Re: Why I abandoned OpenBSD, and why you should too...
Lionel Hutchence [lionel.hutche...@gmail.com] wrote: > Dear "Thomas," > > Plagiarise much lately? > > http://www.trollaxor.com/2013/07/why-i-abandoned-openbsd-and-why-you.html > Stop giving Grant so much attention. He's too busy wishing that OpenBSD, FreeBSD, NetBSD and Dragonfly would merge into one project.
Re: Why I abandoned OpenBSD, and why you should too...
Dear "Thomas," Plagiarise much lately? http://www.trollaxor.com/2013/07/why-i-abandoned-openbsd-and-why-you.html -Lionel On Thu, Jul 4, 2013 at 11:56 PM, Thomas Jennings wrote: > > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. > > I'm sure we've all heard of PRISM by now, the user-friendly name of > the United States Federal Government's massive civilian and resident > spying program otherwise known as US-984XN. PRISM is certainly bad > enough of its own accord, but it's how PRISM works, and the pattern of > behavior found in OpenBSD development, that was the tipping point for > my use of OpenBSD. > > And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. > After being fired from the NetBSD team, Theo forked the code and > started OpenBSD. He's been pretty much solely responsible for > development of OpenBSD over the years, taking volunteer code as he > sees fit. He also has final say over security audits in the operating > system, something that turns out to be very important. > > I was prepping to migrate the whole of our shop, a regional ISP in the > United States of America, to OpenBSD 5.3 when the news broke: CBS News > reporter Sharyl Attkisson claimed, during a live radio interview, that > she had been dealing with suspicious computer and phone issues. Check > out this snippet from the full transcript of the interview. One line > in particular trashed my plans for the OpenBSD upgrade: > > > Well, I have been, as I said, pursuing an issue for a long time now — much > > longer > > than you’ve been hearing about this in the news — with some compromising of > > my > > computer systems in my house — my personal computer systems as well as my > > work computer systems. I thought they were immune to being compromised — > > because they all ran OpenBSD — but I guess I was wrong. So, we’re digging > > into > > that and just not ready to say much more right now, but I am concerned. > > Since that interview in May, I've watched story after story of direct > server access, PRISM, and NSA spying and connected some dots. For > example, consider the accusations that the FBI had been accused of > planting backdoors in OpenBSD's IPSEC in December of 2012, and that > the accusations later proved true. The two scandals broke 18 only > months apart. > > Consider that PRISM allows the United States Federal Government to > directly access the servers of virtually any company doing online > business, including tech giants like Apple, Facebook, Google, and > Microsoft. But those same tech giants deny complicity. I'm sure we all > agree that personal privacy is beyond the scope of private enterprise, > but let's assume their denials are true. Then connect more dots: > > OpenBSD has shipped on over half of all network devices, including > things like routers, switches, gateways, and servers, for the last six > years. The current estimated number of OpenBSD installations sits at > over 350 million devices, comprising an almost ubiquitous presence of > OpenBSD in networks worldwide. > > EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT > DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME > ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. > > There it is. Let it sink in. Words like Gestapo and Stasi and KGB come > to mind. OpenBSD is part and parcel to the United States Federal > Government's program to spy on its own citizens through bodies like > the NSA and FBI and has been since the FBI paid for backdoors in IPSEC > about a dozen years ago. > > Yesterday, I told the company that we must migrate all our services > from OpenBSD to something else because the risk to our customers' > privacy and security is simply unacceptable. Theo de Raadt may seem > like some kind of guard dog of security, but he's really just a little > bitch bought and sold by the United State Federal Government. > > The kicker is that Theo denies anything suggesting that OpenBSD is > less than perfect at security, as if he's personally offended by the > mere suggestion. He routinely attacks developers and enthusiasts for > simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE > YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE > HISTORY OF THE WORLD?! > > Today, be a true patriot to the ideals of personal privacy and public > liberty: prevent and reject any and all use of OpenBSD. > > Happy 4th of July.
Re: Why I abandoned OpenBSD, and why you should too...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Surely, it's obvious to everyone. It's a TROLL, so get over it and carry on with the magnificence that OpenBSD provides. If had any validity, a professional approach what have been exhibited. So, when experiencing unworthy garbage, treat it as such. Good Day, On 07/07/2013 01:55 PM, William Cummings wrote: > Troll or OpenBSD security expert... Flip a coin! > > On Jul 5, 2013, at 12:28 AM, Tito Mari Francis Escaño wrote: > >> I was initially thinking this is a troll, but with these quotes: >> >> "...was prepping to migrate the whole of our shop, a regional ISP in the >> United States of America, to OpenBSD 5.3..." >> >> Pray tell what regional ISP you speak of here to earn their deserved >> praise or ridicule for avoiding the OpenBSD deployment. >> >> "OpenBSD has shipped on over half of all network devices, including >> things like routers, switches, gateways, and servers, for the last six >> years. The current estimated number of OpenBSD installations sits at >> over 350 million devices, comprising an almost ubiquitous presence of >> OpenBSD in networks worldwide" >> >> I wondered if Theo or the OpenBSD Foundation has budget to pay for >> publicity, good or bad, just for the kicks. > - -- Salim A. Shaw System Administrator OpenBSD & CentOS / Free Software Advocate Need stability and security -- Try OpenBSD. BSD,ISC license all the way: Sell services, don't lease secrets Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJR2bwvAAoJELO0Z/gjFO4kl1AH/3Vbb5Ct+IPl2XPYhQLeifu6 4WWtTtMvl7gDrwmf98Z7U975o/55MCOYUVSHXovDXFYAlGOaEvhpmDeOXfnTBGwR RNlCerMYd1lfIrU/UsUuLHXPHs+OTWmOZ+1VXHLBJghVz8EC99nAqTeN4MEh/luQ Wqy8D33wN4qvdqBITJkAH7cInhDNPaOA2OrH6vWVAC4LpXcpsWZTYDHBT7nK0yD/ QQmKRToJHMR7BxdjhD5/hWl6A+ZVrtEujNWpsu4zPCPIhTjFuVEC8QBpX/wuvqoH pvCNyJJE0LLhrggsk1Wm/6ML6P2Bb8f1bx2Ihfufn4JUWzNscbrAsGP2ThfflEU= =obKY -END PGP SIGNATURE-
Re: Why I abandoned OpenBSD, and why you should too...
