English press coverage
Hardening OpenBSD Internet
Servers, GeodSoft, February 7, 2001
Not really a press article, but this how-to has good pointers on locking down
an OpenBSD server, including how to create a recovery CD to minimise site
downtime (hey, hardware breaks). The tips apply also to other operating systems.
geeks bet on open source, The Globe and Mail, January 29, 2001
Columnist Jim Carroll uses the latest round of attacks on Microsoft sites
to drum up a bit more business for open source software, including OpenBSD,
"which is known for its absolutely bedrock security".
de Raadt gives it all to OpenBSD, NewsForge, January 29, 2001
This time, Open Source people profiler Julie Bresnick interviews Theo de Raadt,
lead developer of OpenBSD, about how he started, the OpenBSD
"family", hacking, conferences, friends, beer and mountain bikes.
BSD Channel is no more, BSD Today, January 24, 2001
Editor Jeremy Reed fails to shed a tear for the poorly edited (and often
openly hostile) bsd.tucows.com site.
Snoopy's Eriksen, the more things change, the more they stay the same,
NewsForge, January 16, 2001
In another quirky Open Source people profile, NewsForge columnist Julie
Bresnick interviews Aamodt Eriksen, author of the Snoopy command logger, who
runs OpenBSD on his ThinkPad and acknowledges as a role model, among others,
our own Theo de Raadt.
of misinformation about BSD, BSD Today, January 6, 2001
Editor Jeremy Reed takes the bsd.Tucows.com BSD reviewers to task for some
inaccurate and ill-informed reviews, like the one that said that OpenBSD was
licensed under the GPL (hint, it's anything but -- see our
policy page. [Note Jan.24: bsd.tucows.com has been
Todd Miller, Angelos Keromytis, Werner Losh, and Jack Woehr
at "A Roundtable on BSD, Security, and Quality", Dr. Dobb's, January, 2001
Contributing Editor Jack Woehr moderated a roundtable with four
key members of the BSD movement at the recent USENIX Security Symposium 2000.
Blossoms with Open Source E-Commerce Software from Akopia, Enterprise
Linux Today, December 26, 2000
On-line flowers for Hollywood glitterati? OpenBSD in the supporting cast. Story
by John Wolley
gets serious, The Register, December 20, 2000
OpenBSD developers upgrade the importance of an esoteric buffer overflow in the
FTP daemon after an exploit is published (ftpd is not enabled by default in
Raadt Responds, Slashdot, December 11, 2000
Lead developer Theo de Raadt answers reader questions moderated by Slashdot
editor Roblimo. The mass interview covers a seriously wide range of topics:
sharing the code auditing experience, securing the ports
tree, books of various colours, secure coding practices, hardware, patches
OpenBSD 2.8 runs on G3/G4 machine, MacCentral Online,
December 7, 2000
OpenBSD 2.8 has been released -- it's free -- and will now run on
iMac, G3, G4, and G4 Cube machines. And if that is Greek to you, let
Network Security - Kernel Options, Kurt's Closet, Security Portal,
December 6, 2000
Going beyond the usual security measures means looking at some often
neglected kernel options and settings. Kurt Seifried looks at kernel
options under OpenBSD, Linux and Solaris.
I use OpenBSD, ZDNet News, December 4, 2000
Stephan Somogyi explains why he runs OpenBSD, largely due to OpenBSD's
emphasis on security. Some might argue that his example security flaw,
open spam relays, is really no big deal, but we think it raises an
important point: if an OS or mail system ships with relaying open by default,
what message does that send about that system's resistance to less trivial
attacks. He also chides Intel and 3Com for not providing driver
documentation to allow their IPSec networking cards to be used.
community learns to get along, Open Season, Upside Today, December 1, 2000
OpenBSD gets a passing mention in this cheerleader piece by Sam Williams about
the wide distribution potential of the BSD-derived Mac OS X.
The Future of
OpenBSD: A Conversation with Theo de Raadt, Dr. Dobbs Journal, December 2000
Contributing editor Jack J. Woehr's interview with Theo de Raadt at Usenix
Security Symposium 2000 gives a bit of insight about project dynamics, where
the OS is headed, and on how the security audit evolved from a hunt for
security holes to a philosophy of correct and bug-free programming.
to leapfrog Linux, ZDnet Linux Opinion, November 29, 2000
A somewhat speculative article by Henry Kingman based on recent the recent
flurry of releases, new products and conference activity from the BSD world.
