Somewhat serious BSD discussion

nice damage control, BSD shill

I'll try it out. Maybe I'll install it on my laptop if it's comfy enough. I need to use something with less distractions.

If it's a Thinkpad you could try OpenBSD, as most developers use one. Should work well out of the box. Try the IRC channels if you run into problems.

...

Some new TP don't even work with Linux.

...

You could ask in the mailinglist or IRC (#openbsd on Freenode, usually pretty responsive and a lot of developers are in there too) about the specific model

OpenBSD "developers" just take GPL code, remove the license and slap their own on it. All for the freedom to serve their corporate masters.

slashdot.org/story/07/04/07/1618239/gpl-code-found-in-openbsd-wireless-driver

OpenBSD is full of pretentious idiots.

Shoo-shoo, Satan.
boards.4chan.org/g/thread/65180597/is-this-the-closest-to-real-unix#p65180666

Attached: 666.png (953x764, 108.6K)

...

I'm read-only though. Can't into recaptcha.

This was enough for me to stop considering BSD family as a viable choice for production and home environment.
whonix.org/wiki/FAQ#Why_isn.27t_OpenBSD_Used.3F
whonix.org/wiki/FAQ#Why_isn.27t_FreeBSD_Used.3F

Protip newfag, the only difference between these two is license. Since I'm sure you and other newfags don't understand I will explain.
GCC and Clang are both the exact same gigantic tumors of c++ cancer. They are both on a race to the bottom in terms of generated binary safety and quality. They have little to no care about doing things the right way they only care about who benchmarks faster. Since this a BSD thread we will use OpenBSD as an example. Lets navigate to the source tree (/usr/src), now lets look and see what folder contains GCC and Clang. Thats right! Its the gnu folder. What does gnu stand for in OpenBSD land? Gigantic Nasty Unavoidable! If you don't agree with this try timing the build time of clang and modern gcc. Then compile gcc 2,3, or 4.2.4, and witness that it is multiple orders of magnitude faster than clang and modern gcc. Next you might question why OpenBSD deems them unavoidable. The only thing in OpenBSD base that requires a c++ compiler is in fact the compilers themselves no? Well this is true unfortunately c++ has weaseled itself in almost everywhere else. If OpenBSD wasn't to include it then many people would have to install one immediately afterwords and as far as I am aware these modern compilers can't even bootstrap themselves from a purely C compiler. Bjarne Stroustrup was a mistake

This is incorrect. Simplicity and Correctness are the governing features for OpenBSD. As it turns out security is tangential to these things, however it is not the main focus of OBSD.
See above, it was removed because it was too complex. Security could have been fixed.
Otherwise I think the rest of the post is not bad.

parallel*

Noted. Probably made other mistakes along the way - the comparison isn't really complete. I asked for input on those points, but there was only so much response

Simpler and less code makes it also more secure. Nobody was using Linux compat feature, so it got removed. It's the same reason code for DOS and other ancient platforms got removed from LibreSSL. Useless clutter is a distraction (waste of time) at best. Besides, nowadays it's more common to run stuff in a VM than depend on these flakey compat layers that nobody is interested in maintaining. Or did you submit any patches?

I see a lot of FreeBSD vs OpenBSD posting, but never much for NetBSD. I know it is primarily of interest for old hardware and the like, but has anyone here tried it on some things remotely modern (or at all really). How is it? Why would you use it over one of the other two?

You just re-worded and expanded upon what I said.
Obviously not, I wasn't using it either. I stated it was removed because it was too complex, which along with being irrelevant is exactly why it was removed. If it was relevant then any security holes could have been fixed. You mentioned a prime example of this with libressl.

My main issue with NetBSD is that some of their dev's don't realize when reported security vulnerabilities are in fact vulnerabilities. See the Illja Sprundel talk that gets posted for examples of this. I do love seeing all the classic hardware that the Japanese NetBSD users rice out with weebshit. I personally really want a luna68k or luna88k, but would likely use the openbsd port instead.

I installed OpenBSD on my laptop the other day.
Things are more or less the same as in Linux, but different enough to be confusing. Good mans help a lot though.
Had some problems with wifi it was access point's fault (I configured it for packets to be too short), though no other device complained about it.
Now I struggle to make jabber work. My server only supports SSL and uses self-signed certificate, but mcabber shits its pants when I turn TLS off, and doesn't really tell me what's wrong.
Maybe I should use this as an opportunity to try other clients, though there aren't many.

Outside of that, for a system commited to having sane defaults, it ships with some ugly fvwm config.