Troll or OpenBSD security expert... Flip a coin! On Jul 5, 2013, at 12:28 AM, Tito Mari Francis Escaño wrote: > I was initially thinking this is a troll, but with these quotes: > > "...was prepping to migrate the whole of our shop, a regional ISP in the > United States of America, to OpenBSD 5.3..." > > Pray tell what regional ISP you speak of here to earn their deserved > praise or ridicule for avoiding the OpenBSD deployment. > > "OpenBSD has shipped on over half of all network devices, including > things like routers, switches, gateways, and servers, for the last six > years. The current estimated number of OpenBSD installations sits at > over 350 million devices, comprising an almost ubiquitous presence of > OpenBSD in networks worldwide" > > I wondered if Theo or the OpenBSD Foundation has budget to pay for > publicity, good or bad, just for the kicks.
Re: Why I abandoned OpenBSD, and why you should too...
Thomas Jennings [thomas.jennings...@gmail.com] wrote: > Dear OpenBSD developers and users: > > Happy 4th of July. Thomas, I don't understand why you make such a breach of OpenBSD list etiquette. We all know these posts belong on tech@, not misc@ Please behave yourself better next time.
Re: Why I abandoned OpenBSD, and why you should too...
On 07/05/13 09:04, eric oyen wrote: Sighted assistance. It simply means that I am blind (as in I wear prosthetic eyes and can't see a thing). I can use most of my equipment here with either some screen reader access or braille. Unfortunately, that can't be said for installation and first time configuration of OpenBSD (the man AfterBoot process). Only after SSH is enabled can I do anything with the machine. It certainly would be a lot better if OpenBSD supported a general CLI screen reader right from boot up. I do know that enough of the hardware gets detected to at least support this. Unfortunately, I am not a coder, so I can't really try this without some help. Running a compiler script (configure, make and make install) are easy enough from a CLI SSH session, but unless I can run a package immediately after the OS has completely booted and given me a login prompt, I am literally operating in the blind zone. Letting the installer redirect the console to com0 does not cut it? What hardware are we talking about? /Alexander This is what I mean by sighted assistance. So right now, if I can't do it myself, whats the point? -eric On Jul 4, 2013, at 10:09 PM,openda...@hushmail.com wrote: >On 5. juli 2013 at 4:59 AM, "eric oyen" wrote: >> >>My only problem (and it seems none of the devs really understand this) >>is that I must have sighted assistance to install and initially configure the OS. > >What do you mean sighted assistance? > >O.D.
Re: Why I abandoned OpenBSD, and why you should too...
Sent from a gmail address, just to season this with a little irony.
Re: Why I abandoned OpenBSD, and why you should too...
http://cm.bell-labs.com/who/ken/trust.html
Re: Why I abandoned OpenBSD, and why you should too...
NSA would be foolish to go through all the effort it takes to place a back door into OpenBSD. I find it funny how people focus on potential back doors in software and completely ignore that all this software is executed on micro processors that are made by a select handful of US companies. We also have no idea what's really going on in peripheral components of our computers or in networking hardware. Use OpenBSD if you want to keep out the common criminal but don't fool yourself that you can outwit three letter agencies with your laptops.
Re: Why I abandoned OpenBSD, and why you should too...
On 7/4/2013 10:56 PM, Thomas Jennings wrote: Regretfully, I have decided to abandon OpenBSD and thought I would share my reasoning with this list. I thought the 4th of July was a good date to do so since my reasons address national security implications. As a group of people who take development, security, and privacy seriously, I know you will want to know why I made the drastic decision to abandon OpenBSD and never look back. You are free to use or not use whatever software you wish. I won't try to change your mind. However I would need more evidence than you have put forth here to get me to make changes to the machines I have here. And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. After being fired from the NetBSD team, Theo forked the code and started OpenBSD. He's been pretty much solely responsible for development of OpenBSD over the years, taking volunteer code as he sees fit. He also has final say over security audits in the operating system, something that turns out to be very important. I have known several of the developers over the years, including Theo. He can be blunt at times, which is fine from my point of view. I know he left NetBSD because of differences of opinion on how certain parts of the system should proceed. He forked the code and started OpenBSD, as you stated. He has never, to my knowledge, told anyone that they HAD to use OpenBSD. If people don't like the way he does things, they are free to go elsewhere. He has never tried to make any other way to my knowledge. I was prepping to migrate the whole of our shop, a regional ISP in the United States of America, to OpenBSD 5.3 when the news broke: CBS News reporter Sharyl Attkisson claimed, during a live radio interview, that she had been dealing with suspicious computer and phone issues. Check out this snippet from the full transcript of the interview. One line in particular trashed my plans for the OpenBSD upgrade: Well, I have been, as I said, pursuing an issue for a long time now — much longer than you’ve been hearing about this in the news — with some compromising of my computer systems in my house — my personal computer systems as well as my work computer systems. I thought they were immune to being compromised — because they all ran OpenBSD — but I guess I was wrong. So, we’re digging into that and just not ready to say much more right now, but I am concerned. Without knowing exactly what Ms. Attkisson is running on those machines, I wouldn't venture to try to explain in any detail why the issues are occurring. It has, to my knowledge, always been the stated position of the development team that they only audit the base software. They do not guarantee that they have audited the software in ports or packages. Since it has been my experience that few people run a system with nothing from ports or packages, it seems at least possible that any security hole may come from that source. I consider it unfair to blame either the project or people within it for problems with software that they did not write themselves. EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. There it is. Let it sink in. Words like Gestapo and Stasi and KGB come to mind. OpenBSD is part and parcel to the United States Federal Government's program to spy on its own citizens through bodies like the NSA and FBI and has been since the FBI paid for backdoors in IPSEC about a dozen years ago. I would need more evidence than one persons statement of their existence, before I would believe such a statement. I believe that the project is located outside the U.S. to avoid having to provide exactly what you are claiming to exist. I also believe that certain contracts were not renewed between members of the development team and certain U.S. governmental agencies for the same reason. The kicker is that Theo denies anything suggesting that OpenBSD is less than perfect at security, as if he's personally offended by the mere suggestion. He routinely attacks developers and enthusiasts for simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE HISTORY OF THE WORLD?! What I have seen is Theo denying a suggestion without be given proof that a problem in fact exists. As one person who has been on the receiving end of a few caustic replies from Theo, I can understand why he gets that way with people who do not even make an attempt to look for an answer in the documentation. In each instance, I would say that it was justified - since I either hadn't looked far enough into the documentation or into pieces of code where the documentation did not completely answer the question. I also maintain that in my cases, it was justified to be a little unpleasant because I could find or figure
Re: Why I abandoned OpenBSD, and why you should too...
