SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 05:21 AM
| |||
| |||
 Re: OpenBSD 8 year mark "Travis" <pcprecords@att.com> wrote in news:EqC_b.82142$hR.1686063@bgtnsc05-news.ops.worldnet.att.net: > When will it be 8 years with one default security hole? I been > watching it and for over a year and it has not changed. When is the > date if anybody knows? Here was the commit revision 1.380 date: 2002/06/26 14:04:08; author: deraadt; state: Exp; lines: +2 -2 One remote hole in the default install, in nearly 6 years! not too bad... --- index.html 19 May 2002 18:51:09 -0000 1.379 +++ index.html 26 Jun 2002 14:04:08 -0000 1.380 @@ -71,7 +71,7 @@ <a href="art1.html"><img border="0" src="images/puffy31.gif" height=222 width=582 alt="[OpenBSD 3.1]"></a></center> <p> <center><strong><font color="#e00000"> -Five years without a remote hole in the default install!<br> +One remote hole in the default install, in nearly 6 years!<br> </font></strong></center> <p> The OpenBSD project produces a <b>FREE</b>, multi-platform 4.4BSD-based -- Peter Strömberg C2K2 C2K3 ISCCIV02 ISCCIV03      |
|
02-16-2008, 05:21 AM
| |||
| |||
| Re: OpenBSD 8 year mark "Peter Strömberg" <wilfried@spamcop.net> writes: > "Travis" <pcprecords@att.com> wrote in > news:EqC_b.82142$hR.1686063@bgtnsc05-news.ops.worldnet.att.net: > >> When will it be 8 years with one default security hole? I been >> watching it and for over a year and it has not changed. When is the >> date if anybody knows? > > Here was the commit > > revision 1.380 > date: 2002/06/26 14:04:08; author: deraadt; state: Exp; lines: +2 -2 > One remote hole in the default install, in nearly 6 years! > not too bad... hm, AFAIK there was ip6-related DDoS vulnerability in recent kernels, and it applied to default installations too |
|
02-16-2008, 05:21 AM
| |||
| |||
| Re: OpenBSD 8 year mark In article <87d684vnvd.fsf@hector.domek>, Peter Dembinski wrote: > "Peter Strömberg" <wilfried@spamcop.net> writes: > >> "Travis" <pcprecords@att.com> wrote in >> news:EqC_b.82142$hR.1686063@bgtnsc05-news.ops.worldnet.att.net: >> >>> When will it be 8 years with one default security hole? I been >>> watching it and for over a year and it has not changed. When is the >>> date if anybody knows? >> >> Here was the commit >> >> revision 1.380 >> date: 2002/06/26 14:04:08; author: deraadt; state: Exp; lines: +2 -2 >> One remote hole in the default install, in nearly 6 years! >> not too bad... > > hm, AFAIK there was ip6-related DDoS vulnerability in recent kernels, > and it applied to default installations too DDOS is not remote hole. |
|
02-16-2008, 05:21 AM
| |||
| |||
| Re: OpenBSD 8 year mark "Olivier Cherrier" <Olivier.Cherrier@cediti.be> wrote in message news:c1f6cg$i54$1@news.brutele.be... > In article <87d684vnvd.fsf@hector.domek>, Peter Dembinski wrote: > > "Peter Strömberg" <wilfried@spamcop.net> writes: > > > >> "Travis" <pcprecords@att.com> wrote in > >> news:EqC_b.82142$hR.1686063@bgtnsc05-news.ops.worldnet.att.net: > >> > >>> When will it be 8 years with one default security hole? I been > >>> watching it and for over a year and it has not changed. When is the > >>> date if anybody knows? > >> > >> Here was the commit > >> > >> revision 1.380 > >> date: 2002/06/26 14:04:08; author: deraadt; state: Exp; lines: +2 -2 > >> One remote hole in the default install, in nearly 6 years! > >> not too bad... > > > > hm, AFAIK there was ip6-related DDoS vulnerability in recent kernels, > > and it applied to default installations too > > DDOS is not remote hole. ....and it's therefore unimportant. For me the only thing that matters is that people can break into my machine from the Internet. That's impossible with OpenBSD AFAIK  ) |
|
02-16-2008, 05:21 AM
| ||||
| ||||
| Re: OpenBSD 8 year mark On 24/02/2004 5:44 AM, Dr. O wrote: > "Olivier Cherrier" <Olivier.Cherrier@cediti.be> wrote in message > news:c1f6cg$i54$1@news.brutele.be... > >>In article <87d684vnvd.fsf@hector.domek>, Peter Dembinski wrote: >> >>>"Peter Strömberg" <wilfried@spamcop.net> writes: >>> >>> >>>>"Travis" <pcprecords@att.com> wrote in >>>>news:EqC_b.82142$hR.1686063@bgtnsc05-news.ops.worldnet.att.net: >>>> >>>> >>>>>When will it be 8 years with one default security hole? I been >>>>>watching it and for over a year and it has not changed. When is the >>>>>date if anybody knows? >>>> >>>>Here was the commit >>>> >>>>revision 1.380 >>>>date: 2002/06/26 14:04:08; author: deraadt; state: Exp; lines: +2 -2 >>>>One remote hole in the default install, in nearly 6 years! >>>>not too bad... >>> >>>hm, AFAIK there was ip6-related DDoS vulnerability in recent kernels, >>>and it applied to default installations too >> >>DDOS is not remote hole. > > > ...and it's therefore unimportant. For me the only thing that matters is > that people can break into my machine from the Internet. That's impossible > with OpenBSD AFAIK )> Never say impossible. Improbable, maybe. Never impossible. The difference between OBSD and many other similar free operating systems is that OBSD cares about security before they release, and keep security in mind during the entire maintenance lifecycle. Security is not a job you do once and forget. It requires constant reevaluation and review. Doing this is still no guarantee that you have an impossible to subvert system. Bugs are everywhere. Shit happens. And when that shit does happen, one day the OBSD website counter could be reset. A sad day, to be sure, but one we should accept might come. If it does happen, we fix the bug and move on. Assuming that systems are brittle and open to bugs you haven't even dreamed of yet is a position of strength. So is knowing that adding components and subsystems and changing code often adds security problems. This, IMVHO, is the main strength of OBSD. -- cm |
Linear Mode
