Re: van Sprundel
Sun, 28 Jan 2018 15:11:41 +0100 Hiltjo Posthuma > On Sun, Jan 28, 2018 at 12:56:26PM +, Andy Lemin wrote: > > Really, did he actually post any real vulnerabilities to OpenBSD! > > > > This article has to be govt propaganda.. > > > > https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.amp.html > > > > I was laughing with tears when I read this.. > > > > Hey, > > Maybe I shouldn't reply, but I feel this is insulting to the amazing work of > Van Sprundel. I've also seen better nuanced articles about the same > presentation talk. > > Sources: > - https://www.openbsd.org/errata60.html (the batch of patches on August 3 > 2017). > - http://undeadly.org/cgi?action=article&sid=20170804053102 > - Slides: > https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns.pdf > - https://www.openbsd.org/errata56.html (earlier work). > > Please do more research before you post. > Hi Hiltjo, His 2017-12-29 talk was obviously an old presentation, help him fix it. https://media.ccc.de/search/?q=sprundel https://media.ccc.de/v/34c3-8968-are_all_bsds_created_equally https://fahrplan.events.ccc.de/congress/2017/Fahrplan/events/8968.html We all know the BSDs are not sitting on bugs, stale data is misleading. Kind regards, Anton Lazarov
Re: van Sprundel
On 01/28/18 08:29, Andy Lemin wrote: Hi. That’s ok. This list is a place for open and honest conversation :) My reaction was towards the article trying to say that BSD’s are dying, rather than against Van Sprundle or his research. I’ve read through his slides before and I skim through the erratas each upgrade, but this article tries to bloat the truth in my eyes. So I’m asking the question as to where the reality lies as it stands today? Linux is such a moving target with so much unnecessary complexity with SystemD, that in the bigger picture we can place far more more trust in the BSD’s. It’s also a pretty serious allegation to cite so many vulnerabilities as still being unfixed today? Is this true? Thanks for your reply :) A Sent from a teeny tiny keyboard, so please excuse typos On 28 Jan 2018, at 14:11, Hiltjo Posthuma wrote: On Sun, Jan 28, 2018 at 12:56:26PM +, Andy Lemin wrote: Really, did he actually post any real vulnerabilities to OpenBSD! This article has to be govt propaganda.. https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.amp.html I was laughing with tears when I read this.. OpenBSD is the only OS I place any real trust in <3 Is probably the only OS they can’t hack. And SystemD makes me want to both cry and scream at the same time. A Sent from a teeny tiny keyboard, so please excuse typos Hey, Maybe I shouldn't reply, but I feel this is insulting to the amazing work of Van Sprundel. I've also seen better nuanced articles about the same presentation talk. Sources: - https://www.openbsd.org/errata60.html (the batch of patches on August 3 2017). - http://undeadly.org/cgi?action=article&sid=20170804053102 - Slides: https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns.pdf - https://www.openbsd.org/errata56.html (earlier work). Please do more research before you post. -- Kind regards, Hiltjo Interesting read. Thanks for sharing.
Re: van Sprundel
Hi. That’s ok. This list is a place for open and honest conversation :) My reaction was towards the article trying to say that BSD’s are dying, rather than against Van Sprundle or his research. I’ve read through his slides before and I skim through the erratas each upgrade, but this article tries to bloat the truth in my eyes. So I’m asking the question as to where the reality lies as it stands today? Linux is such a moving target with so much unnecessary complexity with SystemD, that in the bigger picture we can place far more more trust in the BSD’s. It’s also a pretty serious allegation to cite so many vulnerabilities as still being unfixed today? Is this true? Thanks for your reply :) A Sent from a teeny tiny keyboard, so please excuse typos > On 28 Jan 2018, at 14:11, Hiltjo Posthuma wrote: > >> On Sun, Jan 28, 2018 at 12:56:26PM +, Andy Lemin wrote: >> Really, did he actually post any real vulnerabilities to OpenBSD! >> >> This article has to be govt propaganda.. >> >> https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.amp.html >> >> I was laughing with tears when I read this.. >> >> OpenBSD is the only OS I place any real trust in <3 >> >> Is probably the only OS they can’t hack. >> >> And SystemD makes me want to both cry and scream at the same time. >> >> A >> >> >> Sent from a teeny tiny keyboard, so please excuse typos > > Hey, > > Maybe I shouldn't reply, but I feel this is insulting to the amazing work of > Van Sprundel. I've also seen better nuanced articles about the same > presentation talk. > > Sources: > - https://www.openbsd.org/errata60.html (the batch of patches on August 3 > 2017). > - http://undeadly.org/cgi?action=article&sid=20170804053102 > - Slides: > https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns.pdf > - https://www.openbsd.org/errata56.html (earlier work). > > Please do more research before you post. > > -- > Kind regards, > Hiltjo
Re: van Sprundel
On Sun, Jan 28, 2018 at 12:56:26PM +, Andy Lemin wrote: > Really, did he actually post any real vulnerabilities to OpenBSD! > > This article has to be govt propaganda.. > > https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.amp.html > > I was laughing with tears when I read this.. > > OpenBSD is the only OS I place any real trust in <3 > > Is probably the only OS they can’t hack. > > And SystemD makes me want to both cry and scream at the same time. > > A > > > Sent from a teeny tiny keyboard, so please excuse typos Hey, Maybe I shouldn't reply, but I feel this is insulting to the amazing work of Van Sprundel. I've also seen better nuanced articles about the same presentation talk. Sources: - https://www.openbsd.org/errata60.html (the batch of patches on August 3 2017). - http://undeadly.org/cgi?action=article&sid=20170804053102 - Slides: https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/DEFCON-25-Ilja-van-Sprundel-BSD-Kern-Vulns.pdf - https://www.openbsd.org/errata56.html (earlier work). Please do more research before you post. -- Kind regards, Hiltjo
van Sprundel
Really, did he actually post any real vulnerabilities to OpenBSD! This article has to be govt propaganda.. https://www.csoonline.com/article/3250653/open-source-tools/is-the-bsd-os-dying-some-security-researchers-think-so.amp.html I was laughing with tears when I read this.. OpenBSD is the only OS I place any real trust in <3 Is probably the only OS they can’t hack. And SystemD makes me want to both cry and scream at the same time. A Sent from a teeny tiny keyboard, so please excuse typos