OH MY - did not know it was TROLL hunting season... SO Like I heard a rumor that FaceBook is going to release an open source operating system because we all know how secure from NSA it will be... LMAO feed the trolls. On 7/5/2013 12:14 AM, Ryan R wrote: Dear OpenBSD developers and users: > >Regretfully, I have decided to abandon OpenBSD and thought I would
Re: Why I abandoned OpenBSD, and why you should too...
"...to OpenBSD 5.3 when the news broke: CBS News reporter Sharyl Attkisson claimed, during a live radio interview, that she had been dealing with suspicious computer and phone issues..." http://www.youtube.com/watch?v=7vNOBBB5FgY&t=51s On Fri, Jul 5, 2013 at 6:56 AM, Thomas Jennings < thomas.jennings...@gmail.com> wrote: > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. > > I'm sure we've all heard of PRISM by now, the user-friendly name of > the United States Federal Government's massive civilian and resident > spying program otherwise known as US-984XN. PRISM is certainly bad > enough of its own accord, but it's how PRISM works, and the pattern of > behavior found in OpenBSD development, that was the tipping point for > my use of OpenBSD. > > And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. > After being fired from the NetBSD team, Theo forked the code and > started OpenBSD. He's been pretty much solely responsible for > development of OpenBSD over the years, taking volunteer code as he > sees fit. He also has final say over security audits in the operating > system, something that turns out to be very important. > > I was prepping to migrate the whole of our shop, a regional ISP in the > United States of America, to OpenBSD 5.3 when the news broke: CBS News > reporter Sharyl Attkisson claimed, during a live radio interview, that > she had been dealing with suspicious computer and phone issues. Check > out this snippet from the full transcript of the interview. One line > in particular trashed my plans for the OpenBSD upgrade: > > > Well, I have been, as I said, pursuing an issue for a long time now > much longer > > than youve been hearing about this in the news with some compromising > of my > > computer systems in my house my personal computer systems as well as my > > work computer systems. I thought they were immune to being compromised > > because they all ran OpenBSD but I guess I was wrong. So, were > digging into > > that and just not ready to say much more right now, but I am concerned. > > Since that interview in May, I've watched story after story of direct > server access, PRISM, and NSA spying and connected some dots. For > example, consider the accusations that the FBI had been accused of > planting backdoors in OpenBSD's IPSEC in December of 2012, and that > the accusations later proved true. The two scandals broke 18 only > months apart. > > Consider that PRISM allows the United States Federal Government to > directly access the servers of virtually any company doing online > business, including tech giants like Apple, Facebook, Google, and > Microsoft. But those same tech giants deny complicity. I'm sure we all > agree that personal privacy is beyond the scope of private enterprise, > but let's assume their denials are true. Then connect more dots: > > OpenBSD has shipped on over half of all network devices, including > things like routers, switches, gateways, and servers, for the last six > years. The current estimated number of OpenBSD installations sits at > over 350 million devices, comprising an almost ubiquitous presence of > OpenBSD in networks worldwide. > > EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT > DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME > ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. > > There it is. Let it sink in. Words like Gestapo and Stasi and KGB come > to mind. OpenBSD is part and parcel to the United States Federal > Government's program to spy on its own citizens through bodies like > the NSA and FBI and has been since the FBI paid for backdoors in IPSEC > about a dozen years ago. > > Yesterday, I told the company that we must migrate all our services > from OpenBSD to something else because the risk to our customers' > privacy and security is simply unacceptable. Theo de Raadt may seem > like some kind of guard dog of security, but he's really just a little > bitch bought and sold by the United State Federal Government. > > The kicker is that Theo denies anything suggesting that OpenBSD is > less than perfect at security, as if he's personally offended by the > mere suggestion. He routinely attacks developers and enthusiasts for > simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE > YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE > HISTORY OF THE WORLD?! > > Today, be a true patriot to the ideals of personal privacy and public > liberty: prevent and reject any and all use of OpenBSD. > > Happy 4th of July
Re: Why I abandoned OpenBSD, and why you should too...
Totally agree with Marko the same for me but i do make a mistake and the BAND a lot answers even theo answered to kick my ass! by the way dont u have some uvm_alloc situation on your server? > Date: Fri, 5 Jul 2013 09:05:11 +0200 > From: marko.cu...@mimar.rs > To: misc@openbsd.org > Subject: Re: Why I abandoned OpenBSD, and why you should too... > > I find it sad that it is now third day that noone responded to my > call for help with system hang, at least something like "ask on bugs > list", while threads like this get 15 responses in a matter of hours :(
Re: Why I abandoned OpenBSD, and why you should too...
On Fri, Jul 05, 2013 at 09:58:50AM +0100, Dmitrij Czarkoff wrote: > On Fri, Jul 5, 2013 at 4:56 AM, Thomas Jennings > wrote: > > CBS News reporter Sharyl Attkisson claimed, during a live radio > > interview, that she had been dealing with suspicious computer and phone > > issues. Check out this snippet from the full transcript of the interview. > > One line in particular trashed my plans for the OpenBSD upgrade: > > > >> Well, I have been, as I said, pursuing an issue for a long time now ??? > >> much longer > >> than you???ve been hearing about this in the news ??? with some > >> compromising of my > >> computer systems in my house ??? my personal computer systems as well as my > >> work computer systems. I thought they were immune to being compromised ??? > >> because they all ran OpenBSD ??? but I guess I was wrong. So, we???re > >> digging into > >> that and just not ready to say much more right now, but I am concerned. > > FWIW the original quote can be fund here[0]. I expected to see some > other product name replaced with "OpenBSD" by the troll, but it turned > out that the whole sentence is missing from original interview. > > [0] > http://www.washingtonpost.com/blogs/erik-wemple/wp/2013/05/29/sharyl-attkisson-and-her-compromised-computers/ > seriously, who fucking cares. let this thread die -- Gilles Chehade https://www.poolp.org @poolpOrg
Re: Why I abandoned OpenBSD, and why you should too...
