![[OpenBSD]](images/smalltitle.gif)
Media Coverage
English press coverage
December, 2000
System and
Network Security - Kernel Options, Kurt's Closet, Security Portal,
December 6, 2000
Going beyond the usual security measures means looking at some often
neglected kernel options and settings. Kurt Seifried looks at kernel
options under OpenBSD, Linux and Solaris.
Why
I use OpenBSD, ZDNet News, December 4, 2000
Stephan Somogyi explains why he runs OpenBSD, largely due to OpenBSD's
emphasis on security. The article also chides Intel and 3Com for
not providing driver documentation to allow their IPSec networking
cards to be used.
BSD
community learns to get along, Open Season, Upside Today, December 1, 2000
OpenBSD gets a passing mention in this cheerleader piece by Sam Williams about
the wide distribution potential of the BSD-derived Mac OS X.
November, 2000
Is Darwin getting
due respect?, ZD Net, November 23, 2000
Stephan Somogyi dismisses Apple's open source offering as "opportunistic",
Darwin, and sneaks in a tip of the hat to OpenBSD.
Beyond Windows
and Linux: Discovering the BSDs, NetworkWorld Fusion, November 20, 2000
Worried that Linux will be de-stabilized by the hype machine? Paul Hoffman
suggests a serious look at the BSD-based operating systems.
Building
Linux and OpenBSD Firewalls, book review, The Linux Gurus, November 18, 2000
In this detailed review of the Sonnenreich & Yates
firewalls book, the unnamed
author concludes that the authors aren't paranoid enough in stripping down
the firewall system to the bare essentials.
BSDCon
2000: A small, tasty conference, Sun World, November 2000
Silicon Carny columnist Rich Morin reviews BSD Con 2000. He gives an overview
of the five BSD variants available and a bit of atmosphere from the conference.
October, 2000
Auditing
Code, Kurt's Closet, Security Portal, October 31, 2000
Kurt Seifried interviews John Viega, author of the ITS4 code auditing
system. While he acknowledges the value of OpenBSD's strictly
expert-based auditing process, he argues that using even an imperfect
auditing tool is better than no audit at all.
Linux
Boosts Unix, ZDnet Inter@ctive Week, October 23, 2000
Charles Babcock suggests that Unix and freenix OSes like Linux and
OpenBSD are putting the squeeze on Microsoft Windows 2000's share of
the high end server market. Not bad for a bunch of hackers who just do
it because they love coding...
Porting
OpenBSD to the Motorola ColdFire, BSDCon, October 18, 2000
Dean Fogarty and David O'Rourke, engineers at Stallion Technologies
Pty Ltd in Australia, presented this paper at BSDCon.
"Making an Internet embedded appliance for public
consumption is not a simple task. Choices including hardware, code
development and user interface design must be made, each of which could
either help or hinder a product. This paper outlines how and why
Stallion Technologies used the Motorola ColdFire CPU and the OpenBSD
operating system to create a successful Internet appliance."
Cry
Hackerdom!, FEED, October 17, 2000
Brendan Koerner continues his exploration of the digital world with a
visit to this year's Defcon. There's a cameo appearance by Theo de Raadt,
cast as a starving hacker. Before the article sets off a
verge-of-financial-collapse panic on the mailing lists, we'd like to make
a correction: Theo can occasionally afford a pint of Guinness to go with
the pizza.
Sniping at
OpenBSD, #RootPrompt.org, October 9, 2000
Columnist Noel discusses some of the angry comments made about
OpenBSD's Bugtraq disclosure of a localhost vulnerability . He gets
at the point of the source code audit: it's not to find exploitable
holes, but rather to fix bugs so that they never become security
problems.
Using IPSEC and Samba to integrate Windows Networks, Napalm, October 6, 2000
OpenBSD, IPSec, IPF, Samba and Windows: azure covers it all in this
networking epic about connecting two Windows-based networks over a VPN
- whether they like it or not.
OpenBSD
plugs a rare security leak, Upside Today, October 6, 2000
Developer Aaron Campbell is interviewed by Upside reporter Sam Williams
about the recent concern over format string vulnerabilities and how
OpenBSD has responded to the threat.
The Pros and Cons of Posting Vulnerabilities, October 5, 2000
Dissipating the smokescreen of FUD surrounding "full
disclosure" is a never ending thankless task. Rik Farrow shows how
it works by picking a particularly busy day in the life of BUGTRAQ, the
full disclosure security mailing list. He concludes with a tip of the
white hat to OpenBSD:
"The true goal should be to write secure software in the first
place. One Unix version, OpenBSD, gets all of its code audited for
security bugs before it gets shipped."
BSD OSs Offer
Unix Alternatives to Linux, Byte, October 2, 2000
In a long-ish article subtitled "For security, scaling,
consider a BSD OS", columnist Bill Nicholls does a survey of the
BSDs. Mostly he summarises the history and quotes the various project
web sites, but this is the kind of article that should benefit
non-technical readers bombarded with Linux advocacy.
September, 2000
BSD
System Takes On Linux,
Chris
Coleman Explains BSD Unix, Inter@ctive Week, September 25, 2000
Two BSD related articles in the same mainstream publication, on the same day.
A trend, maybe? The first article, a business-oriented manager's eye view,
credits OpenBSD's proactive security approach for spurring on security
development in the other BSD groups, and even Linux. The second is an
interview with Daemon News editor Chris Coleman which attempts to explain
the various BSDs. The writer clearly hasn't mastered the topic yet, or even
spelled Coleman's name consistently.
Primed and ready,
Upside Today, September 7, 2000
An article by Sam Williams about the reaction to RSA Security's pre-emptive
release of RSA into the public domain. The impact on OpenBSD? Minimal --
most users are already taking advantage of the trick to download the ssl
library after installing the OS.
