Somewhat serious BSD discussion

nice damage control, BSD shill

I'll try it out. Maybe I'll install it on my laptop if it's comfy enough. I need to use something with less distractions.

If it's a Thinkpad you could try OpenBSD, as most developers use one. Should work well out of the box. Try the IRC channels if you run into problems.

...

Some new TP don't even work with Linux.

...

You could ask in the mailinglist or IRC (#openbsd on Freenode, usually pretty responsive and a lot of developers are in there too) about the specific model

OpenBSD "developers" just take GPL code, remove the license and slap their own on it. All for the freedom to serve their corporate masters.

slashdot.org/story/07/04/07/1618239/gpl-code-found-in-openbsd-wireless-driver

OpenBSD is full of pretentious idiots.

Shoo-shoo, Satan.
boards.4chan.org/g/thread/65180597/is-this-the-closest-to-real-unix#p65180666

Attached: 666.png (953x764, 108.6K)

...

I'm read-only though. Can't into recaptcha.

This was enough for me to stop considering BSD family as a viable choice for production and home environment.
whonix.org/wiki/FAQ#Why_isn.27t_OpenBSD_Used.3F
whonix.org/wiki/FAQ#Why_isn.27t_FreeBSD_Used.3F

Protip newfag, the only difference between these two is license. Since I'm sure you and other newfags don't understand I will explain.
GCC and Clang are both the exact same gigantic tumors of c++ cancer. They are both on a race to the bottom in terms of generated binary safety and quality. They have little to no care about doing things the right way they only care about who benchmarks faster. Since this a BSD thread we will use OpenBSD as an example. Lets navigate to the source tree (/usr/src), now lets look and see what folder contains GCC and Clang. Thats right! Its the gnu folder. What does gnu stand for in OpenBSD land? Gigantic Nasty Unavoidable! If you don't agree with this try timing the build time of clang and modern gcc. Then compile gcc 2,3, or 4.2.4, and witness that it is multiple orders of magnitude faster than clang and modern gcc. Next you might question why OpenBSD deems them unavoidable. The only thing in OpenBSD base that requires a c++ compiler is in fact the compilers themselves no? Well this is true unfortunately c++ has weaseled itself in almost everywhere else. If OpenBSD wasn't to include it then many people would have to install one immediately afterwords and as far as I am aware these modern compilers can't even bootstrap themselves from a purely C compiler. Bjarne Stroustrup was a mistake

This is incorrect. Simplicity and Correctness are the governing features for OpenBSD. As it turns out security is tangential to these things, however it is not the main focus of OBSD.
See above, it was removed because it was too complex. Security could have been fixed.
Otherwise I think the rest of the post is not bad.

parallel*

Noted. Probably made other mistakes along the way - the comparison isn't really complete. I asked for input on those points, but there was only so much response

Simpler and less code makes it also more secure. Nobody was using Linux compat feature, so it got removed. It's the same reason code for DOS and other ancient platforms got removed from LibreSSL. Useless clutter is a distraction (waste of time) at best. Besides, nowadays it's more common to run stuff in a VM than depend on these flakey compat layers that nobody is interested in maintaining. Or did you submit any patches?

I see a lot of FreeBSD vs OpenBSD posting, but never much for NetBSD. I know it is primarily of interest for old hardware and the like, but has anyone here tried it on some things remotely modern (or at all really). How is it? Why would you use it over one of the other two?

You just re-worded and expanded upon what I said.
Obviously not, I wasn't using it either. I stated it was removed because it was too complex, which along with being irrelevant is exactly why it was removed. If it was relevant then any security holes could have been fixed. You mentioned a prime example of this with libressl.

My main issue with NetBSD is that some of their dev's don't realize when reported security vulnerabilities are in fact vulnerabilities. See the Illja Sprundel talk that gets posted for examples of this. I do love seeing all the classic hardware that the Japanese NetBSD users rice out with weebshit. I personally really want a luna68k or luna88k, but would likely use the openbsd port instead.

I installed OpenBSD on my laptop the other day.
Things are more or less the same as in Linux, but different enough to be confusing. Good mans help a lot though.
Had some problems with wifi it was access point's fault (I configured it for packets to be too short), though no other device complained about it.
Now I struggle to make jabber work. My server only supports SSL and uses self-signed certificate, but mcabber shits its pants when I turn TLS off, and doesn't really tell me what's wrong.
Maybe I should use this as an opportunity to try other clients, though there aren't many.

Outside of that, for a system commited to having sane defaults, it ships with some ugly fvwm config.

I want sucklessBSD now.

6 to 12 at any time
openbsd.org/security.html

This is definitely a problem for whonix, but isn't a problem for most people, overall this is a valid criticism.

OpenBSD website is HTTPS, all websites were previously HTTP...

Libtard/commie logic. Whoever wrote that page, and (you) should gas yourselves if you actually think a static site needs https. In current_year all their release sets are signed, and previously you could verify your set based on the pictures of the cds that were all always posted all over the mailing list. Of course you always could have cloned the source from cvs and built it yourself. Not that I should take anything they say seriously when they unironically claim that there are only 17 people using the OS.