I want sucklessBSD now.

6 to 12 at any time
openbsd.org/security.html

This is definitely a problem for whonix, but isn't a problem for most people, overall this is a valid criticism.

OpenBSD website is HTTPS, all websites were previously HTTP...

Libtard/commie logic. Whoever wrote that page, and (you) should gas yourselves if you actually think a static site needs https. In current_year all their release sets are signed, and previously you could verify your set based on the pictures of the cds that were all always posted all over the mailing list. Of course you always could have cloned the source from cvs and built it yourself. Not that I should take anything they say seriously when they unironically claim that there are only 17 people using the OS.

If you do not use https on your site, you are making your users susceptible to MiTM attacks when they visit it. This means an attacker can add advertisements, add username / password fields, add donate buttons, or plain redirect to another compromised server.

While I agree with this theoretical issue, https in its current state is not the solution. Navigate to openbsd.org and tell me who issued the certificate. It certianly wasn't theo or any member of the openbsd foundation. How can you expect anyone to trust an unrelated third party anymore than you can trust a static http site. In fact this is exactly the same issue you are pointing out with serving an unencrypted site.
sage because off topic.

>>NetBSD plans for 2018: netbsd.org/gallery/presentations/mef/PDF/NetBSD-2018-AsiaBSDCon.pdf

Attached: nice.gif (235x240, 1.93M)

I agree with you that the whole certificate system is inherently flawed and can easily be abused due to the human element it involves.
While you could pull off the same attack by being able to sign certs. The attack for http is going to be much more common than the one for https, so at this current point in time you should be using https at all times instead of http.

That's a bit too late.

Attached: blacked.jpg (590x390, 46.16K)

Why is it that NetBSD is more popular in Japan compared to other the ratio NetBSD has to the other BSD's elsewhere? Or do I just have overexposure to that side of it?

This is just me guessing, but there was a time when their commits for FreeBSD were being rejected. Another reason could be that they like the support for exotic architectures.

I actually tried to use linux-compat many years ago. It was weird, because Opera worked (sometimes even without crashing), but DoomRL (the Linux ncurses version without sound) just outright crashed. Then again, another roguelike (ADOM) must have worked fine because it was in ports for a long time. I never tried that Linux one, but I grabbed the old DOS version for playing in dosbox someday. And I think that's a better and simpler way to go. Dosbox is fairly stable and runs tons of stuff, all without needing an entire set of Linux libraries and other crap.

Attached: ancient-domains-of-mystery_1.png (640x400, 7.01K)

Why don't you just get a common m68k machine like old Mac, Amiga, or Atari? 88k is pretty rare and maybe even harder to find than DEC alpha system.

Attached: spaceman-greylord.gif (530x505, 8.02K)

user in the other thread said
I guess one could always try it out in a VM. I should do that myself tbh, never tried it before.

We have an ancient MacBook (late 2006 I think) with a CoreDuo processor lying around here - maybe I can give it a new life with NetBSD.

The initial reaction was good. I guess they realize their mistake now, as the talk is well known.

Attached: 41wA7ZLTgiL.jpg (500x500, 31.53K)

The Japanese are Brand-fags, in that they'll prefer a Commercial offering over a public-domain/folk product. In the context of computers, that meant they were preferring Solaris/IBM-Linux for their IT servers, so FreeBSD wasn't a thing. FreeBSD didn't put much effort into their non-English markets, either.

Japan did however have an established Academic 4.x BSD scene. Sony even had a successful line of 4.3 BSD UNIX Workstations (en.wikipedia.org/wiki/Sony_NEWS) that borrowed from their homegrown talent (and went on as the core technology of the Playstation 1, 2, etc.) The Academics, who by then were big into IPv6 research, made NetBSD their platform of choice, and the disproportionally big NetBSD hacker community is due to the community those guys fostered.

won't let me dump images without a comment

Attached: 201211_aizu.jpg (640x400 73.46 KB, 62.37K)

Attached: BSSvoMkCEAIUFyz.jpg:large.jpg (640x480 231.82 KB, 62.3K)

-. . -- -... ... -..

Attached: 735770370.jpg (600x600 50.85 KB, 136.99K)

Does... this make NetBSD a Christmasu-cake?

Attached: BW0F3-rCYAAMfwP.jpg:large.jpg (600x400 40.7 KB, 582.39K)

What is the point of the whole certificate system anyways? I never understood the need for them.

Part of the fun is finding one. Its more of one of those things that I can look off in the future and think about finding. For something more attainable I would like to get a sparcstation. There are probably a lot more useful things I can do with one of them instead of a luna. Plus I already have an m68k Sega Genesis.