OpenBSD as a VPN Solution,
Sys Admin, September 2000
Alex Withers contributed an article on setting up a VPN with OpenBSD's IPsec
and the ISAKMPD key management daemon. He admits his implementation, though
quite serviceable, only scratches the surface of the capabilities available.
He strongly suggests going through the man pages
(vpn(8),
ipsec(4) and
isakmpd(8)) and the OpenBSD
IPsec FAQ to get the most
out of the system.
FreeBSD, OpenBSD and SuSE 6.2 Eval Review, OS Opinion, September 2000
Keith Rankin, a veteran system administrator, rates three operating systems
in terms of usablility and productivity. Despite a lengthy rant about minimalist
installations, vi and a default C shell, he finds nice things to
say about OpenBSD's floppy + 'Net installation, the thorough system probe and
the IP filtering and address translation.
August, 2000
OpenBSD and the Future of the
Internet, OpenBSD Explained, O'Reilly Network, August 29, 2000
David Jorm's column notes the fact that OpenBSD ships with functioning IPv6
networking. He briefly walks through the procedure to get an OpenBSD system
to participate in "6bone", the transitional IPv6 network.
OpenBSD's Good
Example, # RootPrompt.org, August 23, 2000
Noel moves on after his "Cracked!" series to look at other
security topics. This time, he installs OpenBSD, fully expecting some
brutally stripped-down system good for nothing but firewalls and sniffers,
but finds a functional desktop environment. OpenBSD sets an example for
other systems: "It is my opinion that there are many lessons
in how OpenBSD is put together that the Linux community needs to take
note of".
The
Brit and the Big Boy, NewsForge, August 22, 2000
NewsForge Columnist Julie Bresnick pens a quirky profile of Tom Yates,
co-author with Wes Sonnenreich of
Building
Linux and OpenBSD Firewalls.
Linux
Revisited, ABCnews.com, August 16, 2000
In an article better entitled "Moody battles on", columnist Fred
Moody continues his lone battle over the Linux security record. He rates
OpenBSD as the choice of those who expect "much, much more" and
quotes Marcus Ranum, CTO of Network Flight Recorder, talking about OpenBSD's
code audit. "They did some really interesting stuff; they did complete
code audits of major hunks of the operating system and found huge, horrible,
gigantic holes that all the other UNIX derivatives had been ignoring."
The
World's Most Secure Operating System, The Industry Standard, August 14,
2000
"A lone Canadian is reshaping the way software gets written. Is the world
paying attention?". (Well, actually he's got help). Veteran technology
reporter Brendan Koerner interviews Theo de Raadt, security vendors and
writers to compare OpenBSD's code audit and "secure by default" credo
against current industry practices.
An Overview of OpenBSD Security, OpenBSD Explained, O'Reilly Network, August 8, 2000
David Jorm details the steps to configuring OpenSSH's sshd, and how to set up
a secure Web server using OpenBSD's SSL support. He also looks at OpenBSD's
security stance, the ongoing code audit and how to install security patches.
OpenBSD runs fuzz, Linux
Weekly News, August 3, 2000
Linux Weekly News security editor Liz Coolbaugh picks up on a Bugtraq thread
about fuzz, a tool that tests commands with randomly generated
command line arguments. Lead developer Theo de Raadt ran it against OpenBSD
and found routine coding errors in about a dozen commands, none security-related.
The article reprints de Raadt's posting and comments. Though the exercise was
worthwhile, the tool only points to the areas to check, and is no substitute for
careful code reviews, he concludes.
OpenBSD
in a Datacenter Scale Environment, BSD DevCenter, O'Reilly Network, August 1, 2000
David Jorm's OpenBSD Explained column talks about IT Manager Grant Bailey's initial
skepticism about OpenBSD being able to handle the load for www.2600.org.au's Web and
FTP site. On a tight budget, he set up a K-6 450MHz system, with 128 MB RAM and an
IDE drive, got a few friends with cable modems to pound on it, and was pleasantly
surprised.
Update (Aug.4/2000): Grant writes that he has just seen the site's biggest day:
56GB outbound to everywhere on the Internet with 260 clients at one point, limited
mostly by the RAM.
July, 2000
Linux developers hunt for kernel bugs, vnunet.com, July 26, 2000
John Leyden talks about the new Linux Kernel Auditing Project, and how
last month some people decided that Linux needed some auditing. It is
about time. The article mentions that
"OpenBSD, another Unix-like open source
operating system, has been subject to an ongoing security audit
since 1996."
The article apparently used to quote Roy Hills of NTA as saying
""This is the first time I've heard of an audit of the whole of a
general purpose operating system kernel", but it has been
ammended since.
Interview: Theo de Raadt, Sécurité.org, July 26, 2000
Nicolas Fischbach caught up to Theo de Raadt at CanSecWest in Vancouver a while
back, and the resulting interview discusses Secure by Default and the genesis
of OpenSSH.
IPSec - We've Got a Ways To Go (Part II), Security Portal, July 26, 2000
Kurt Seifried discusses various key management and tunnel modes and extensions
possible with IPSEC implementations, including OpenBSD's ethernet over IPSEC
bridging.
Setting up OpenBSD 2.7 as a cable NAT system , BSD Today, July 24, 2000
Vlad Sedach writes about his experiences in setting up a ipnat/ipf box based
on OpenBSD as his firewall.
Most secure operating system update uses Digital Signature Algorithm, vnunet.com, July 17, 2000
James Middleton lists the features of the new 2.7 release.
