On Wed, 4 Nov 2009 at 1:46 PM, Aaron Mason <simplersolut...@gmail.com> wrote: >On Wed, Nov 4, 2009 at 1:04 PM, Gonzalo Lionel Rodriguez ><gonz...@sepp0.com.ar> wrote: >> 2009/11/3 Claire beuserie <claire.beuse...@gmail.com>: >>> Hi, >>> >>> On Wed, Nov 4, 2009 at 12:58 AM, Theo de Raadt >> <dera...@cvs.openbsd.org>wrote: >>> >>>> 2) At least three of our developers were aware of this exploitation >>>> method going back perhaps two years before than the commit, but we >>>> gnashed our teeth a lot to try to find other solutions. Clever >>>> cpu architectures don't have this issue because the virtual address >>>> spaces are seperate, so i386/amd64 are the ones with the big impact. >>>> We did think long and hard about tlb bashing page 0 everytime we >>>> switch into the kernel, but it still does not look attractive from >>>> a performance standpoint. >>>> >>> >>> I'm confused. >>> >>> That came out a bit weird: are you saying you knew about the bug for 2 >> years >>> but did not fix it? >>> >>> >>> c.b- >>> >>> >> >> Linux way. >> >> > >What a knob. It makes me sad to say I used his crap now if he has >that much contempt for those who value security before practicality. > >It's good to see Theo et al stick to their guns on this issue. I'd >rather have a machine that is secure than one that can run Windows >binaries. > >Wine is a good idea, but it's stifling an even better idea - making >applications compatible across multiple OSes, something that hasn't >needed to be done in the M$ world because of the stranglehold they >had/have over the consumer market. > >Let's put this into perspective: Linux would absolutely jump in >popularity if Valve ported Steam and the Source engine to it, meaning >games like the Half Life series, Left 4 Dead and Team Fortress 2 could >run natively - not to mention that it would prompt other games that >sell their wares through the Steam CDS to port their games as well - >but since most of the games run just fine in Wine these days, there's >no incentive. > >Linus is shooting himself in the foot and he has no idea. Linux tries >to be everything to everyone, and by doing it the way is does, it >greatly limits its potential. > >OpenBSD does one thing and does it well - being secure. That's all >there is to it.
I think that sells OpenBSD unintentionally short. Yes, the attention to security is of enormous value, but the care and intelligence that characterizes the whole effort results in a system that is extremely stable, very easy to administer, and very well documented. It is the only system I know of, and I've tried almost all of them, that pays attention to the things that really matter. The result is an environment where you do your work, rather than fighting with your tools. I replaced Linux on three laptops and a workstation with OpenBSD (after a quick divorce from FreeBSD -- too many bugs) that I use for general computing tasks including a lot of software development and database work, and you couldn't pay me to go back. I realize that I'm preaching to the choir -- you know all this. But I think it's a mistake for (especially) the OpenBSD community to speak of OpenBSD as just about security, when it's so much more than that. /Don Allen > >-- >Aaron Mason - Programmer, open source addict >- Oh, why does everything I whip leave me?
