Date: Sat, 2 Jun 2007 23:52:43 -0600 From: Chad Perrin <perrin@apotheon.com> To: freebsd-questions@freebsd.org Subject: Re: BSD derivatives Message-ID: <20070603055243.GB63366@demeter.hydra> In-Reply-To: <20070603043301.28d9bef2@localhost> References: <4661FAC9.9010806@transpacific.net> <20070602201740.202e768a.wmoran@potentialtech.com> <46621503.5030303@freebsd.org> <20070603043301.28d9bef2@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 03, 2007 at 04:33:01AM +0200, Jona Joachim wrote: > On Sat, 02 Jun 2007 18:10:27 -0700 > Colin Percival <cperciva@freebsd.org> wrote: > > > Bill Moran wrote: > > > OpenBSD puts security higher on its list of project goals and > > > motivating factors than any other OS I know. > > > > I disagree. I'd say that OpenBSD and FreeBSD put security in exactly > > the same place -- at the top of the list. > > Sorry but I have to disagree here. > FreeBSD ships with closed source software including following drivers: > ath, nve, oltr, rr232x, hptmv. > Closed source software implies potential insecurity. If security is at > the top of the list then I see a clear contradiction here. More accurately, I'd say that the closed source drivers only imply priorities contradictory to security if they're installed and active in default configuration. If it's just a binary lump that never executes, on the other hand, or is on a server or CD somewhere waiting to be installed if you want it, that doesn't imply insecurity in the system -- only in the configuration of a system where someone chooses to use the closed source software. Hopefully that made some sense. While I tend to agree with the OpenBSD approach to closed source software in general, I don't think that specifically making it effectively impossible to use without rewriting key parts of the OS yourself is a security-oriented decision. Security involves not using closed source software, not telling everyone else that they can't use it either. I'm not saying that's what the OpenBSD project does. I'm just saying that, for instance, the availability of the ath driver contradicts a claim that security is a top priority of the FreeBSD project. Only if it was installed and operational by default would that really be the case. Obviously, I'm assuming it's not installed by default. From what I've read so far, it's not -- please correct me if I'm wrong. -- CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] Amazon.com interview candidate: "When C++ is your hammer, everything starts to look like your thumb."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070603055243.GB63366>