OpenBSD is installed -- now what?, BSD Today, July 14, 2000
As a follow-up to
Installing OpenBSD 2.7,
Clifford Smith explains how to set "up OpenBSD as a single-user,
desktop system with basic information on installing the ports tree,
setting up KDE, stopping unneeded services and using IPFilter."
IPsec Crash Course
(part 1), Napalm, July 13, 2000
Technical article about IPSec by ajax, discussing the networking basics,
the key management daemons and various free and commercial implementations.
This goes well beyond the usual how-to articles to explain the underlying
protocols and their quirks.
, Computing Canada, July 7, 2000
Viewpoint columnist Matthew Friedman tries to set the record straight -- open
source is not all about Linux. He focuses on the rock-solid networking performance
and security and speaks with OpenBSD's Theo de Raadt and FreeBSD's Jordan
K. Hubbard.
Be
An Engineer, Not An Artist, OS Opinion, July 6, 2000
Monty Manley throws open the debate about artistic whim versus solid engineering
in open source software development. Too few, like the OpenBSD auditors, are
willing to sweat the details to make the code really work, he writes.
Attempting to install OpenBSD under VMware, BSD Today, July 6, 2000
BSD Today reader Jeremy Weatherford tries his hand at installing OpenBSD
on VMware, a system that allows multiple OSes to run concurrently on the
same hardware. We can't fault him for trying, but being new to both OpenBSD
and VMware, he might have been a tad too ambitious, considering VMware
doesn't even list OpenBSD as a supported "guest" OS.
June, 2000
Installing OpenBSD 2.7,
BSD Today, June 29, 2000
So you want to try out OpenBSD, right? Sounds like your kind of operating system,
right? Patrick Mullen installs and reviews the 2.7 release. Another first-hand
experience installing OpenBSD, with a sprinkling of humour because these articles can
be a bit dry.
BSD
(and Joe) are Canadian, letter to the editor, Computing Canada, June 23,
2000
"Dave the Canadian software guy" wrote to complain about a column
entitled "The computing road less travelled". The article on
alternative OSes never mentioned OpenBSD, published in Canada, or NetBSD,
the sole BSD at Linux Quebec in April. "Is it time for a Joe the Canadian
commercial for Canadian Software?", Dave asks.
The letter is further down the page.
Securing
Your Network With OpenBSD, Kurt's Closet, Security Portal, June 21, 2000
Kurt Seifried looks at some new features in OpenBSD 2.7 and recommends it
as a platform for patrolling your network. He also gives a sampling of
the many security tools available for intrusion detection, vulnerability
analysis and network management, all available from the
"Ports" collection.
Exposed
to a Web of viruses, eWeek.com, June 19, 2000
Peter Coffee, eWeek Labs, mentions OpenBSD in an article subtitled
"IT wanted integration; Microsoft delivered. Now both must fix lax
security". Near the end (it's there, really), he writes:
Those who champion the open-source process point to projects
such as the OpenBSD operating system, with its tremendous security
record, as proof of concept. But there are other examples, such as
loopholes in Kerberos code that went unnoticed for years, that show
the limits of volunteer effort. Once again, we note that published
source code doesn't automatically imply a security review. It won't
happen by itself: people have to want to do it.
OpenBSD 2.7 press release, June 15, 2000
This press release was translated into several languages and distributed to the
trade press and Internet news sites.
Coming
soon: a real-time OpenBSD?, BSD Today, June 14, 2000
Randy Lewis of RTMX explains why they picked OpenBSD and how their real-time
extensions will be folded back into the OpenBSD source tree in time for the
next release. Interview by Jeremy C. Reed.
Introduction
to OpenBSD Networking, BSD DevCenter, O'Reilly Network, June 13, 2000
David Jorm, no stranger to OpenBSD, gives a detailed tour of the basic steps for
setting up an OpenBSD system as a gateway with a LAN interface and a PPP connection.
He also points out the little differences that could trip up somebody just
arriving from the Linux world.
The
state of the daemon, UNIX Review, June 7, 2000
Michael Lucas reviews the state of the art for BSD-derived systems,
and finds much cause for optimism.
"OpenBSD delves further into constructive paranoia", he writes.
Agreed, security is a state of mind, but unless the rash of serious incidents
abates, it's not really paranoia.
Security
By DEFAULT, OPEN SOURCES, Information Security, June 2000
OpenBSD is one OS that's likely to be voted "Most Secure."
So why not use it for all enterprise apps? Columnist Pete Loshin
looks at OpenBSD as a serious contender for secure Internet servers.
Meet the hackers, America's Network, June 1, 2000
Patrick Neighly writes a long and detailed article about the hows and whys of
the hacker community. Near the end, he interviews a hacker who states that
"OpenBSD tends to be a proactive security solution - they find holes
before they're posted on Bugtraq"
May, 2000
Cracked! Part4: The
Sniffer, # RootPrompt.org, May 31, 2000
Noel continues his chronicle of a cracker attack on his LAN.
In part 4, he notes that even local user vulnerabilities cannot
be overlooked because you must assume that an attacker will
eventually figure out a login/password. As part of his conclusions,
he mentions he would like to explore OpenBSD for systems that
need user accounts. The first three parts also make for interesting
reading for all system administrators.
Flaw
found in PGP 5.0, Computer World, May 26, 2000
PGP 5.0 was found to have a serious coding error under Linux and
OpenBSD, where it replaced the random data obtained from /dev/random
with a string of '1' digits when generating key pairs under certain
conditions.
Security
Beyond the Garden of Eden, BeOpen.com, May 19, 2000
Sam Williams strikes again. He interviews OpenBSD lead developer Theo de Raadt
and Tom Vogt, a lead developer of Nexus, a "maximum security" Linux
distribution unveiled on May 9. This article contrasts two different
approaches to security.