I'm not so sure about that. In some places they definitely are(non-binary true/false) but in others they have loads of legacy cruft from trying to support every single architecture ever thought up.

I found the episode of bsdnow where they talk about it. Hopefully your gookenglish is up to par: youtu.be/uvplmGGAPvU?t=37m

How is it to late? There are still tons of G5s out. If you want to get in to PPC they are a good value.

Attached: IMG_7162.JPG (1022x765 217.84 KB, 863.06K)

The point is to be able to pair a person or company that exists with a pubic key they have. This is unlike the way ssh works and more like the way code signing works in the Windows world.
When you first make a connection over ssh, you'll get a message saying what the server's public key is and whether you trust it. If you accept it, your client will remember it for further connections. If an attacker were to MiTM the first connection to your ssh server they could give you the public key of a reverse proxy which they log what you type. In this scheme, cryptography ensures that the person you are communicating to is the only person to be able to send or receive cleartext messages, but not to verify who the person you are talking to is.
Code signing on the other hand, like certificates for HTTPS are given to people / companies. This allows you to theoretically verify who you are talking to and not just ensuring that the person you are talking to is the only person you are communicating to.

Thanks for that (NetBSD in JP); it was interesting.

You forgot the superior DragonFly BSD

I've never used it. You are welcome to fill out the blanks though:

Attached: IMG_0880.jpg (800x600, 143.86K)

I'm installing NetBSD on an old Macbook CoreDuo, but I currently can't progress much further, since my internet provider can't solve their problems with the cables here - or something.

Having basic experience with all three now: It definitely feels more "hands-on" than the other two main BSDs. You have to configure more to get to a basic usable setup, I feel. But the hardware actually worked out of the box - touchpad works, keyboard works, X server works without configuration. I wonder what problems I would run into with this old laptop on the other BSDs. Someone even wrote a driver for the touchpad for this one (contains more features like synaptics, basically). One thing that is purposefully not configured is the lid open/close suspending. It relies on scripts that execute on the corresponding action (lid, sleep button, power button, AC adapter connected, runs on battery..) - which seems like a sensible thing to do. The brightness buttons don't work yet and the lid close script can't seem to bring the brightness back up - haven't really looked into it yet. Not bad so far. The base system seems pretty minimal, but it still includes the apm daemon, which was deprecated in favor of powerd and acpi support? Probably included in case you can't get acpi to work. All in all not bad, so far.

The curses installer interface is pretty easy to use, you can always break out into a shell to do whatever you need to do. It recognized the Macbooks network interfaces out of the box, which made life easier for me. Easier to install than OpenBSD, I'd say. Configuration is a different matter.

I'm not that impressed with the mirrors though - most of the European ones seem to bet somewhat abandoned: some of them outright won't respond, some don't contain packages for the current version or pull the "forbidden" card on you, if you wan't to access the directories you need. The main server is laughably slow for me - 6 KB/s and varying. Eventually I found some servers that work for me, but I didn't expect to invest time into that. The package (pkgin) and source building (pkgsrc) basically just works - non configurable builds, but good. Nothing else to complain about there.

XFCE4 isn't in the 7.1.2 packages, but can be compiled from source, I think. I'm thinking about giving LXDE (package) or ye olde CDE (have to compile yourself, but there's a guide for NetBSD) out. Has anyone here used them? What's the desktop of choice for most NetBSD users, if there is something like that?

According to their IRC channel they don't have an address to send dmesg output to, like OpenBSD does. Some articles on their Wiki are old, laptop page doesn't seem very updated, but the Wiki itself and the guide seem good, all in all. IRC channel is friendly and ready to help out.

Since I have no internet at the moment I can't install the stuff I want to try out, but I'm looking forward to it.

Attached: DXsz-O_VoAAqWoA.jpg (806x1200, 103.5K)

lack of TLS allows false signatures to be delivered

They are also very accepting when it comes to people helping out with documentation. Submit a documentation or article update to them and if its good they will publish it.I have found they are not as cliquey as other projects and any developer can update the wiki.

