15 March 2007

OpenBSD and the myths

"OpenBSD is known for its security policies, and for its boast of "only one remote exploit in over 10 years". Well, make that two, because Core Security has found a remotely exploitable buffer overflow in the OpenBSD kernel. Upgrade your firewalls as soon as possible." 

Source: Slashdot and Core Security

"Only two remote holes in 10 years" becomes a parody.. Everyone knows that the default install have another bugs that OpenBSD people doesn't want assume, but whatever. I don't care about it, since I prefer a professional solution than a joke called *bsd.


  1. John Dykstra15.3.07

    Professional solutions like what, Cisco? It's got a worse security track record. Redhat Enterprise Linux? It's got a worse security track record than Cisco.

  2. "only 2 remote holes in the default install in over 10 years" is a little deceptive. They only enable sshd by default. By that metric, DOS is the most secure operating system ever. (DOS doesn't have a TCP/IP installed by default, so there are no remotely exploitable holes in the default install).

  3. John, I said professional solutions not by bugs or problems. Redhat is a big load of shit, I really know that, I said "professional solutions" when the maintainers look and accept bugs and fix faster as he can do. In other hand, if you read the mailing lists of openbsd, there's a ego-war inside.

  4. Well... since gentoo comes with nothing preactivated... not even a mta, its default installation is more secure than openbsd.

    I like OpenBSD. But I don't like their attitude towards this matter and even more their troll behavior.