OpenBSD
perfects security by one-upmanship, Upside Today, May 17, 2000
Freelance writer Sam Williams captures the dynamics of the OpenBSD
development effort in OpenBSD, dubbing it "geeking out for perfection".
Williams also takes note of OpenBSD's business-friendly non commercial
stance -- no corporate backers, yet plenty of commercial products
with embedded OpenBSD.
Vulnerability
Database Statistics, Security Focus, May 15, 2000
"3 out of 2 people can't figure out statistics", the saying goes. In this light,
we'd like to present Security Focus's summary of vulnerabilities. Read
the disclaimers and feel free to dispute the results, but you have to
admit it makes OpenBSD look good compared to other widely used OSes.
We think the most important chart is the top one, total vulnerabilities.
The upward trend is disturbing; it means the industry still doesn't
"get it", and the users who trade off security for feature
creep are delivering the wrong message.
Why
We're Doomed to Failure, Security Portal, May 10, 2000
Kurt Seifried talks about what people can do to promote security and
protect themselves against the now-commonplace attacks. His first
suggestion is for software vendors to audit code like OpenBSD did, but he
feels that the effort and demand for knowledgeable programmers is too
great for this approach to succeed. Instead, he suggests add-ons such as
various Linux patches, development tools and replacement libraries. We
think he gave up too easily: by accepting mudflaps in the place of
airbags, he is taking the heat off software vendors to clean up the
defects in their products.
They're after your data, vnunet.com, May 17, 2000
In a discussion related to government hacking, Dearbail Jordan interviews
a random hacker who states that "As far as operating systems go,
OpenBSD, a completely free Unix variant, is probably the most secure
C2-level Unix available today." Well, OpenBSD is not C2, mostly
because the Orange Book C2 standard is for Trusted systems, not Secure
systems, but the remainder of his comment is probably a correct viewpoint.
Open
Source Smugglers, ComputerWorld, May 5, 2000
"Psssstt! Wanna a good, reliable operating system on the cheap? Thing is,
you just can't tell your boss about it" Technology writer Peter Wayner
tells of the techies who break the rules and sneak open source
systems on the job. He mentions the "security-conscious" OpenBSD as a
successful secure e-commerce server against an rival NT implementation,
as well as how Marcus Rannum embeds OpenBSD in the Network Flight Recorder
IDS appliance to sidestep NT vs. UNIX prejudices.
PowerCrypt
Encryption Accelerator Endorsed by OpenBSD, Business Wire, May 2, 2000
Press release from Global Technologies Group, Inc. announcing OpenBSD
support for their PowerCrypt IPSec hardware accelerators cards.
An experience
installing OpenBSD, BSD Today, May 2000
Another "how I installed OpenBSD" article. Jeremy C. Reed writes
a blow-by-blow, prompt & response chronicle of how he installed OpenBSD
2.6, to the point of setting up X, the blackbox window manager and
Netscape -- elapsed time, 4 hours and 38 minutes. Phew.
My Adventures
In OpenBSD 2.6, Daemon News, May 2000
Alison describes how she gave in to the geekier side of her nature and
rescued a castaway PC and put OpenBSD on it. "Contrary to popular
opinion, however, I think it's not just a matter of reliability," she
writes, "but also of clarity and simplicity - two very important and
oft-overlooked characteristics of computer software.".
April, 2000
Interview with OpenBSD's
Theo de Raadt, eup E-zine,
April 20, 2000
In this interview by Daniel De Kok, lead developer Theo de Raadt comments
on the BSDI/FreeBSD merger, OpenBSD as an embedded OS, and future plans for
OpenBSD.
Security Experts Say Proprietary
Code Isn't Scrutinized Well Enough, SOURCES, April 19, 2000
This bulletin discusses security concerns raised by recent reports of
vulnerabilities in commercial software such as backdoors and automatic
registration forms. The article quotes Jerry Harold, president & co-founder of
Network Security Technologies Inc. "This is why NetSec builds its products
on an operating system (OpenBSD) that has made security its number one goal."
Open
Source - Why it's Good for Security, SecurityPortal.com, April 17, 2000
In another FUD-fighting article, security writer Kurt Seifried and
Bastille Linux project leader Jay Beale refute a recent well-circulated
article saying open source software is more vulnerable because the
black hats can find bugs just by reading the source. If this were the
case, they argue, OpenBSD could not have achieved its security record.
They counter the claim by demolishing "security through
obscurity", the myth that just won't go away.
Wide Open Source,
SecurityFocus.com, April 16, 2000
Elias Levy of BUGTRAQ fame discusses the security of open- vs. closed-source
software. OpenBSD developers are mentioned first among a few groups of people
who care about auditing code for security vulnerabilities.
Bad Press,
32Bits Online, April 2000
Slamming some recent press which had said that Open Source (and in particular
Linux) leads to more software security problems, Clifford Smith states
"If there is ONE definitive proof that the source code being opened up for
review provides the opportunity to create secure operating systems, OpenBSD
is that proof." (his emphasis)
March, 2000
Linux
is a security risk, I don't think so!,
Security Portal, March 29, 2000
Columnist Kurt Seifried uses OpenBSD's code audit as an example to
refute a FUD piece on a major computer industry website that claims
that Linux is a security risk because the bad guys can find the holes
simply by reading the source code.
The
Kurt Seifried interview, Linux.com, March 8, 2000
The roles have changed; security columnist Kurt Seifried is now the subject.
He discusses his role at Security
Portal, the state of Linux security, OpenBSD's security model and the
Linux hardening scripts like Bastille Linux. He's pessimistic about the
future and predicts that with management apathy towards security,
"we're in for 10-50 more years of miserable computer security problems".