Hi James, James Griffin wrote: Thu 4.Jul'13 at 23:56:50 -0400, Thomas Jennings Dear OpenBSD developers and users: Regretfully, I have decided to abandon OpenBSD and thought I would share my reasoning with this list. I thought the 4th of July was a good date to do so since my reasons address national security implications. As a group of people who take development, security, and privacy seriously, I know you will want to know why I made the drastic decision to abandon OpenBSD and never look back. [ ... ] Then you'd also better stop using mobile phones, landlines, using search engines, email ... come to think of it, any form of electronic comminucation, and go back to living in the woods or in a cave and clubbing your wife with large peices of wood if you're so concerned about the security services. Right, more or less. Even acknowledging the mail as a troll, I had a couple of thoughts. There may be hidden doors inside RSA and derived algorithms and protocols we don't know. So I cannot exclude implicit backdoors inside OpenBSD (not explicit in the code, those would have been caught by the open source). But if you worry about that, and I think it is legitimate, what else? Our cousings FreeBSD and NetBSD use the same public libraries. As does Linux. Solaris, AIX and HP-UPX perhaps use a mix of opensource and proprietary libraries, but most certainly based on the same algorithms. Thus what would be the mysterious OS alternative, except writing your own cypher algorithm, outside the USA? Riccardo
Re: Why I abandoned OpenBSD, and why you should too...
Please stop do not reply this is an annual event. Every year an email is sent with this same subject. It might be slightly beleivabele if it did not devovle into ad hominem attackes on Theo. Yes, Theo is an asshole. but that is irelelevant. Most geniuses are assholes. On Fri, Jul 5, 2013, at 12:44 AM, Zamri Besar wrote: > On Fri, Jul 5, 2013 at 12:28 PM, Tito Mari Francis Escaño < > titomarifran...@gmail.com> wrote: > > > I was initially thinking this is a troll, but with these quotes: > > > > > I vote for another troll... but... this year April Fool was over 3 months > ago. > > -- > Thank you. > > Zamri Besar
Re: Why I abandoned OpenBSD, and why you should too...
Why you keep feeding troll guys ??
Re: Why I abandoned OpenBSD, and why you should too...
On Fri, Jul 5, 2013 at 4:56 AM, Thomas Jennings wrote: > CBS News reporter Sharyl Attkisson claimed, during a live radio > interview, that she had been dealing with suspicious computer and phone > issues. Check out this snippet from the full transcript of the interview. > One line in particular trashed my plans for the OpenBSD upgrade: > >> Well, I have been, as I said, pursuing an issue for a long time now — much >> longer >> than you’ve been hearing about this in the news — with some compromising of >> my >> computer systems in my house — my personal computer systems as well as my >> work computer systems. I thought they were immune to being compromised — >> because they all ran OpenBSD — but I guess I was wrong. So, we’re digging >> into >> that and just not ready to say much more right now, but I am concerned. FWIW the original quote can be fund here[0]. I expected to see some other product name replaced with "OpenBSD" by the troll, but it turned out that the whole sentence is missing from original interview. [0] http://www.washingtonpost.com/blogs/erik-wemple/wp/2013/05/29/sharyl-attkisson-and-her-compromised-computers/ -- Dmitrij D. Czarkoff
Re: Why I abandoned OpenBSD, and why you should too...
On Fri, Jul 5, 2013 at 10:46 AM, John Long wrote: > On Thu, Jul 04, 2013 at 11:56:50PM -0400, Thomas Jennings wrote: > > [drug / alcohol withdrawal-induced rant elided] > > I don't know where you get the idea OpenBSD is involved. I heard a few > interviews including the one here http://www.youtube.com/watch?v=ISXYITh09TA > and she clearly said she has an Apple system. Guys, what part of "THIS IS A TROLL" don't you understand? Let him die, please.
Re: Why I abandoned OpenBSD, and why you should too...
On Thu, Jul 04, 2013 at 11:56:50PM -0400, Thomas Jennings wrote: [drug / alcohol withdrawal-induced rant elided] I don't know where you get the idea OpenBSD is involved. I heard a few interviews including the one here http://www.youtube.com/watch?v=ISXYITh09TA and she clearly said she has an Apple system. She also said "for someone to come into my home" so apparently this was not only an over the network hack but somebody had physical access to her computers. No consumer computer is safe when somebody else has physical access to it. Security 101. Intel's new BIOS would seem to provide new attack vectors. See the comments to the video and elsewhere, old news. Don't use it, no problem. Atkisson also admits she doesn't know much about computers- her own words. That's an unlikely OpenBSD user profile considering she was talking about her home and company machines. Why do you believe OpenBSD is involved at all? Are you confused by the fact Apple's OSX is based on some (Free) BSD pieces? >From the interviews it's a simple case of somebody getting access to a few PCs and installing some spyware. Can you name a consumer device and common desktop OS that can't be compromised in that situation? OpenBSD is open source and you can build the whole OS and userland from source. It seems real unlikely there is compromise or people would have noticed it. So far all the screaming and accusations haven't resulted in one reference by anybody to the alleged bad code. On the other hand the system mentioned by Atkisson is a notorious high walled garden and the people who put it out have already been implicated in collusion with the anti-freedom lobby by everybody's favorite fugitive Snowden. You really need to get a clue and you really need to apologize to Theo, all the OpenBSD developers, and everybody unfortunate enough to read your rant on these lists. As usual for people slinging accusations like you, you failed to cite anything or back up your claims. Pure FUD. To paraphase Benny Hill, "everyone's entitled to be stupid, but some people abuse the privilege."