If you do not use https on your site, you are making your users susceptible to MiTM attacks when they visit it. This means an attacker can add advertisements, add username / password fields, add donate buttons, or plain redirect to another compromised server.

While I agree with this theoretical issue, https in its current state is not the solution. Navigate to openbsd.org and tell me who issued the certificate. It certianly wasn't theo or any member of the openbsd foundation. How can you expect anyone to trust an unrelated third party anymore than you can trust a static http site. In fact this is exactly the same issue you are pointing out with serving an unencrypted site.
sage because off topic.

>>NetBSD plans for 2018: netbsd.org/gallery/presentations/mef/PDF/NetBSD-2018-AsiaBSDCon.pdf

Attached: nice.gif (235x240, 1.93M)

I agree with you that the whole certificate system is inherently flawed and can easily be abused due to the human element it involves.
While you could pull off the same attack by being able to sign certs. The attack for http is going to be much more common than the one for https, so at this current point in time you should be using https at all times instead of http.

That's a bit too late.

Attached: blacked.jpg (590x390, 46.16K)

Why is it that NetBSD is more popular in Japan compared to other the ratio NetBSD has to the other BSD's elsewhere? Or do I just have overexposure to that side of it?

This is just me guessing, but there was a time when their commits for FreeBSD were being rejected. Another reason could be that they like the support for exotic architectures.

I actually tried to use linux-compat many years ago. It was weird, because Opera worked (sometimes even without crashing), but DoomRL (the Linux ncurses version without sound) just outright crashed. Then again, another roguelike (ADOM) must have worked fine because it was in ports for a long time. I never tried that Linux one, but I grabbed the old DOS version for playing in dosbox someday. And I think that's a better and simpler way to go. Dosbox is fairly stable and runs tons of stuff, all without needing an entire set of Linux libraries and other crap.

Attached: ancient-domains-of-mystery_1.png (640x400, 7.01K)

Why don't you just get a common m68k machine like old Mac, Amiga, or Atari? 88k is pretty rare and maybe even harder to find than DEC alpha system.

Attached: spaceman-greylord.gif (530x505, 8.02K)

user in the other thread said
I guess one could always try it out in a VM. I should do that myself tbh, never tried it before.

We have an ancient MacBook (late 2006 I think) with a CoreDuo processor lying around here - maybe I can give it a new life with NetBSD.

The initial reaction was good. I guess they realize their mistake now, as the talk is well known.

Attached: 41wA7ZLTgiL.jpg (500x500, 31.53K)

The Japanese are Brand-fags, in that they'll prefer a Commercial offering over a public-domain/folk product. In the context of computers, that meant they were preferring Solaris/IBM-Linux for their IT servers, so FreeBSD wasn't a thing. FreeBSD didn't put much effort into their non-English markets, either.

Japan did however have an established Academic 4.x BSD scene. Sony even had a successful line of 4.3 BSD UNIX Workstations (en.wikipedia.org/wiki/Sony_NEWS) that borrowed from their homegrown talent (and went on as the core technology of the Playstation 1, 2, etc.) The Academics, who by then were big into IPv6 research, made NetBSD their platform of choice, and the disproportionally big NetBSD hacker community is due to the community those guys fostered.

won't let me dump images without a comment

Attached: 201211_aizu.jpg (640x400 73.46 KB, 62.37K)

Attached: BSSvoMkCEAIUFyz.jpg:large.jpg (640x480 231.82 KB, 62.3K)

-. . -- -... ... -..

Attached: 735770370.jpg (600x600 50.85 KB, 136.99K)

Does... this make NetBSD a Christmasu-cake?

Attached: BW0F3-rCYAAMfwP.jpg:large.jpg (600x400 40.7 KB, 582.39K)

What is the point of the whole certificate system anyways? I never understood the need for them.

Part of the fun is finding one. Its more of one of those things that I can look off in the future and think about finding. For something more attainable I would like to get a sparcstation. There are probably a lot more useful things I can do with one of them instead of a luna. Plus I already have an m68k Sega Genesis.

I'm not so sure about that. In some places they definitely are(non-binary true/false) but in others they have loads of legacy cruft from trying to support every single architecture ever thought up.

I found the episode of bsdnow where they talk about it. Hopefully your gookenglish is up to par: youtu.be/uvplmGGAPvU?t=37m

How is it to late? There are still tons of G5s out. If you want to get in to PPC they are a good value.

Attached: IMG_7162.JPG (1022x765 217.84 KB, 863.06K)

The point is to be able to pair a person or company that exists with a pubic key they have. This is unlike the way ssh works and more like the way code signing works in the Windows world.
When you first make a connection over ssh, you'll get a message saying what the server's public key is and whether you trust it. If you accept it, your client will remember it for further connections. If an attacker were to MiTM the first connection to your ssh server they could give you the public key of a reverse proxy which they log what you type. In this scheme, cryptography ensures that the person you are communicating to is the only person to be able to send or receive cleartext messages, but not to verify who the person you are talking to is.
Code signing on the other hand, like certificates for HTTPS are given to people / companies. This allows you to theoretically verify who you are talking to and not just ensuring that the person you are talking to is the only person you are communicating to.