Open source software:
Ready for Credit Union Primetime?, CUES Tech Port, March 6, 2000
An article explaining the trade-offs of using open source software, how it
might be applied to credit union enterprises and some caveats about the
learning curve for staff not already familiar with UNIX-like operating
systems. Author Tom DeSot strongly recommends OpenBSD in this article
written for credit union IS managers.
The
Unix players change, but the (r)evolution continues, SunWorld, March 2000
Rich Morin puts the 80's UNIX history of fragmentation in perspective by
examining the creative tensions between the five operating systems derived
from 4.4BSD-Lite. Rather than repeating the platitude of how the BSD-derived
operating systems should unite, Morin's Silicon Carny column shows that the
projects and companies cooperate even though they have diverging goals. And
now that Sun has cautiously moved to open source some of its source, how
will the open source world react, he asks.
Getting
to know OpenBSD, Boardwatch Magazine, March 2000
UNIX columnist Jeffrey Carl continues his survey of the freenix alternatives
for ISPs with an interview with Louis Bertrand. The author also discusses
the relative merits of OpenBSD and how ISPs might want to use it for a
competitive advantage.
February, 2000
All
About SSH - Part II: OpenSSH, Security Portal, February 28, 2000
Seán Boran wraps up his look at SSH with an article devoted to OpenSSH
running on OpenBSD and other OSes, mentioning problems porting OpenSSH to
platforms without good crypto support.
Firewalling with IPF, Security Portal, February 16, 2000
Kurt Seifried, author of the Linux Administrators Security Guide, explains
how to set up packet filtering with
ipf. His examples are based on OpenBSD 2.6
even though his article isn't aimed at any specific OS.
OpenBSD 2.6 - new features,
Security Portal, February 9, 2000
Kurt Seifried reviews OpenBSD 2.6 and finds new features like
OpenSSH, Apache
DSOs, and new device drivers. He also finds comfort in an old friend, the
"secure by default" installation.
Three
Unixlike systems may be better than Linux, ComputerWorld, February 7, 2000
We really like Simson when he writes "But if you're trying to get the
most for your money or if you want a higher level of security, take a look at
the BSDs. The rewards can be considerable." But he misses the point
about strong crypto because of the fuss over 128-bit browsers. The RSA patent
has been a more effective muzzle on innovation than the export prohibitions.
Also note OpenBSD and FreeBSD also integrate IPv6 in their current codebase.
Review
of FreeBSD 3.4, 32BitsOnline, February 2000
In a review of FreeBSD 3.4, the author, Clifford Smith, was impressed
enough about OpenBSD to say "OpenBSD is probably the most secure
distribution out of the box because it comes with a source code that has
been given a complete security audit. It also comes with KERBEROS enabled
out of the chute, OpenSSL and ssh is part of the distro now, too. IPFilter
works immediately. Just Brilliant."
Securing Linux,
Information Security, February 2000
Pete Loshin surveys the state of the industry in Linux and UNIX-like
security. He highlights an emerging problem, novice Linux users
who may unknowingly leave installation holes, or inadvertently create some.
The OpenBSD sidebar explains the goals and purpose of OpenBSD, and highlights
its reputation among security experts.
FreeBSD,
OpenBSD and SuSE 6.2 Eval Review, OS Opinion, February 2000
Can't decide? Let's try a bunch. Veteran computer jockey Keith Rankin
compares a Linux distro and two of the BSDs. Long and quite detailed.
January, 2000
Secure
by default - a review of OpenBSD, Epinions.com, January 26, 2000
OpenBSD gets a five-star rating in this reader contributed review by
Justin Roth. It's a short glowing article that focuses on the security
of OpenBSD. The reviewer cautions however that it's only secure if
the administrator is vigilant.
Opening up, government style, ZDNet, January 24, 2000
Linux columnist Evan Leibovitch notes a small victory for open source
when the US government recognised it as being for "the
Public Good" in the recently relaxed cryptography export rules.
He quotes Theo mentioning that the RSA patent has had a far greater
chilling effect on US-based cryptography than the export prohibitions.
"Info.sec.radio" radio show. 11:00AM, Monday, January 10, 2000
CJSW 90.9 FM campus radio in Calgary in
association with SecurityFocus
In the inaugural show of Info.sec.radio, Dean Turner of
Security Focus interviews Theo de Raadt about OpenBSD, security,
and cryptography.
Mudge, the halo and the 2.4 sticker, MSNBC, January 6, 2000.
The beastie sticker from OpenBSD 2.4 was spotted on Mudge's laptop cover
in a file photo for this story about L0pht joining with corporate heavyweights.
Does 'open'
mean secure?, NetworkWorld Fusion Newsletters, January 5, 2000
Security Portal founder Jim Reavis calls OpenBSD "Linux's Linux". We're not
sure what it means, but he was making the point that public scrutiny of
source code helps security, so it must be a compliment.
Giving
Back, Sm@rt Reseller Online, January 4, 2000
Linux columnist Steven J. Vaughan-Nichols writes mostly about VA Linux
creating a source repository for open source projects, but there's an
interesting quote: "Whether an open-source program runs on OpenBSD,
Palm or even Windows, so long as it's an open-source program it's game
for SourceForge." OpenBSD, soon to be a household word!
There's
more to open source than just Linux, Computing Canada, January 2000
"Lack of consistency in different versions of distributions is leading some
administrators to re-examine their approach", writes Linux columnist Gene
Wilburn. He suggests the BSD systems as an alternative because they offer
a "high level of consistency and integrity".
A
report from LISA, SunWorld, January 2000
Columnist Peter Galvin gives a recap of LISA '99, mentioning among others
Bob Beck's paper about securing public
access Ethernet jacks on a university campus.
