Re: [osol-discuss] meaningful statements about OpenBSD and security [was: OpenSolaris Releases?]

Wed, 03 Feb 2010 14:57:59 -0800

Seems Whit Diffie's recent statement seems to contradict your view explicitly enough. From a recent MIT interview http://www.technologyreview.com/computing/23951/page2/ :
TR: If a full cryptographic solution is far-off, what would a near- term solution look like? WD: A practical solution will have several properties. It will require an overall improvement in computer security. Much of this would result from care on the part of cloud computing providers--choosing more secure operating systems such as Open BSD and Solaris--and keeping those systems carefully configured. A security-conscious computing services provider would provision each user with its own processors, caches, and memory at any given moment and would clean house between users, reloading the operating system and zeroing all memory. 


If OpenBSD's just a firewall, how does it make his short list of  
secure systems for cloud hosting? Can you find a plausible parsing  
that could be consistent with your view? Provide evidence for why  
Diffie might wrong? I don't imagine from your assertions that your  
opinion is richly informed such that you can account for such  
contradictory indications as:


http://www.openbsd.org/ports.html
http://www.openbsd.org/porting.html
http://www.openbsd.org/crypto.html
http://www.openbsd.org/faq/faq1.html
http://www.openbsd.org/papers/ven05-deraadt/index.html
http://www.gratisoft.us/todd/papers/strlcpy.html


For that matter: how does OpenBSD leave you any less "on your own" in  
installing anything more on the box than the core build if you were  
running the same app, whether by source or binary distribution, on an  
OS with security extensions and certified to Common Criteria? Who's  
selling "secure" products with strict and extensive liability  
guarantees assigned to the vendor for code quality, let alone  
including apps that don't come in the shrink wrap?


Am 3 Feb 2010 um 19:52 schrieb R. Eenigne:


It's really just a firewall.  Once you install other pkgs then  
you're on your own.

--
This message posted from opensolaris.org
_______________________________________________
opensolaris-discuss mailing list
[email protected]



_______________________________________________
opensolaris-discuss mailing list
[email protected]






















					Reply via email to