HELO box543.bluehost.com) (74.220.219.143) by outboundproxy3.bluehost.com with SMTP; 31 Dec 2009 07:27:09 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=apotheon.com; h=Date:From:To:Subject:Message-ID:Mail-Followup-To:References:Mime-Version:Content-Type:Content-Disposition:In-Reply-To:User-Agent:X-Identified-User; b=lNwuocirHAJLXI6KK8sKSRxIc3Ky0PijkCHNM33CRRA5rt9xj7CPmI63j38J+YsxdAfOAJM1noM1xUhEQvrDeyZaunHgJ0SamkEO/z8QvLhj6Mk8nXf8rqAXQCDGJQo/; Received: from c-24-8-180-234.hsd1.co.comcast.net ([24.8.180.234] helo=kukaburra.hydra) by box543.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1NQFR6-0003J2-83 for freebsd-advocacy@freebsd.org; Thu, 31 Dec 2009 00:27:09 -0700 Received: by kukaburra.hydra (sSMTP sendmail emulation); Thu, 31 Dec 2009 00:19:33 -0700 Date: Thu, 31 Dec 2009 00:19:33 -0700 From: Chad Perrin To: freebsd-advocacy@freebsd.org Message-ID: <20091231071933.GB16919@guilt.hydra> Mail-Followup-To: freebsd-advocacy@freebsd.org References: <541b7a870912150733m4bc34148j98790a6142d4521c@mail.gmail.com> <20091223103226.GC26235@guilt.hydra> <20091223235651.GA31167@guilt.hydra> <87oclhzvz4.fsf@kobe.laptop> <20091229203901.GD25393@comcast.net> <20091229225123.GB6542@guilt.hydra> <20091229231705.GE25393@comcast.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="f2QGlHpHGjS2mn6Y" Content-Disposition: inline In-Reply-To: <20091229231705.GE25393@comcast.net> User-Agent: Mutt/1.4.2.3i X-Identified-User: {2737:box543.bluehost.com:apotheon:apotheon.org} {sentby:smtp auth 24.8.180.234 authed with ren@apotheon.org} Subject: Re: why BSDs got no love (and why security gets no love) X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Dec 2009 07:27:10 -0000 --f2QGlHpHGjS2mn6Y Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Dec 29, 2009 at 03:17:05PM -0800, Charlie Kester wrote: > On Tue 29 Dec 2009 at 14:51:23 PST Chad Perrin wrote: > >On Tue, Dec 29, 2009 at 12:39:01PM -0800, Charlie Kester wrote: > >> > >>One question, however. Are we prepared to back up the claim that the > >>"sexy" bits of PC-BSD are the least secure? Your argument depends on > >>that claim, since it's also implied in your description of development > >>team's priorities. > > > >Define "we". As I'm not a core developer for FreeBSD, nor anyone in a > >position of official representation of either the OS development project > >or the Foundation, my statements in the article should not be taken as > >necessarily indicative of anyone's opinions but my own. >=20 > I said "we" rather than "you" because I agree with your argument. :) Ahh, gotcha. Thanks for clarifying. > > > >The claim about the "sexy" bits of PC-BSD is based on my experience with > >tarted-up GUIs and "feature-rich" software. It is intended as a > >generalization rather than a categorical statement of absolute truth. > > > >All stuffy pedantry of mine aside, though, if you want to expand on > >your concerns, I'd be happy to read about them. >=20 > I was wondering if anyone has done a study of reported security holes > and if that data supports the assertion that the "sexy" GUI stuff PC-BSD > adds was more likely to be involved than the base OS. The only studies I know of that even come close to addressing these issues are the studies that show there tends to be a semi-constant rate of bugs per so-many lines of code for software projects within particular subcultures. That being the case, the sheer weight of lines of code involved in KDE (the default GUI of PC-BSD), for instance, implies substantial increase in total number of potentially security-damaging bugs on the system. More to the point, though, kitchen sink style installs also tend to run extra services, redundant server processes, auto-run a bunch of stuff, and so on -- and I don't really feel I personally need a study to tell me that's a recipe for security failure somewhere down the road. I totally understand the desire for some kind of statistical study that supports that claim, though, whether for your own edification or for that of others. >=20 > But even if there hasn't been any such study, I think it would be > worthwhile to flesh out your assertion with a few examples of the kind > of security problems that arise when the "sexy" stuff is used. I don't recall off-hand whether I've written previous articles on that subject. I may write some in the future that address that in more depth. Since that point in particular seemed somewhat outside the scope of the article to try to support in depth, I kinda left it where it lay. Nobody has challenged the point in the discussion thread following the article, last I checked. . . . >=20 > As I said above, I think the argument stands or falls on our ability to > defend this point. Given an obvious need to do so, I'm happy to offer what support I have for the point. You're the only person who has asked, though. --=20 Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ] --f2QGlHpHGjS2mn6Y Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAks8UIUACgkQ9mn/Pj01uKU9FACdGL8M9kkEKwNHhoV+JSU2q+qU obwAn2fA87MsIsLyY4nCNkf4mSVRzVsU =1ukQ -----END PGP SIGNATURE----- --f2QGlHpHGjS2mn6Y--