Re: Why I abandoned OpenBSD, and why you should too...
Nice parody of something, I don't know what though. Replace OpenBSD with Cisco and Windows and it makes sense. Anyway, I've never seen where Sharyl Attkisson said she uses OpenBSD, and it's highly unlikely that she does judging from the network reporters I know. "OpenBSD has shipped on over half of all network devices, including things like routers, switches, gateways, and servers, for the last six years. The current estimated number of OpenBSD installations sits at over 350 million devices, comprising an almost ubiquitous presence of OpenBSD in networks worldwide." OpenBSD or OpenSSH? Or Cisco? On Thu, Jul 4, 2013 at 8:56 PM, Thomas Jennings < thomas.jennings...@gmail.com> wrote: > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. > > I'm sure we've all heard of PRISM by now, the user-friendly name of > the United States Federal Government's massive civilian and resident > spying program otherwise known as US-984XN. PRISM is certainly bad > enough of its own accord, but it's how PRISM works, and the pattern of > behavior found in OpenBSD development, that was the tipping point for > my use of OpenBSD. > > And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. > After being fired from the NetBSD team, Theo forked the code and > started OpenBSD. He's been pretty much solely responsible for > development of OpenBSD over the years, taking volunteer code as he > sees fit. He also has final say over security audits in the operating > system, something that turns out to be very important. > > I was prepping to migrate the whole of our shop, a regional ISP in the > United States of America, to OpenBSD 5.3 when the news broke: CBS News > reporter Sharyl Attkisson claimed, during a live radio interview, that > she had been dealing with suspicious computer and phone issues. Check > out this snippet from the full transcript of the interview. One line > in particular trashed my plans for the OpenBSD upgrade: > > > Well, I have been, as I said, pursuing an issue for a long time now > much longer > > than youve been hearing about this in the news with some compromising > of my > > computer systems in my house my personal computer systems as well as my > > work computer systems. I thought they were immune to being compromised > > because they all ran OpenBSD but I guess I was wrong. So, were > digging into > > that and just not ready to say much more right now, but I am concerned. > > Since that interview in May, I've watched story after story of direct > server access, PRISM, and NSA spying and connected some dots. For > example, consider the accusations that the FBI had been accused of > planting backdoors in OpenBSD's IPSEC in December of 2012, and that > the accusations later proved true. The two scandals broke 18 only > months apart. > > Consider that PRISM allows the United States Federal Government to > directly access the servers of virtually any company doing online > business, including tech giants like Apple, Facebook, Google, and > Microsoft. But those same tech giants deny complicity. I'm sure we all > agree that personal privacy is beyond the scope of private enterprise, > but let's assume their denials are true. Then connect more dots: > > OpenBSD has shipped on over half of all network devices, including > things like routers, switches, gateways, and servers, for the last six > years. The current estimated number of OpenBSD installations sits at > over 350 million devices, comprising an almost ubiquitous presence of > OpenBSD in networks worldwide. > > EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT > DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME > ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. > > There it is. Let it sink in. Words like Gestapo and Stasi and KGB come > to mind. OpenBSD is part and parcel to the United States Federal > Government's program to spy on its own citizens through bodies like > the NSA and FBI and has been since the FBI paid for backdoors in IPSEC > about a dozen years ago. > > Yesterday, I told the company that we must migrate all our services > from OpenBSD to something else because the risk to our customers' > privacy and security is simply unacceptable. Theo de Raadt may seem > like some kind of guard dog of security, but he's really just a little > bitch bought and sold by the United State Federal Government. > > The kicker is that Theo denies anything suggesting that OpenBSD is > less than perfect at security, as if he's personally offended by the > mere suggestion. He routinely attacks developers and enthusiasts for > si
Re: Why I abandoned OpenBSD, and why you should too...
On 5. juli 2013 at 6:49 AM, "Luca Ferrari" wrote: > > Uhm...and I guess OpenBSD is feeling the same for abandoning you ;)! > I believe people, from time to time, should try to read source code > and track the development. It will remove this stupid messages. No it won't. Stop talking shit man. O.D.
Re: Why I abandoned OpenBSD, and why you should too...
I find it sad that it is now third day that noone responded to my call for help with system hang, at least something like "ask on bugs list", while threads like this get 15 responses in a matter of hours :(
Re: Why I abandoned OpenBSD, and why you should too...
Sighted assistance. It simply means that I am blind (as in I wear prosthetic eyes and can't see a thing). I can use most of my equipment here with either some screen reader access or braille. Unfortunately, that can't be said for installation and first time configuration of OpenBSD (the man AfterBoot process). Only after SSH is enabled can I do anything with the machine. It certainly would be a lot better if OpenBSD supported a general CLI screen reader right from boot up. I do know that enough of the hardware gets detected to at least support this. Unfortunately, I am not a coder, so I can't really try this without some help. Running a compiler script (configure, make and make install) are easy enough from a CLI SSH session, but unless I can run a package immediately after the OS has completely booted and given me a login prompt, I am literally operating in the blind zone. This is what I mean by sighted assistance. So right now, if I can't do it myself, whats the point? -eric On Jul 4, 2013, at 10:09 PM, openda...@hushmail.com wrote: > On 5. juli 2013 at 4:59 AM, "eric oyen" wrote: >> >> My only problem (and it seems none of the devs really understand this) >> is that I must have sighted assistance to install and initially configure >> the OS. > > What do you mean sighted assistance? > > O.D.
Re: Why I abandoned OpenBSD, and why you should too...
Thu 4.Jul'13 at 23:56:50 -0400, Thomas Jennings > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. [ ... ] Then you'd also better stop using mobile phones, landlines, using search engines, email ... come to think of it, any form of electronic comminucation, and go back to living in the woods or in a cave and clubbing your wife with large peices of wood if you're so concerned about the security services.
Re: Why I abandoned OpenBSD, and why you should too...