Not how it works lad. You are expected to trust your initial release. It contains the keys for the next release. After that you have a chain established and no longer need to worry about the website. Though the mirrors containing the releases are mostly https so I'm not sure how that relates to the main site being unencrypted.
Personally I already have a trusted install with a cloned src repo so I can cut any release I need for other machines myself and never have to go through the mirrors signed by unknown trusted (((third-parties))) ever again. If you are a newfag I have no idea how you are supposed to obtain a trusted release, maybe from a personal friend, but we don't care about new users so figure it out yourself.
More info on release signing can be found here: openbsd.org/papers/bsdcan-signify.html

I used to use FBSD and OBSD variably last year. I liked it, but I needed Linux for what I do. How easy is it for me to cross compile packages, though? The software I'm thinking of is some client side stuff that interfaces with a server. Can't be too hard, right?

Maybe if Talos II comes out in my lifetime I consider developing for PPC, but I don't want to get my hopes up.
G5 is a great machine, but loud and a powerhog.

Attached: f2a875bc008c6860b9acf2855b9e3277db266be82b9c1e196f927be377800c0d.jpg (500x725, 49.01K)

we both understand this is the problem
yet you do not provide a sufficient solution
thanks for trying

What text editor does Theo use? I'm curious.

sublime

You order an official OpenBSD CD.
You go to a hackathon or other event where you can meet developers or other well-known/trusted people, and get a copy from them.
At some point you have to trust something or someone, unless you're going to go straight to Theo's house and download code from his master server that's kept offline.
If you don't want to go through all that trouble or even pay for a CD, you can download different releases at different times and places, and cross-check. Get 2, 3, 5, a dozen this way, or whatever it takes. If one of them doesn't match, then something is up. But that's also a lot of work and trouble to go through. If you're just lazy, you'll just give up and state that it's impossible.

Yeah, all of it seems like the hurdles to take part aren't as high. They also have a projects list on the wiki, probably very inviting to people that have the ability.

I was already thinking about sending them a mail once I've got everything to work.

Attached: 33409621_3b9078d8fb_z.jpg (500x375, 60.34K)

mode action { # Halt the system when button 0 (left) is pressed. # button_0_down = "shutdown -h now"; # Reboot the system when button 2 (right) is pressed. # button_2_down = "shutdown -r now";}

The uatp driver provides support for the USB trackpads found in Apple laptops [...]Do not submerge your uatp devices in water: USB adenosine triphosphate is unstable in water, and will hydrolyze to USB adenosine diphosphate and phosphate, which is a lower energy state that makes your mouse narcoleptic in X.

Those guys are a pretty funny bunch

Attached: jnug-booth1.jpg (1600x1200, 384.16K)

That's pretty funny.

Can DF even be considered a mainline BSD?

Compared to Mir, Hardened or Liberty, yes.

Free or Open for general desktop bullshit?

Open, the developers actually use it as their desktop OS' so desktop programs are much more likely to work. Don't know if you are on a laptop, but on my chinkpad I get much better battery life with 'apmd -A' than I ever did with whatever was recommended on lunix and Free.

i always wondered, what does BSD offer over linux, disregarding security features? cleaner code? tiny install size?

OpenBSD does
both open and net offer this.
Otherwise the main difference is a consistent base system, or rather a base system at all, and usable documentation. There is nothing better than being able to type man "x" and get useful and relevant information. I use both linux and openbsd regularly and holy shit linux man pages are fucking awful. Of course having the base system developed in the same place and by the same people as the kernel allows the software to actually use all of the features the kernel has to offer but this isn't something a new user is going to notice, unlike the man pages.

how the hell do you mount udf-formatted flash drives on *bsd?

keeps saying invalid argument everytime i try to mount /dev/da0

Free has lots of binary packages and the ports system is probably the best of the bunch. If you absolutely need some specific software, you could look beforehand if both offer them. FreeBSD is more likely to support the latest hardware stuff, but it may depend. OpenBSD seems to also generally be a good choice for laptops - Thinkpad support is good as many devs use it, but I used an old HP and it was fine too.

OpenBSD has openports.se for searching, NetBSD has something similiar - Free probably too, you just have to look for it.

Also consider the "feature list", as all of them bring something different to the table.

The way the system is laid out and configured also immediately makes sense. It's hard not to notice if you try it for the first time. This and the documentation cause you to solve problems on your own rather than consulting google everytime. /var/log is actually helpful and you don't need to wrestle binary logs (only had the misfortune to need to do that once, but it was enough). If you try it in a VM you'll probably see what I mean.

Can't be of much help here, but in case you didn't try: the handbook/FAQ/guide may cover that. NetBSD has a wiki that answers a lot of spevific questions like this.

