Annotation of www/testimonials.html, Revision 1.1
1.1 ! ian 1: <!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"
! 2: "http://www.w3.org/TR/REC-html40/loose.dtd">
! 3: <html>
! 4: <head>
! 5: <title>OpenBSD: Users' Views</title>
! 6: <meta name="resource-type" content="document">
! 7: <meta name="description" content="Users talk about OpenBSD">
! 8: <meta name="keywords" content="openbsd,users">
! 9: <meta name="distribution" content="global">
! 10: <meta name="copyright" content="This document copyright 2000 by OpenBSD.">
! 11: </head>
! 12: <body bgcolor="white">
! 13: <h1>OpenBSD: Users' Views</h1>
! 14: <p>Many users have commented on their use of OpenBSD.
! 15: The following are all extracts from our public mailing lists or,
! 16: in rare cases, other mailing lists (these have links to the original articles).
! 17: They've been shortened, and edited slighly for spelling and grammar,
! 18: but are otherwise unchanged.
! 19:
! 20: <h2>Matthew Haas says this:</h2>
! 21: <p>
! 22: I've been very impressed with OpenBSD since my decision to install it.
! 23: Definitely a great system, reminds me of my Slackware days, but better.
! 24: <p>
! 25: Thanks.
! 26:
! 27: <h2>Grant Bayley, an IT Manager from Australia, writes:</h2>
! 28: <p>
! 29: By way of success stories, since a few of us at 2600 Australia started
! 30: using OpenBSD about 12 months ago now in some form or another, we've seen...
! 31: friends load it onto their machines and been simply amazed
! 32: at the quality of it, in particular the forethought that goes into
! 33: securing things out of the box.
! 34: <p>
! 35: We've also had one of our guys working at an ISP go head-to-head with an
! 36: in-house SuSE zealot of sorts on a compatibility, stability and security
! 37: test in advance of them selecting an operating system for their servers
! 38: (which, while using RedHat, had been rooted at least once). OpenBSD passed
! 39: with flying colours and as of today, they're beginning a rollout of 2.6
! 40: onto their servers, mostly using stock components and software from the
! 41: ports tree (qmail, cucipop etc).
! 42:
! 43: <h2>System and Network Administrator Jeff Schneiter offers this:</h2>
! 44: <p> With a frozen budget it sure makes one squeeze every last
! 45: bit of power out of whatever hardware one can lay his hands
! 46: on... and thanks to OpenBSD, I have been doing just that.
! 47:
! 48: <h2>Tony Sarendal says this:</h2>
! 49: <p>I tried OpenBSD because of the IPsec support.
! 50: The reason I stick with it is because it really is nice to use
! 51: and it gives a feeling of quality which no other OS can match.
! 52: <p>
! 53: I did some programming on an OpenBSD machine, after this I really
! 54: appreciated the man pages. Other Unices I used had man pages that
! 55: simply weren't any good.
! 56: <p>
! 57: Keep up the good work guys.
! 58:
! 59: <h2>Security Engineer Tyler Allison writes:</h2>
! 60: <p>
! 61: I have installed, secured, and maintained Linux, WindowsNT and OpenBSD in
! 62: highly secure environments. (yes you can secure Linux and WindowsNT in
! 63: this environment :) ). Having said that I have to point out that if you
! 64: want a minimum administration to keep up with security issues option you
! 65: need to pick OpenBSD by far. It is not uncommon for people to go years without
! 66: updating their production OpenBSD machines because they are just rock solid
! 67: and there are no known "remote" vulnerabilities. Thus no good reason to
! 68: upgrade...
! 69: <p>
! 70: I would feel perfectly happy to have one of my [novice] interns do a basic
! 71: OpenBSD install on a PC (no extra security work after the install) and then put
! 72: the companies crown jewels on that machine and then walk away for a year.
! 73: Knowing full well that machine hasn't crashed, been broken into or in need
! 74: of an OS upgrade. You can't say that about NT or Linux.
! 75: Or if you do you obviously havent ever used the product that way :)
! 76: <p>
! 77: Another thing that I hear people point out is go check your local exploit
! 78: site or vulnerability alert mailing list and see if you can find a "remote"
! 79: root level exploit that works on OpenBSD. I dare say you won't find any that
! 80: are less than 12 months old.
! 81:
! 82: <h2>Jan Johansson had this to say:</h2>
! 83: <p>
! 84: I work today with Solaris, OpenBSD, NT Server, NT Workstation and Win 95.
! 85: <p>
! 86: After reading Bugtraq for some weeks I will say that I will never put
! 87: any (important) machine on the Internet if there is not a firewall in
! 88: front and for packet filtering I go for OpenBSD...
