On Fri, 22 Jan 2010 10:56 +0800, "Zamri Besar" <zam4e...@gmail.com> wrote: > The insecurity of OpenBSD > http://allthatiswrong.wordpress.com/2010/01/20/the-insecurity-of-openbsd/
I know, I know.... a troll, but I'll bite. This is laughable because of his examples and lack of actual good ones. OpenVMS is only mentioned in a footnote. And no mention of arguably the most secure OS on the market, OS400. Yes, I am a UNIX and an OpenBSD fan, but if you are going to criticize OBSD at least use real arguments. That RBAC and other garbage is just talk. Can it increase security? Yes, when used properly, but it rarely is. If you want proof of that statement just look at Windows. He downplays Windows in the article, but I am familiar with NT. NT *has* the full suite of security measures that he talks about as being essential. Role based access controls, the works, but just look at its track record. Its track record on security is abysmal so so much for that theory. It's just talk. He begins to talk about that to design a truly secure OS one must design it from the beginning with security in mind, but then he stops there. This demonstrates a fundamental lack of understanding of how a *true* secure OS is designed. Designing the OS with security in mind is just the beginning. You must also develop the *hardware* architecture in concert with the OS to develop a truly secure OS. This is why *any* OS on the i386 platform is *ucked before it begins. The risks can only be mitigated and OpenBSD does as good a job as is probably possible.