Canadian open source projects, The Computer Paper, January 2000
OpenBSD is featured in a year-end review of Canadian Open Source projects
in
The Computer Paper.
Linux columnist Gene Wilburn gets it right. Unfortunately, the article isn't on
the Computer Paper's site, but it is available at the author's site.
A Home-Grown Operating System?, Alberta Venture Magazine,
January/February, 2000
Grace Casselman interviews Theo about the development process of OpenBSD.
December, 1999
OpenSource
projects - what I learned from Bastille (and others), Security
Portal, December 23, 1999
Kurt Seifried
(seifried@seifried.org), security
analyst and author of the Linux Administrators Security Guide, discusses
the effort needed to create a Linux distribution. He mentions OpenBSD's
code audit as a reference point for securing the OS.
OpenBSD
2.6 Now Available, Server Watch, December 3, 1999
Picked up on OpenBSD 2.6 press release.
OpenBSD
Review, TekPress.COM, December 1999
Vlad Sedach offers a detailed look at OpenBSD, its history, security stance
and cryptography. He notes the lack of
multiprocessor support
but rates the security as best available, especially compared to NT.
November, 1999
Buddying
up to BSD: Part Three - Regrouping, Linux.com, November 15, 1999
Reviewer Matt Michie responds to critics of his previous OpenBSD
article in an opinion piece that discusses OpenBSD and Linux advocacy.
OpenBSD comes close to security nirvana with a system that is
'secure by default', InfoWorld, November 8, 1999
Security Watch columnists Stuart McClure and Joel Scambray say good things
about OpenBSD's security stance. "As you've come to expect from us,
our faith in vendors' attention to security is waning, but OpenBSD
gives us hope. OpenBSD is a group that has done it
right -- or at least strives to".
Buddying
up to BSD: Part Two - OpenBSD, Linux.com, November 8, 1999
Reviewer Matt Michie narrates his experience with an FTP installation
of OpenBSD 2.5 on an aging P-133. Despite trouble with the installation he
recommends it to experienced Linux users who wish to broaden their horizons.
Then the reader feedback flames him for his trouble.
UK Royal Family webmaster prefers OpenBSD,
Slashdot, November 4, 1999
Mick Morgan, of the UK's Central Computer and Telecommunications Agency,
answers Slashdot readers and talks about the design of a high profile
web site like the Royal Family's. In hindsight, he would have chosen
OpenBSD for its security aspects.
Turning on the Zedz, ZDNet, November 2, 1999
Linux columnist Evan Leibovitch tries to make sense of the byzantine
US crypto laws and offers some alternative crypto software and
resources including OpenBSD and OpenSSH.
Freenix
flavors or, three demons and a penguin, Boardwatch Magazine, November, 1999
Boardwatch Magazine's UNIX columnist Jeffrey Carl surveys the freenix choices
for ISPs. We debate his conclusion that security and functionality are
mutually exclusive choices. If that were the case, security conscious users
would unplug from the Net and just send faxes.
October, 1999
OpenBSD - a secure alternative,
Security Portal, October 27 1999
Kurt Seifried
(seifried@seifried.org), security
analyst and author of the Linux Administrators Security Guide,
discusses setting up an OpenBSD firewall.
Interview with The Cult of the Dead Cow,
Slashdot, October 22, 1999
In between cheeky and rude answers to slashdot reader questions, cDc'ers
mention OpenBSD's security model and code audit.
The existence of OpenSSH-1.0 has been confirmed,
Linux Weekly News, October 14, 1999
Linux Weekly News was the first non-BSD news agency to report the existence of
OpenSSH, which will ship with OpenBSD 2.6.
Easing on Software Exports Has Limits,
New York Times, October 11, 1999
Peter Wayner takes a closer look at some consequences of the US government's
restrictions on the export of strong cryptographic software, and finds no
small amount of irony. OpenBSD is prominently featured, along with a picture
of Theo de Raadt brandishing CD-ROMs. (No charge registration required to
read the NY Times on the web).
NSTI announces commercial support services for OpenBSD,
Yahoo News, Oct. 6, 1999
Network Security Technologies press release on the PR Newswire. NSTI
already uses OpenBSD in their Network Ops Center.
I've been hacked!
How OpenBSD saved our project, Daemon News, October 1999
Overworked system administrator John Horn tells us about his adventures with
a publicly-accessible Lynx server.
September, 1999
Calgarian heads team ensuring OpenBSD security,
Calgary Herald, Sept. 30, 1999
Technology reporter Matthew McClearn interviewed system administrators and
security specialists in Calgary and Edmonton who choose OpenBSD for its
stability and proactive security audit. He also gives some project history.
Small town in Kentucky has Internet connectivity unlike the rest of
America, MSNBC, Sept. 29, 1999
Jethro reports on the mailing lists that MSNBC aired a segment about a small
town in Kentucky with high-speed Internet connectivity. During an interview
with the town's teenage security guru, you could read the prompt on his
terminal:
Connected to spanweb.glasgow-ky.com.
Escape character is '^]'.
OpenBSD/mac68k (spanweb.glasgow-ky.com) (ttyp0)
Hack this! Microsoft and its critics dispute software-security issues, but users make the final call, Infoworld, Sept. 27, 1999
Microsoft: Bad security, or bad press?, CNN, Sept. 28, 1999
A scathing look at the Microsoft "Insecure by Default" scheme quotes the
CDC as saying that "The most secure platform 'out of the box' is OpenBSD,
because security is a focus on the project". Contrast the Microsoft scheme
with ours.