Is Darwin getting
due respect?, ZD Net, November 23, 2000
Stephan Somogyi dismisses Apple's open source offering as "opportunistic",
Darwin, and sneaks in a tip of the hat to OpenBSD.
and Linux: Discovering the BSDs, NetworkWorld Fusion, November 20, 2000
Worried that Linux will be de-stabilized by the hype machine? Paul Hoffman
suggests a serious look at the BSD-based operating systems.
Linux and OpenBSD Firewalls, book review, The Linux Gurus, November 18, 2000
In this detailed review of the Sonnenreich & Yates
firewalls book, the unnamed
author concludes that the authors aren't paranoid enough in stripping down
the firewall system to the bare essentials.
What the future holds for
Unix, vnunet.com, November 10, 2000
Dave Cartwright dons the weird robes and gazes into the crystal ball for
the future of big-iron UNIX, Linux and BSD. Best quote in the article:
"Linux, FreeBSD and OpenBSD will continue to flourish due to their
openness, price, quality and attitude.". Quality, that's us (and
much of the attitude too).
2000: A small, tasty conference, Sun World, November 2000
Silicon Carny columnist Rich Morin reviews BSD Con 2000. He gives an overview
of the five BSD variants available and a bit of atmosphere from the conference.
Code, Kurt's Closet, Security Portal, October 31, 2000
Kurt Seifried interviews John Viega, author of the ITS4 code auditing
system. While he acknowledges the value of OpenBSD's strictly
expert-based auditing process, he argues that using even an imperfect
auditing tool is better than no audit at all.
Boosts Unix, ZDnet Inter@ctive Week, October 23, 2000
Charles Babcock suggests that Unix and freenix OSes like Linux and
OpenBSD are putting the squeeze on Microsoft Windows 2000's share of
the high end server market. Not bad for a bunch of hackers who just do
it because they love coding...
OpenBSD to the Motorola ColdFire, BSDCon, October 18, 2000
Dean Fogarty and David O'Rourke, engineers at Stallion Technologies
Pty Ltd in Australia, presented this paper at BSDCon.
"Making an Internet embedded appliance for public
consumption is not a simple task. Choices including hardware, code
development and user interface design must be made, each of which could
either help or hinder a product. This paper outlines how and why
Stallion Technologies used the Motorola ColdFire CPU and the OpenBSD
operating system to create a successful Internet appliance."
Hackerdom!, FEED, October 17, 2000
Brendan Koerner continues his exploration of the digital world with a
visit to this year's Defcon. There's a cameo appearance by Theo de Raadt,
cast as a starving hacker. Before the article sets off a
verge-of-financial-collapse panic on the mailing lists, we'd like to make
a correction: Theo can occasionally afford a pint of Guinness to go with
OpenBSD, #RootPrompt.org, October 9, 2000
Columnist Noel discusses some of the angry comments made about
OpenBSD's Bugtraq disclosure of a localhost vulnerability . He gets
at the point of the source code audit: it's not to find exploitable
holes, but rather to fix bugs so that they never become security
Using IPSEC and Samba to integrate Windows Networks, Napalm, October 6, 2000
OpenBSD, IPSec, IPF, Samba and Windows: azure covers it all in this
networking epic about connecting two Windows-based networks over a VPN
- whether they like it or not.
plugs a rare security leak, Upside Today, October 6, 2000
Developer Aaron Campbell is interviewed by Upside reporter Sam Williams
about the recent concern over format string vulnerabilities and how
OpenBSD has responded to the threat.
The Pros and Cons of Posting Vulnerabilities, October 5, 2000
Dissipating the smokescreen of FUD surrounding "full
disclosure" is a never ending thankless task. Rik Farrow shows how
it works by picking a particularly busy day in the life of BUGTRAQ, the
full disclosure security mailing list. He concludes with a tip of the
white hat to OpenBSD:
"The true goal should be to write secure software in the first
place. One Unix version, OpenBSD, gets all of its code audited for
security bugs before it gets shipped."
BSD OSs Offer
Unix Alternatives to Linux, Byte, October 2, 2000
In a long-ish article subtitled "For security, scaling,
consider a BSD OS", columnist Bill Nicholls does a survey of the
BSDs. Mostly he summarises the history and quotes the various project
web sites, but this is the kind of article that should benefit
non-technical readers bombarded with Linux advocacy.