On Fri, Jul 5, 2013 at 5:56 AM, Thomas Jennings wrote: > Regretfully, I have decided to abandon OpenBSD Uhm...and I guess OpenBSD is feeling the same for abandoning you ;)! I believe people, from time to time, should try to read source code and track the development. It will remove this stupid messages. Luca
Re: Why I abandoned OpenBSD, and why you should too...
HEHEHEHE someone from time to time posts like this without any references and links if you can prove there's backdoor. i will remove OpenBSD. prove it nut head. On Fri, Jul 5, 2013 at 9:26 AM, Thomas Jennings < thomas.jennings...@gmail.com> wrote: > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. > > I'm sure we've all heard of PRISM by now, the user-friendly name of > the United States Federal Government's massive civilian and resident > spying program otherwise known as US-984XN. PRISM is certainly bad > enough of its own accord, but it's how PRISM works, and the pattern of > behavior found in OpenBSD development, that was the tipping point for > my use of OpenBSD. > > And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. > After being fired from the NetBSD team, Theo forked the code and > started OpenBSD. He's been pretty much solely responsible for > development of OpenBSD over the years, taking volunteer code as he > sees fit. He also has final say over security audits in the operating > system, something that turns out to be very important. > > I was prepping to migrate the whole of our shop, a regional ISP in the > United States of America, to OpenBSD 5.3 when the news broke: CBS News > reporter Sharyl Attkisson claimed, during a live radio interview, that > she had been dealing with suspicious computer and phone issues. Check > out this snippet from the full transcript of the interview. One line > in particular trashed my plans for the OpenBSD upgrade: > > > Well, I have been, as I said, pursuing an issue for a long time now > much longer > > than youve been hearing about this in the news with some compromising > of my > > computer systems in my house my personal computer systems as well as my > > work computer systems. I thought they were immune to being compromised > > because they all ran OpenBSD but I guess I was wrong. So, were > digging into > > that and just not ready to say much more right now, but I am concerned. > > Since that interview in May, I've watched story after story of direct > server access, PRISM, and NSA spying and connected some dots. For > example, consider the accusations that the FBI had been accused of > planting backdoors in OpenBSD's IPSEC in December of 2012, and that > the accusations later proved true. The two scandals broke 18 only > months apart. > > Consider that PRISM allows the United States Federal Government to > directly access the servers of virtually any company doing online > business, including tech giants like Apple, Facebook, Google, and > Microsoft. But those same tech giants deny complicity. I'm sure we all > agree that personal privacy is beyond the scope of private enterprise, > but let's assume their denials are true. Then connect more dots: > > OpenBSD has shipped on over half of all network devices, including > things like routers, switches, gateways, and servers, for the last six > years. The current estimated number of OpenBSD installations sits at > over 350 million devices, comprising an almost ubiquitous presence of > OpenBSD in networks worldwide. > > EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT > DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME > ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. > > There it is. Let it sink in. Words like Gestapo and Stasi and KGB come > to mind. OpenBSD is part and parcel to the United States Federal > Government's program to spy on its own citizens through bodies like > the NSA and FBI and has been since the FBI paid for backdoors in IPSEC > about a dozen years ago. > > Yesterday, I told the company that we must migrate all our services > from OpenBSD to something else because the risk to our customers' > privacy and security is simply unacceptable. Theo de Raadt may seem > like some kind of guard dog of security, but he's really just a little > bitch bought and sold by the United State Federal Government. > > The kicker is that Theo denies anything suggesting that OpenBSD is > less than perfect at security, as if he's personally offended by the > mere suggestion. He routinely attacks developers and enthusiasts for > simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE > YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE > HISTORY OF THE WORLD?! > > Today, be a true patriot to the ideals of personal privacy and public > liberty: prevent and reject any and all use of OpenBSD. > > Happy 4th of July.
Re: Why I abandoned OpenBSD, and why you should too...
On 5. juli 2013 at 5:31 AM, "Jean-Francois Simon" wrote: > > May I understand you U go for Microsoft instead ? > That would be great idea, they are said to be free from backdoors. > > Sorry France is in the house y'all. O.D.
Re: Why I abandoned OpenBSD, and why you should too...
May I understand you U go for Microsoft instead ? That would be great idea, they are said to be free from backdoors. Sorry Le 05/07/2013 05:56, Thomas Jennings a écrit : Dear OpenBSD developers and users: Regretfully, I have decided to abandon OpenBSD and thought I would share my reasoning with this list. I thought the 4th of July was a good date to do so since my reasons address national security implications. As a group of people who take development, security, and privacy seriously, I know you will want to know why I made the drastic decision to abandon OpenBSD and never look back. I'm sure we've all heard of PRISM by now, the user-friendly name of the United States Federal Government's massive civilian and resident spying program otherwise known as US-984XN. PRISM is certainly bad enough of its own accord, but it's how PRISM works, and the pattern of behavior found in OpenBSD development, that was the tipping point for my use of OpenBSD. And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. After being fired from the NetBSD team, Theo forked the code and started OpenBSD. He's been pretty much solely responsible for development of OpenBSD over the years, taking volunteer code as he sees fit. He also has final say over security audits in the operating system, something that turns out to be very important. I was prepping to migrate the whole of our shop, a regional ISP in the United States of America, to OpenBSD 5.3 when the news broke: CBS News reporter Sharyl Attkisson claimed, during a live radio interview, that she had been dealing with suspicious computer and phone issues. Check out this snippet from the full transcript of the interview. One line in particular trashed my plans for the OpenBSD upgrade: Well, I have been, as I said, pursuing an issue for a long time now — much longer than you’ve been hearing about this in the news — with some compromising of my computer systems in my house — my personal computer systems as well as my work computer systems. I thought they were immune to being compromised — because they all ran OpenBSD — but I guess I was wrong. So, we’re digging into that and just not ready to say much more right now, but I am concerned. Since that interview in May, I've watched story after story of direct server access, PRISM, and NSA spying and connected some dots. For example, consider the accusations that the FBI had been accused of planting backdoors in OpenBSD's IPSEC in December of 2012, and that the accusations later proved true. The two scandals broke 18 only months apart. Consider that PRISM allows the United States Federal Government to directly access the servers of virtually any company doing online business, including tech giants like Apple, Facebook, Google, and Microsoft. But those same tech giants deny complicity. I'm sure we all agree that personal privacy is beyond the scope of private enterprise, but let's assume their denials are true. Then connect more dots: OpenBSD has shipped on over half of all network devices, including things like routers, switches, gateways, and servers, for the last six years. The current estimated number of OpenBSD installations sits at over 350 million devices, comprising an almost ubiquitous presence of OpenBSD in networks worldwide. EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. There it is. Let it sink in. Words like Gestapo and Stasi and KGB come to mind. OpenBSD is part and parcel to the United States Federal Government's program to spy on its own citizens through bodies like the NSA and FBI and has been since the FBI paid for backdoors in IPSEC about a dozen years ago. Yesterday, I told the company that we must migrate all our services from OpenBSD to something else because the risk to our customers' privacy and security is simply unacceptable. Theo de Raadt may seem like some kind of guard dog of security, but he's really just a little bitch bought and sold by the United State Federal Government. The kicker is that Theo denies anything suggesting that OpenBSD is less than perfect at security, as if he's personally offended by the mere suggestion. He routinely attacks developers and enthusiasts for simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE HISTORY OF THE WORLD?! Today, be a true patriot to the ideals of personal privacy and public liberty: prevent and reject any and all use of OpenBSD. Happy 4th of July.