Open source has roots in the Net, USA Today, Sept. 20, 1999
Nice high profile mention of OpenBSD by Will Rodger:
"Yet backers say the speed and transparency with which open source
programmers compete to discover and then fix problems separates their
operations from traditional software shops. OpenBSD -- still another
open source operating system -- is often called the most secure
operating system in the world."
Even better than Linux, Boston Globe, Sept 16, 1999
Technology writer Simson L. Garfinkel confesses he prefers the BSDs better
than Linux and explains why. He writes a nice paragraph or two about OpenBSD
and its security and cryptography goals. However, reading this, you'd think
all the developers were Canadian (hint: they're not). The article has moved
to the archives, free registration required.
Microsoft,
Linux to become duopoly?, ComputerWorld Australia, Sept 8, 1999.
Reporter Natasha David interviews lead developer Theo de Raadt, who notes that cross-UNIX
compatibility is losing ground in the rush for Linux applications. de Raadt
was a keynote speaker at the Australian Unix User Group (AUUG) meeting in
Melbourne.
GNU
launches free encryption tool, IDG News Service, September 08, 1999
GNU Privacy Guard runs fine on OpenBSD.
Maintaining
Patch Levels with Open Source BSDs, SysAdmin feature article, Sept. 1999
Michael Lucas explains the broad lines of the BSD development model and
how to keep *BSD systems up-to-date with CVS. The author takes most of the
examples from FreeBSD, but he takes the time to explain differences
between the three systems. (Most of this is technology was originally
invented by the earliest OpenBSD developers, as described in a
paper presented at Usenix).
My own private IRP, open source IT tutorial, Sept. 1999
Sean Sosik-Hamor descibes how he built up his own Internet resource provider
(IRP) and web hosting business out of available hardware and freenix
software. He chose OpenBSD exclusively for his DMZ and describes the FTP
installation.
India-based
Web site offers raft of free OSes,
ComputerWorld Australia, September 1999
OpenBSD is one of many free OSes offered at FreeOS,
an India-based alternative OS news and portal site.
August, 1999
A Secure and Open Society,
ComputerWorld Canada, Aug 27, 1999
The article starts off as a personal story about lead developer Theo de Raadt,
but if you read carefully, it does explain a lot about the origins and goals
of OpenBSD.
1999's Technically Excellent Canadians,
COMPUTERMAGS.COM, Aug 10, 1999
"CCW is very pleased to name our five Technically Excellent Canadians,
who are significantly impacting on technology both at home and
abroad. Thanks to our readers for your involvement and nominations."
The publisher of Canadian Computer Wholesaler (August 1999) and
The Computer Paper (September 1999) presented this award
to Theo de Raadt for his part in OpenBSD (the sub-article is half
way down the page).
July, 1999
The Net's stealth operating system, MSNBC, July 22, 1999
"The OpenBSD group, which did a line-by-line security audit of BSD
code, and now has what is widely regarded as the most secure OS
available."
June, 1999
IPsec Tech Tutorial,
Data Communications, June 1999
"IPsec may be an open standard, but that's no guarantee that different
vendors' gear will work together. To assess interoperability, we put an even
dozen products through their paces." OpenBSD 2.4 and commercial IPsec
implementations were tested by an independent lab for interoperability
and ease in setting up tunneling gateways.
A
glimpse at the USENIX Technical Conference, SunWorld, June 1999
In a review of this year's event subtitled "USENIX
and Unix -- then and now", writer Vicki Brown contrasts the first
conference in 1979 to the recent one in Montery, California. Although it
only mentions OpenBSD in the links section below the article, it's still
an interesting read.
May, 1999
Operating system designed to foil hackers,
National Post, May 25, 1999
The Post's technology reporter David Akin interviews Theo de Raadt for
in a story that ran on the front page of the business section.
OS Also-Rans: After Windows 98, Mac OS and Linux, what's left for your
Macintosh or Intel PC? Lots, St.Paul-Minneapolis Pioneer-Planet, May 17 1999
Despite the terrible title, staff writer Julio Ojeda-Zapata gives fair
treatment to the alternatives.
In Search of OpenBSD, DaemonNews, May 1999
Ejovi Nuwere in Japan: three days, three locations, one operating system.
Safe and friendly
read-only chroot jails for FTP and WWW, DaemonNews, May 1999
"Ruffy" explains how to set up safe and friendly read-only FTP and WWW services
with OpenBSD's ftpd as an example.
March, 1999
Why to BSD in a Linux world, March, 1999
Description of the OpenBSD development process, and arguments as to why
Linux probably cannot achieve the same level of security audit.
Alternative
OSes face a Sisyphean struggle to get into the PC mainstream, Infoworld, March 8, 1999
Guest columnist Brett Arquette points out that Linux isn't the only alternative
PC OS out there, then describes why hardware drivers and end user support is
crucial to popularising an OS. He mentions OpenBSD and adds a link to this
site.
February, 1999
NFR Performance Testing, report written by
Anzen. February, 1999
This report compares the network monitoring performance of the
NFR (Network Flight Recorder) package at
handling flat-out 100Mbit ethernet monitoring, running on OpenBSD, BSDI,
Linux, and Solaris. OpenBSD comes out as a clear winner just for raw
performance; even before you consider the superior security of OpenBSD
which you probably would want for a network-monitoring station.
DaemonNews: Serving NT filesystems from an OpenBSD server
February, 1999
A system administrator debunks the myth that you must use NT as a file server
when you run Windows clients. Squeezing performance out of vintage hardware and
adding in some scripts to automate the setup of new projects won management
over to OpenBSD.
Security Watch, end of year Golden Guardian awards.
February, 1999
"Finally, we'd be remiss in ignoring OpenBSD in any discussion of top
open-source security products. It registered high in our e-mail
survey, and we promise to take a more active look at it in future
columns."
