OpenSSL forked into LibreSSL

Generic discussions with the emphasis on technology
Post Reply
User avatar
gR!ns
Posts: 500
her blog
Joined: 10 Mar 2012, 09:28
Location: 2nd reality

OpenSSL forked into LibreSSL

Post by gR!ns »

gaoesa
Site Admin
Posts: 1520
Joined: 05 Apr 2010, 15:02
Location: Finland
Contact:

Re: OpenSSL forked into LibreSSL

Post by gaoesa »

Hardware support is usually lagging in BSDs. Otherwise, there are some benefits and some not so great things. Though usually the not so great things are equally present in Linuxes, but just hidden from the users. I'll just name one good thing on BSDs: Jails. There is nothing equivalent to that on Linux distributions.
He hoped and prayed that there wasn't an afterlife. Then he realized there was a contradiction involved here and merely hoped that there wasn't an afterlife.
- Douglas Adams

silEnT development
http://mygamingtalk.com/
User avatar
TheSilencerPL
Posts: 386
Joined: 11 Apr 2010, 00:26
Location: Krakow,, Poland
Contact:

Re: OpenSSL forked into LibreSSL

Post by TheSilencerPL »

A little bit about FreeBSD jails, so that you don't get hurt by it:
http://aboutthebsds.wordpress.com/2013/ ... ty-danger/
Image
"The world is moving so fast these days that the man who says it can't be done is generally interrupted by someone doing it."
-- E. Hubbard
gaoesa
Site Admin
Posts: 1520
Joined: 05 Apr 2010, 15:02
Location: Finland
Contact:

Re: OpenSSL forked into LibreSSL

Post by gaoesa »

Hehe. I see you have been troll baited. That is a well known troll acount. His other posts include claims of known BSD people being convicted serial killers. Apple hand picking BSD developers etc. I didn't read this article because I have read couple in the past already. But you get the idea of how valuable all the information is that from that source.
He hoped and prayed that there wasn't an afterlife. Then he realized there was a contradiction involved here and merely hoped that there wasn't an afterlife.
- Douglas Adams

silEnT development
http://mygamingtalk.com/
gaoesa
Site Admin
Posts: 1520
Joined: 05 Apr 2010, 15:02
Location: Finland
Contact:

Re: OpenSSL forked into LibreSSL

Post by gaoesa »

Ok. I had a little time so I skimmed over what he has written this time. First of all I will attach to the chroot thing. He has the history wrong. Here is a better reference for it http://en.wikipedia.org/wiki/Chroot. Now, he is correct that chroot has long history of vulnerabilities and it is not only tedious to create, but also there are several security considerations http://www.unixwiz.net/techtips/chroot-practices.html. However, he seems to have the usual Linux misconception that a jail and a chroot is the same thing. They are not the same thing. Jails are practically virtual machines that have read only access to kernel services in their own sandboxes. Without any extra overhead that comes from other virtualization techniques. The limitation is of course, that you can't run just any OS in the jails. But they are useful for separating public services from the whole system with the added benefit that setting them up is a lot easier than chrooting. Most of the time you can't even properly chroot programs in any *nix OS because of all the dependencies. Let alone allowing some users to a chroot and thinking they wouldn't break out.

In terms of security, I would place FreeBSD in the middle of Linux and OpenBSD. The Linux people don't always put too much effort to secure their stuff or even supplying the users the program versions with the latest exploit fixes. Maybe not exactly relevant but I'll reference this anyway in here: http://article.gmane.org/gmane.linux.kernel/706950. The OpenBSD is most likely the most secure operating system just as it claims. It's also not necessarily as hard to use as the reputation claims. However, they don't make any compromises for the sake of convenience. FreeBSD does have a good security track, but they also do make compromises and apparently they are a little bit on the dark side when it comes to security announcements from the OpenBSD people.

So take your pick, for maximum security take OpenBSD, for maximum (*nix) convenience with less focus on security, take Linux. If neither one especially appeals to you, pick FreeBSD.

Bottom line is that most of the time the technical stuff (everything else is just weird) this guy writes is the opposite to the truth. FreeBSD is certainly not the greatest thing out there, but not a bad one either.
He hoped and prayed that there wasn't an afterlife. Then he realized there was a contradiction involved here and merely hoped that there wasn't an afterlife.
- Douglas Adams

silEnT development
http://mygamingtalk.com/
gaoesa
Site Admin
Posts: 1520
Joined: 05 Apr 2010, 15:02
Location: Finland
Contact:

Re: OpenSSL forked into LibreSSL

Post by gaoesa »

Some background for the LibreSSL fork
http://www.tedunangst.com/flak/post/origins-of-libressl
He hoped and prayed that there wasn't an afterlife. Then he realized there was a contradiction involved here and merely hoped that there wasn't an afterlife.
- Douglas Adams

silEnT development
http://mygamingtalk.com/
Post Reply