! 89: <p>
! 90: For a cheap webserver I say hardware from a known vendor, an ordered
! 91: OpenBSD CD-ROM and Apache...
! 92:
! 93:
! 94: <h2>William Yodlowsky at Devry Institute wrote:</h2>
! 95:
! 96: <p>Two years ago I was just getting into system administration. I learned
! 97: Linux first. Then one of our old (I mean *really* old) BSDi servers
! 98: crashed, and it was up to me to rebuild the system.
! 99: <p>
! 100: I looked at FreeBSD, NetBSD, OpenBSD and Linux. In the end, it came down
! 101: to "secure and stable" that took the prize. OpenBSD 2.1 was installed.
! 102: <p>
! 103: Since then, I've run 2.1-2.5 on everything from production servers to
! 104: laptops. We've never (repeat: NEVER) had a break-in.
! 105: <p>
! 106: A coworker setup a RedHat based box to test his skills at setting up SSL
! 107: and a secure web site.
! 108: It was hacked literally overnight, and by the next morning was attacking
! 109: other sites.
! 110: <p>
! 111: Our OpenBSD servers were probed and then left alone.
! 112: <p>
! 113: In the intervening two years, that original server got upgraded
! 114: and patched several
! 115: times and the OS never gave us reason to question the reliability or
! 116: security of OpenBSD.
! 117: <p>
! 118: We have another box, acting as a router for about 800 workstations doing
! 119: very basic filtering and NAT. It's on a P120 with 32MB RAM and typically
! 120: the uptime would look like this:
! 121: <pre>
! 122: % uptime
! 123: 9:05PM up 266 days, 4:23, 1 user, load averages: 0.06, 0.06, 0.06
! 124: %</pre>
! 125: <p>As well, OpenBSD runs on my laptop.
! 126: A Gateway Solo 2500 with a Xircom modem, and a Linksys fast ethernet NIC.
! 127: <p>
! 128: And it never crashes :)
! 129: <p>
! 130: One other incident that made me a believer... we were pingbombed. I mean,
! 131: 900 different hosts on different networks floodpinging an OpenBSD 2.3 box
! 132: simultaneously, while it was processing email and webpages for 3500 users.
! 133: <p>
! 134: It was a P133 with 64MB ram. And it didn't go down. It got a bit slower,
! 135: but never crashed :-)
! 136:
! 137: <h2>John J. Adelsberger III said this about us in
! 138: <a href="http://www.counterpane.com/crypto-gram-0004.html#CommentsfromReaders">
! 139: Counterpane</a>:</h2>
! 140: <br>
! 141: <br>< Real systems show no signs of becoming less
! 142: <br>< complex. In fact, they are becoming more complex,
! 143: <br>< faster and faster. Microsoft Windows is a poster
! 144: <br>< child for this trend to complexity.
! 145: <br>
! 146: <br>...
! 147: <br>
! 148: <br>< The other choice is to slow down, to simplify,
! 149: <br>< and to try to add security.
! 150: <p>
! 151: OpenBSD does this. <I>I am unaware of any other group whose workings
! 152: are publicly viewable that does so</I> [emphasis added], which is regrettable, because
! 153: I would prefer not to have this appear as an OpenBSD plug; rather,
! 154: my purpose is to point out that not only is this approach feasible,
! 155: but it is being done.
! 156:
! 157: <h2>Andrew Hermetz commented as follows:</h2>
! 158: <p>Hey all,
! 159: <p>Just wanted to drop a line and thank all who have worked to make OpenBSD
! 160: such a clean, cool, & efficient project.
! 161: <p>Major kudos to Theo for being a man ahead of his time! ;-)
! 162: <p>As I have to frequently explain to people *why* security is important at
! 163: all ("if you have nothing to hide...", "nothing you do is important enough to
! 164: warrent encryption...", "only criminals and terrorists need to sneak around
! 165: anonymously...", etc. ad nauseam), let alone *why* it's important in this day
! 166: and age of personal networks behind a DSL or even a full T1, I love being able
! 167: to point them to a page which sets out a well-reasoned explaination for taking
! 168: computer security seriously.
! 169: <p>[... OpenBSD installed]
! 170: effortlessly onto a Pentium 90 Compaq LTE 5100 laptop -- even the no-name
! 171: brand LAN card came right up and did a kickass install over a friend's office
! 172: T1. When I sing its praises, the thing that seems to get most people is its
! 173: spartan look & feel, but I like knowing where everything is and not having a
! 174: distro that shoves [stuff] into dark corners I'll never find...
! 175: <hr></hr>
! 176: <a href="index.html"><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
! 177: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
! 178: <br><small>$OpenBSD$</small>
! 179: </body>
! 180: </html>