Re: Why I abandoned OpenBSD, and why you should too...
On 5. juli 2013 at 5:13 AM, "Marc Espie" wrote: > > I actually, no, we don't. You're not anybody I've ever heard of, and your > opinion doesn't matter. I have no particular reason to trust you. They said the same of Edward Snowden you know. > Now, I read your hilarious email. You have real crackpot talent, you should > go on a show with the Bogdanof and various other crackpots from other > the world. That would certainly be funnier than a lot of reality television > out there. I don't get the reference. I take it you watch a lot of reality television? O.D.
Re: Why I abandoned OpenBSD, and why you should too...
On Thu, Jul 04, 2013 at 11:56:50PM -0400, Thomas Jennings wrote: > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. I actually, no, we don't. You're not anybody I've ever heard of, and your opinion doesn't matter. I have no particular reason to trust you. Now, I read your hilarious email. You have real crackpot talent, you should go on a show with the Bogdanof and various other crackpots from other the world. That would certainly be funnier than a lot of reality television out there.
Re: Why I abandoned OpenBSD, and why you should too...
On 5. juli 2013 at 4:59 AM, "eric oyen" wrote: > > My only problem (and it seems none of the devs really understand this) > is that I must have sighted assistance to install and initially configure the > OS. What do you mean sighted assistance? O.D.
Re: Why I abandoned OpenBSD, and why you should too...
Inquiring minds want to know…. Please cite the sources for your assertions (including links to actual sources and documents). In all honesty, it sounds like you have a personal problem with the man himself. As for OpenBSD, I've found it to be a hell of a lot more secure than most of the other OS's. My only problem (and it seems none of the devs really understand this) is that I must have sighted assistance to install and initially configure the OS. Other than that 1 problem, the OS is pretty much usable for me via SSH Anyway, unless you provide factual sources, I seriously have doubts as to the veracity of your statements. If you can't prove your assertions, then I name you what you are: TROLL. -eric On Jul 4, 2013, at 8:56 PM, Thomas Jennings wrote: > Dear OpenBSD developers and users:
Re: Why I abandoned OpenBSD, and why you should too...
On 5. juli 2013 at 4:30 AM, "Tito Mari Francis Escaño" wrote: > > [...snip...] Can't you tell by the way he wrote that that he's just a kid (or an uneducated adult)? I oughta smack y'all faces in for even replying to this shit. O.D.
Re: Why I abandoned OpenBSD, and why you should too...
On Fri, Jul 5, 2013 at 12:28 PM, Tito Mari Francis Escaño < titomarifran...@gmail.com> wrote: > I was initially thinking this is a troll, but with these quotes: > I vote for another troll... but... this year April Fool was over 3 months ago. -- Thank you. Zamri Besar
Re: Why I abandoned OpenBSD, and why you should too...
I was initially thinking this is a troll, but with these quotes: "...was prepping to migrate the whole of our shop, a regional ISP in the United States of America, to OpenBSD 5.3..." Pray tell what regional ISP you speak of here to earn their deserved praise or ridicule for avoiding the OpenBSD deployment. "OpenBSD has shipped on over half of all network devices, including things like routers, switches, gateways, and servers, for the last six years. The current estimated number of OpenBSD installations sits at over 350 million devices, comprising an almost ubiquitous presence of OpenBSD in networks worldwide" I wondered if Theo or the OpenBSD Foundation has budget to pay for publicity, good or bad, just for the kicks.
Re: Why I abandoned OpenBSD, and why you should too...