System Takes On Linux,
Coleman Explains BSD Unix, Inter@ctive Week, September 25, 2000
Two BSD related articles in the same mainstream publication, on the same day.
A trend, maybe? The first article, a business-oriented manager's eye view,
credits OpenBSD's proactive security approach for spurring on security
development in the other BSD groups, and even Linux. The second is an
interview with Daemon News editor Chris Coleman which attempts to explain
the various BSDs. The writer clearly hasn't mastered the topic yet, or even
spelled Coleman's name consistently.
Primed and ready,
Upside Today, September 7, 2000
An article by Sam Williams about the reaction to RSA Security's pre-emptive
release of RSA into the public domain. The impact on OpenBSD? Minimal --
most users are already taking advantage of the trick to download the ssl
library after installing the OS.
OpenBSD as a VPN Solution,
Sys Admin, September 2000
Alex Withers contributed an article on setting up a VPN with OpenBSD's IPsec
and the ISAKMPD key management daemon. He admits his implementation, though
quite serviceable, only scratches the surface of the capabilities available.
He strongly suggests going through the man pages
isakmpd(8)) and the OpenBSD
IPsec FAQ to get the most
out of the system.
FreeBSD, OpenBSD and SuSE 6.2 Eval Review, OS Opinion, September 2000
Keith Rankin, a veteran system administrator, rates three operating systems
in terms of usablility and productivity. Despite a lengthy rant about minimalist
vi and a default C shell, he finds nice things to
say about OpenBSD's floppy + 'Net installation, the thorough system probe and
the IP filtering and address translation.
OpenBSD and the Future of the
Internet, OpenBSD Explained, O'Reilly Network, August 29, 2000
David Jorm's column notes the fact that OpenBSD ships with functioning IPv6
networking. He briefly walks through the procedure to get an OpenBSD system
to participate in "6bone", the transitional IPv6 network.
Example, # RootPrompt.org, August 23, 2000
Noel moves on after his "Cracked!" series to look at other
security topics. This time, he installs OpenBSD, fully expecting some
brutally stripped-down system good for nothing but firewalls and sniffers,
but finds a functional desktop environment. OpenBSD sets an example for
other systems: "It is my opinion that there are many lessons
in how OpenBSD is put together that the Linux community needs to take
Brit and the Big Boy, NewsForge, August 22, 2000
NewsForge Columnist Julie Bresnick pens a quirky profile of Tom Yates,
co-author with Wes Sonnenreich of
Linux and OpenBSD Firewalls.
Revisited, ABCnews.com, August 16, 2000
In an article better entitled "Moody battles on", columnist Fred
Moody continues his lone battle over the Linux security record. He rates
OpenBSD as the choice of those who expect "much, much more" and
quotes Marcus Ranum, CTO of Network Flight Recorder, talking about OpenBSD's
code audit. "They did some really interesting stuff; they did complete
code audits of major hunks of the operating system and found huge, horrible,
gigantic holes that all the other UNIX derivatives had been ignoring."
World's Most Secure Operating System, The Industry Standard, August 14,
"A lone Canadian is reshaping the way software gets written. Is the world
paying attention?". (Well, actually he's got help). Veteran technology
reporter Brendan Koerner interviews Theo de Raadt, security vendors and
writers to compare OpenBSD's code audit and "secure by default" credo
against current industry practices.
An Overview of OpenBSD Security, OpenBSD Explained, O'Reilly Network, August 8, 2000
David Jorm details the steps to configuring OpenSSH's sshd, and how to set up
a secure Web server using OpenBSD's SSL support. He also looks at OpenBSD's
security stance, the ongoing code audit and how to install security patches.
OpenBSD runs fuzz, Linux
Weekly News, August 3, 2000
Linux Weekly News security editor Liz Coolbaugh picks up on a Bugtraq thread
fuzz, a tool that tests commands with randomly generated
command line arguments. Lead developer Theo de Raadt ran it against OpenBSD
and found routine coding errors in about a dozen commands, none security-related.