You probably have to tell it the partition you want to mount. /dev/da0 is the buffered device name, and /dev/rda0 should correspond to the raw device. Use disklabel to display the partition table, and then pass the correct partition name to the mount program.

openbsd taught me patience

Bug on FreeBSD's Berkeley Packet Filter used to exploit the PS4.

github.com/Cryptogenic/Exploit-Writeups/blob/master/FreeBSD/PS4 4.55 BPF Race Condition Kernel Exploit Writeup.md

OpenBSD is hard-forcing IPv4 out of their next release.

What a fucking systemd-level decision.

What's wrong with tossing obsolete stuff?

Sauce? I seem to have missed that.
Either way one of the reasons I use openbsd is because they kill off old bloat.

marc.info/?l=openbsd-cvs&m=152256582629837&w=2

100% of BSD UNIX is Old Bloat.

Find me one person on Zig Forums who knows how to configure a home IPv6 network.
It's over-complicated shit that can be on as many iRetard Smartphones it wants, and would work well there-- as the phoneowners are paying for someone with 10x their IQ to manage their consumer media. But IPv4 persists in non-pro use because it just works, simple, and has actually uploads the ideals of what makes Unix.

It's all well and good while you stay in standard Unix tools territory, but as soon as you step outside you either get programs you aren't going to use or you don't get programs that you really need.
Same exact problem as with Desktop environment, and why some users like installing minimal distros and selecting their own windows manager and other bits and pieces manually.
And speaking of windows managers, OpenBSD comes with 3 of them preinstalled, but I just want to run dwm. Dwm package comes configured to use xterm, so I rebuild it from source with my own changes. But doing it properly through ports is too bothersome, so I just "make install" but at this point the whole concept of base system goes off the rails.

Isn't that kinda like trying to build a fortress on moving sands?

May ISPs have been pushing IPv6 down users' throats for quite some time. After 2020 the phaseout of IPv4 will begin in earnest and by 2030 it will probably be a legacy feature hardly or barely supported anywhere.

Fucking April fools

I do. We're the last of the wise ones. Where did everyone else go? I hate this place now.

Increasing your OS security still makes sense. In fact, it becomes even more critical.
Moving to other platform is better, but a lot of people already paid for Intel botnet and don't want to just throw the computer away yet.

Kek, I was going to say I just upgraded from last weeks current to now and didn't notice anything.

My point wasn't that you will never have the desire to stray from base; rather that having the kernel developed by the same people developing the 'coreutils' allows for those tools to properly use the features provided by the kernel. When comparing to linux this is a major difference since gnu coreutils is in no way integrated with linux (at least as far as linux exclusive features go).
I don't use those window mangers either but I don't really mind the extra disk space they take up since I have literally never used more than 15% of my OS disk. I will say that as hard as I try to lower my ram usage on gentoo (even as far as using musl and replacing most @system programs) I can not get it to use as little as openbsd.
You are supposed to cp -r /usr/ports/x11/dwm /usr/ports/myports/x11/dwm and edit it there. But I do agree that its annoying. I can never remember the make update-patches||upgrade-patches||update_patches etc command. I tend to run dwm-HEAD so I don't use ports for it. Also I use pkg for most things but I use ports for st so that I can apply my own config.h and its frustrating that it gets replaced every time I do pkg_add -u.

The premise of throwing IPv4 out of the window appeared absurd straght away (and the timestamp only confirmed that). Theo is no idiot not to realize that IPv6 will possibly never completely supplant IPv4, and even if then not earlier then in ten or even twenty more years.

Shouldn't getting rid of obvious botnet that sits underneath everything else be top priority though?
Does OpenBSD have a MEI driver (and if yes, it it enabled by default)?

The
had me going for a second though since I knew 6.3 was about to be released.

*BSD loves proprietary though, they all load firmware and microcode blobs.

Been there, done that. IPv6 in networks with low security requirements (such as home networks) is a piece of cake. Campus networks with thousands of untrusted devices however...

LibreBSD when?

Every OS that supports "modern" hardware does this. If you want no firmware at all, you have to go back to early 90's or prior, but you'll still have chips with code in ROM doing effectively the same thing.

False. Debian works on TALOS II. What matters is whether it can be updated, firmware in ROM can not and can therefore be treated like hardware. Microcode and the firmware in linux-firmware can and does get updated and therefore is software, which ought to be free like the rest of the system.

Stallman is being full retard on this point.
First, putting Windows on a ROM chip doesn't make it less of a botnet.
Second, it can be updated, you just either need some extra hardware or replace chip manually (And back in the 80-ies some computers shipped software updates this way, just by sending you a new ROM chip with new firmware)

TALOS II is the only open thing that exists, you have a dataset of one.