Robbert Haarman wrote: [snip]
> As it stands, OpenBSD is the only operating system I am aware of that > has had the full base system completely audited and has buffer overrun > and other protections enabled for all software on it. This, by itself, > makes it more secure than other systems, regardless of what users do > with it. Even in the worst case, where users actively degrade the > security of the system, I would imagine OpenBSD's security would at > least not be _worse_ than that of another system. Somehow I don't think that really fits OpenBSD's objectives. The full base system has been audited. The full base system plus something stuck on has NOT been audited. Security is one of those thingees where it's not what you did right that matters. It's any and everything you did wrong that matters. I am not an OpenBSD fanboy. I am typing this on an XP laptop at home via some vintage of VNC redirected via rinetd to a very old laptop running 98 sitting on my desk at work. Secure? Hardly. I lurk on this list because it is entirely possible that i find myself in a situation where security actually matters. In that case, knowing what and why and digging through everything will be essential. If security matters, just running on OpenBSD will hardly be enough. Security requires getting all the edges right. And so they stay right.