January, 1999
Open-Source
Software: Power to the People, Data Communications, January 4, 1999
Columnist Lee Bruno marvels that free software is serving alongside name-brand
software. Page three mentions OpenBSD in the roundup.
The
return of BSD, SunWorld, January 1999
BSD veteran Greg Lehey notes the strong loyalty of SunOS 4 users and surveys the
BSD-derived OSes available on SPARC and PC hardware. The article also comes with
a long list of useful links (some are stale).
November, 1998
OpenBSD and IPSec, leading the pack, November, 1998
A two-part article by Ejovi Nuwere focusing on OpenBSD's IPSec Development.
Part one is an introduction to OpenBSD's Photurisd and its current
Implementation, including a brief interview with
Photurisd creator Neils Provos.
August, 1998
Beyond HOPE coverage, Wired Magazine, Aug 11, 1997
Completely bogus (but quite amusing) description of what
OpenBSD is.
July, 1998
Security Watch: Monthly Editorial.
July, 1998
Points at our security page
calling it "OpenBSD's mantra".
Wired Magazine, June 1998, page 96 (paper edition only)
A half-page description of what OpenBSD is, with a strange picture
of project founder Theo de Raadt (Wired loves Photoshop).
June, 1998
WebServer Online, reprinted in
Server/Workstation Expert (formerly
SunExpert Magazine), June 1998, page 81
A glowing four-page description of OpenBSD emphasizing its use
as a server and an OS that ships with security in the box
(the SunExpert version is in PDF but includes their own
graphic - a cross between Superman™ and the BSD Daemon, which
the WebServer version in HTML does not).
May, 1998
Usenix coverage, Wired Magazine, May 1, 1998
Mention of OpenBSD with regards to our involvement in the
Freenix track held at Usenix in New Orleans.
Swedish press coverage (in Swedish)
June, 2000
Säkerhet & Sekretess, No 4, 2000
This article reports in a positive tone on OpenBSD's latest security feature,
hardware-supported cryptography.
May, 2000
Computer Sweden, May 2, 2000
An article describing *BSD as the choice of the "very demanding".
OpenBSD is noted for its focus on security and cryptography.
November, 1998
Datateknik, Nov 20, 1998
An article on the swedish IPSec interop event
mentions OpenBSD as one of the successful participants, and has a
mini-interview with OpenBSD developer Niklas Hallqvist.
Datateknik, Nov 13, 1998 and
Datateknik, Nov 14, 1998
Two published letters talking about OpenBSD's role in MacOS X. The first
one has some misconceptions which are corrected by the second which
explains the licensing issues and points to our
copyright policy page.
Japan press coverage (in Japanese)
September, 1999
BSD Magazine,
Sept. 28, 1999
ASCII Corporation is launching a Japanese language magazine that covers the
freenix BSDs, BSD/OS and related subjects. The magazine will also be
translating and reprinting articles from
Daemon News, the BSD ezine.
Germany press coverage (in German)
September, 2000
Das BSD-Ports-Verzeichnis, FreeX Magazin, 4.Quartal 2000
Jörg Braun surveys the Ports system that gives
users easy access to hundreds of net freeware applications. The author covers
the various make options and targets, and also notes OpenBSD's
"fake" installation used to create easily distributable binary
packages as an automatic by-product of building a port.
February, 2000
Open Source Software in der Bundesverwaltung, Bundesministerium des Innern,
Februar 2000
A paper on open source software in the German federal government,
published by the Federal Ministry of the Interior. The paper, which
gave reference to OpenBSD among many other OSes and applications, was
posted then retracted on "orders from above" in the ministry.
Giving way to
the pressure and protests of the open source movement the ministry
rerelased the document after cutting out some numbers.
(the Microsoft Licence fees, btw.!)
December, 1999
OpenBSD 2.6 ist da, heise online newsticker, December 2, 1999
Brief summary of the OpenBSD 2.6 press release.
Russian press coverage (in Russian)
January, 2000
Byte Magazine, Russia,
January 2000 issue
Interview with Theo de Raadt about history and feature of OpenBSD project.
July, 1999
Byte Magazine, Russia,
July/August 1999 issue.
A review of OpenBSD 2.5 and OpenBSD project goals.
Poland press coverage (in Polish)
OpenBSD and Linux, LinuxNews
Radio, August 2, 2000
Bartek Rozkrut (aka Madey), made a guest appearance on LinuxRadio, speaking
about differences betwen OpenBSD and Linux. During the show, listeners were
able to comment and ask questions on IRCNET's #linuxnews channel. The main
criticism was that OpenBSD doesn't support SMP and isn't available for the
IA-64 platform. LinuxNEWS is the biggest polish Linux news service, covering
the entire Linux scene in Poland.
Here's the MP3.
OpenBSD - ma same zalety?,
OpenBSD - Nothing but advantages?, LinuxNews Serwis Informacyjny,
January 2000
Bartek Rozkrut combines an overview of OpenBSD with a review of how to
download and install the system. He mentions Theo de Raadt's "craze"
about security and how he frustrates Linux advocates on Bugtraq with
mails like "the problem was fixed a year ago in OpenBSD".
The author spends some time explaining the disklabel partitioning scheme and
reassuring would-be users that the no-frills installation script actually
works even though it doesn't have a fancy point & click interface. He even
gives typical download times from the various national ISPs.
Thanks to Vadim Vygonets, Wojciech Scigala and Tenyen for their help
with the translation. For the full text, see the
advocacy@openbsd.org
mail archives. Interpretation errors are mine --louis
www@openbsd.org
$OpenBSD: press.html,v 1.166 2000/12/07 02:19:07 louis Exp $