Please pass point to the code which you believe to be the backdoor so that I may review it myself. Thanks On Jul 4, 2013 10:57 PM, "Thomas Jennings" wrote: > Dear OpenBSD developers and users: > > Regretfully, I have decided to abandon OpenBSD and thought I would > share my reasoning with this list. I thought the 4th of July was a > good date to do so since my reasons address national security > implications. As a group of people who take development, security, and > privacy seriously, I know you will want to know why I made the drastic > decision to abandon OpenBSD and never look back. > > I'm sure we've all heard of PRISM by now, the user-friendly name of > the United States Federal Government's massive civilian and resident > spying program otherwise known as US-984XN. PRISM is certainly bad > enough of its own accord, but it's how PRISM works, and the pattern of > behavior found in OpenBSD development, that was the tipping point for > my use of OpenBSD. > > And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. > After being fired from the NetBSD team, Theo forked the code and > started OpenBSD. He's been pretty much solely responsible for > development of OpenBSD over the years, taking volunteer code as he > sees fit. He also has final say over security audits in the operating > system, something that turns out to be very important. > > I was prepping to migrate the whole of our shop, a regional ISP in the > United States of America, to OpenBSD 5.3 when the news broke: CBS News > reporter Sharyl Attkisson claimed, during a live radio interview, that > she had been dealing with suspicious computer and phone issues. Check > out this snippet from the full transcript of the interview. One line > in particular trashed my plans for the OpenBSD upgrade: > > > Well, I have been, as I said, pursuing an issue for a long time now > much longer > > than youve been hearing about this in the news with some compromising > of my > > computer systems in my house my personal computer systems as well as my > > work computer systems. I thought they were immune to being compromised > > because they all ran OpenBSD but I guess I was wrong. So, were > digging into > > that and just not ready to say much more right now, but I am concerned. > > Since that interview in May, I've watched story after story of direct > server access, PRISM, and NSA spying and connected some dots. For > example, consider the accusations that the FBI had been accused of > planting backdoors in OpenBSD's IPSEC in December of 2012, and that > the accusations later proved true. The two scandals broke 18 only > months apart. > > Consider that PRISM allows the United States Federal Government to > directly access the servers of virtually any company doing online > business, including tech giants like Apple, Facebook, Google, and > Microsoft. But those same tech giants deny complicity. I'm sure we all > agree that personal privacy is beyond the scope of private enterprise, > but let's assume their denials are true. Then connect more dots: > > OpenBSD has shipped on over half of all network devices, including > things like routers, switches, gateways, and servers, for the last six > years. The current estimated number of OpenBSD installations sits at > over 350 million devices, comprising an almost ubiquitous presence of > OpenBSD in networks worldwide. > > EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT > DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME > ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. > > There it is. Let it sink in. Words like Gestapo and Stasi and KGB come > to mind. OpenBSD is part and parcel to the United States Federal > Government's program to spy on its own citizens through bodies like > the NSA and FBI and has been since the FBI paid for backdoors in IPSEC > about a dozen years ago. > > Yesterday, I told the company that we must migrate all our services > from OpenBSD to something else because the risk to our customers' > privacy and security is simply unacceptable. Theo de Raadt may seem > like some kind of guard dog of security, but he's really just a little > bitch bought and sold by the United State Federal Government. > > The kicker is that Theo denies anything suggesting that OpenBSD is > less than perfect at security, as if he's personally offended by the > mere suggestion. He routinely attacks developers and enthusiasts for > simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE > YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE > HISTORY OF THE WORLD?! > > Today, be a true patriot to the ideals of personal privacy and public > liberty: prevent and reject any and all use of OpenBSD. > > Happy 4th of July.
Why I abandoned OpenBSD, and why you should too...
Dear OpenBSD developers and users: Regretfully, I have decided to abandon OpenBSD and thought I would share my reasoning with this list. I thought the 4th of July was a good date to do so since my reasons address national security implications. As a group of people who take development, security, and privacy seriously, I know you will want to know why I made the drastic decision to abandon OpenBSD and never look back. I'm sure we've all heard of PRISM by now, the user-friendly name of the United States Federal Government's massive civilian and resident spying program otherwise known as US-984XN. PRISM is certainly bad enough of its own accord, but it's how PRISM works, and the pattern of behavior found in OpenBSD development, that was the tipping point for my use of OpenBSD. And we all know Theo de Raadt, OpenBSD generalissimo of much infamy. After being fired from the NetBSD team, Theo forked the code and started OpenBSD. He's been pretty much solely responsible for development of OpenBSD over the years, taking volunteer code as he sees fit. He also has final say over security audits in the operating system, something that turns out to be very important. I was prepping to migrate the whole of our shop, a regional ISP in the United States of America, to OpenBSD 5.3 when the news broke: CBS News reporter Sharyl Attkisson claimed, during a live radio interview, that she had been dealing with suspicious computer and phone issues. Check out this snippet from the full transcript of the interview. One line in particular trashed my plans for the OpenBSD upgrade: > Well, I have been, as I said, pursuing an issue for a long time now — much > longer > than you’ve been hearing about this in the news — with some compromising of my > computer systems in my house — my personal computer systems as well as my > work computer systems. I thought they were immune to being compromised — > because they all ran OpenBSD — but I guess I was wrong. So, we’re digging into > that and just not ready to say much more right now, but I am concerned. Since that interview in May, I've watched story after story of direct server access, PRISM, and NSA spying and connected some dots. For example, consider the accusations that the FBI had been accused of planting backdoors in OpenBSD's IPSEC in December of 2012, and that the accusations later proved true. The two scandals broke 18 only months apart. Consider that PRISM allows the United States Federal Government to directly access the servers of virtually any company doing online business, including tech giants like Apple, Facebook, Google, and Microsoft. But those same tech giants deny complicity. I'm sure we all agree that personal privacy is beyond the scope of private enterprise, but let's assume their denials are true. Then connect more dots: OpenBSD has shipped on over half of all network devices, including things like routers, switches, gateways, and servers, for the last six years. The current estimated number of OpenBSD installations sits at over 350 million devices, comprising an almost ubiquitous presence of OpenBSD in networks worldwide. EVEN IF NO CORPORATION OFFERS THE UNITED STATE FEDERAL GOVERNMENT DIRECT ACCESS TO ITS SERVERS THROUGH PRISM, OPENBSD OFFERS THAT SAME ACCESS THROUGH THE PRESENCE OF ITS BACKDOORS. There it is. Let it sink in. Words like Gestapo and Stasi and KGB come to mind. OpenBSD is part and parcel to the United States Federal Government's program to spy on its own citizens through bodies like the NSA and FBI and has been since the FBI paid for backdoors in IPSEC about a dozen years ago. Yesterday, I told the company that we must migrate all our services from OpenBSD to something else because the risk to our customers' privacy and security is simply unacceptable. Theo de Raadt may seem like some kind of guard dog of security, but he's really just a little bitch bought and sold by the United State Federal Government. The kicker is that Theo denies anything suggesting that OpenBSD is less than perfect at security, as if he's personally offended by the mere suggestion. He routinely attacks developers and enthusiasts for simply asking questions. WHY SO TOUCHY, THEO? COULD IT BE BECAUSE YOU'RE COMPLICIT IN THE BIGGEST CITIZEN SPYING PROGRAM EVER RUN IN THE HISTORY OF THE WORLD?! Today, be a true patriot to the ideals of personal privacy and public liberty: prevent and reject any and all use of OpenBSD. Happy 4th of July.