Thanks for that (NetBSD in JP); it was interesting.

You forgot the superior DragonFly BSD

I've never used it. You are welcome to fill out the blanks though:

Attached: IMG_0880.jpg (800x600, 143.86K)

I'm installing NetBSD on an old Macbook CoreDuo, but I currently can't progress much further, since my internet provider can't solve their problems with the cables here - or something.

Having basic experience with all three now: It definitely feels more "hands-on" than the other two main BSDs. You have to configure more to get to a basic usable setup, I feel. But the hardware actually worked out of the box - touchpad works, keyboard works, X server works without configuration. I wonder what problems I would run into with this old laptop on the other BSDs. Someone even wrote a driver for the touchpad for this one (contains more features like synaptics, basically). One thing that is purposefully not configured is the lid open/close suspending. It relies on scripts that execute on the corresponding action (lid, sleep button, power button, AC adapter connected, runs on battery..) - which seems like a sensible thing to do. The brightness buttons don't work yet and the lid close script can't seem to bring the brightness back up - haven't really looked into it yet. Not bad so far. The base system seems pretty minimal, but it still includes the apm daemon, which was deprecated in favor of powerd and acpi support? Probably included in case you can't get acpi to work. All in all not bad, so far.

The curses installer interface is pretty easy to use, you can always break out into a shell to do whatever you need to do. It recognized the Macbooks network interfaces out of the box, which made life easier for me. Easier to install than OpenBSD, I'd say. Configuration is a different matter.

I'm not that impressed with the mirrors though - most of the European ones seem to bet somewhat abandoned: some of them outright won't respond, some don't contain packages for the current version or pull the "forbidden" card on you, if you wan't to access the directories you need. The main server is laughably slow for me - 6 KB/s and varying. Eventually I found some servers that work for me, but I didn't expect to invest time into that. The package (pkgin) and source building (pkgsrc) basically just works - non configurable builds, but good. Nothing else to complain about there.

XFCE4 isn't in the 7.1.2 packages, but can be compiled from source, I think. I'm thinking about giving LXDE (package) or ye olde CDE (have to compile yourself, but there's a guide for NetBSD) out. Has anyone here used them? What's the desktop of choice for most NetBSD users, if there is something like that?

According to their IRC channel they don't have an address to send dmesg output to, like OpenBSD does. Some articles on their Wiki are old, laptop page doesn't seem very updated, but the Wiki itself and the guide seem good, all in all. IRC channel is friendly and ready to help out.

Since I have no internet at the moment I can't install the stuff I want to try out, but I'm looking forward to it.

Attached: DXsz-O_VoAAqWoA.jpg (806x1200, 103.5K)

lack of TLS allows false signatures to be delivered

They are also very accepting when it comes to people helping out with documentation. Submit a documentation or article update to them and if its good they will publish it.I have found they are not as cliquey as other projects and any developer can update the wiki.

Not how it works lad. You are expected to trust your initial release. It contains the keys for the next release. After that you have a chain established and no longer need to worry about the website. Though the mirrors containing the releases are mostly https so I'm not sure how that relates to the main site being unencrypted.
Personally I already have a trusted install with a cloned src repo so I can cut any release I need for other machines myself and never have to go through the mirrors signed by unknown trusted (((third-parties))) ever again. If you are a newfag I have no idea how you are supposed to obtain a trusted release, maybe from a personal friend, but we don't care about new users so figure it out yourself.
More info on release signing can be found here: openbsd.org/papers/bsdcan-signify.html

I used to use FBSD and OBSD variably last year. I liked it, but I needed Linux for what I do. How easy is it for me to cross compile packages, though? The software I'm thinking of is some client side stuff that interfaces with a server. Can't be too hard, right?

Maybe if Talos II comes out in my lifetime I consider developing for PPC, but I don't want to get my hopes up.
G5 is a great machine, but loud and a powerhog.

Attached: f2a875bc008c6860b9acf2855b9e3277db266be82b9c1e196f927be377800c0d.jpg (500x725, 49.01K)

we both understand this is the problem
yet you do not provide a sufficient solution
thanks for trying

What text editor does Theo use? I'm curious.

sublime

You order an official OpenBSD CD.
You go to a hackathon or other event where you can meet developers or other well-known/trusted people, and get a copy from them.
At some point you have to trust something or someone, unless you're going to go straight to Theo's house and download code from his master server that's kept offline.
If you don't want to go through all that trouble or even pay for a CD, you can download different releases at different times and places, and cross-check. Get 2, 3, 5, a dozen this way, or whatever it takes. If one of them doesn't match, then something is up. But that's also a lot of work and trouble to go through. If you're just lazy, you'll just give up and state that it's impossible.

Yeah, all of it seems like the hurdles to take part aren't as high. They also have a projects list on the wiki, probably very inviting to people that have the ability.

I was already thinking about sending them a mail once I've got everything to work.

Attached: 33409621_3b9078d8fb_z.jpg (500x375, 60.34K)