The article reprints de Raadt's posting and comments. Though the exercise was
worthwhile, the tool only points to the areas to check, and is no substitute for
careful code reviews, he concludes.
in a Datacenter Scale Environment, BSD DevCenter, O'Reilly Network, August 1, 2000
David Jorm's OpenBSD Explained column talks about IT Manager Grant Bailey's initial
skepticism about OpenBSD being able to handle the load for www.2600.org.au's Web and
FTP site. On a tight budget, he set up a K-6 450MHz system, with 128 MB RAM and an
IDE drive, got a few friends with cable modems to pound on it, and was pleasantly
Update (Aug.4/2000): Grant writes that he has just seen the site's biggest day:
56GB outbound to everywhere on the Internet with 260 clients at one point, limited
mostly by the RAM.
Linux developers hunt for kernel bugs, vnunet.com, July 26, 2000
John Leyden talks about the new Linux Kernel Auditing Project, and how
last month some people decided that Linux needed some auditing. It is
about time. The article mentions that
"OpenBSD, another Unix-like open source
operating system, has been subject to an ongoing security audit
The article apparently used to quote Roy Hills of NTA as saying
""This is the first time I've heard of an audit of the whole of a
general purpose operating system kernel", but it has been
Interview: Theo de Raadt, Sécurité.org, July 26, 2000
Nicolas Fischbach caught up to Theo de Raadt at CanSecWest in Vancouver a while
back, and the resulting interview discusses Secure by Default and the genesis
IPSec - We've Got a Ways To Go (Part II), Security Portal, July 26, 2000
Kurt Seifried discusses various key management and tunnel modes and extensions
possible with IPSEC implementations, including OpenBSD's ethernet over IPSEC
Setting up OpenBSD 2.7 as a cable NAT system , BSD Today, July 24, 2000
Vlad Sedach writes about his experiences in setting up a ipnat/ipf box based
on OpenBSD as his firewall.
Most secure operating system update uses Digital Signature Algorithm, vnunet.com, July 17, 2000
James Middleton lists the features of the new 2.7 release.
OpenBSD is installed -- now what?, BSD Today, July 14, 2000
As a follow-up to
Installing OpenBSD 2.7,
Clifford Smith explains how to set "up OpenBSD as a single-user,
desktop system with basic information on installing the ports tree,
setting up KDE, stopping unneeded services and using IPFilter."
IPsec Crash Course
(part 1), Napalm, July 13, 2000
Technical article about IPSec by ajax, discussing the networking basics,
the key management daemons and various free and commercial implementations.
This goes well beyond the usual how-to articles to explain the underlying
protocols and their quirks.
, Computing Canada, July 7, 2000
Viewpoint columnist Matthew Friedman tries to set the record straight -- open
source is not all about Linux. He focuses on the rock-solid networking performance
and security and speaks with OpenBSD's Theo de Raadt and FreeBSD's Jordan
An Engineer, Not An Artist, OS Opinion, July 6, 2000
Monty Manley throws open the debate about artistic whim versus solid engineering
in open source software development. Too few, like the OpenBSD auditors, are
willing to sweat the details to make the code really work, he writes.
Attempting to install OpenBSD under VMware, BSD Today, July 6, 2000
BSD Today reader Jeremy Weatherford tries his hand at installing OpenBSD
on VMware, a system that allows multiple OSes to run concurrently on the
same hardware. We can't fault him for trying, but being new to both OpenBSD
and VMware, he might have been a tad too ambitious, considering VMware
doesn't even list OpenBSD as a supported "guest" OS.
Installing OpenBSD 2.7,
BSD Today, June 29, 2000
So you want to try out OpenBSD, right? Sounds like your kind of operating system,
right? Patrick Mullen installs and reviews the 2.7 release. Another first-hand
experience installing OpenBSD, with a sprinkling of humour because these articles can
be a bit dry.
(and Joe) are Canadian, letter to the editor, Computing Canada, June 23,
"Dave the Canadian software guy" wrote to complain about a column
entitled "The computing road less travelled". The article on
alternative OSes never mentioned OpenBSD, published in Canada, or NetBSD,
the sole BSD at Linux Quebec in April. "Is it time for a Joe the Canadian
commercial for Canadian Software?", Dave asks.
The letter is further down the page.
Your Network With OpenBSD, Kurt's Closet, Security Portal, June 21, 2000
Kurt Seifried looks at some new features in OpenBSD 2.7 and recommends it
as a platform for patrolling your network. He also gives a sampling of
the many security tools available for intrusion detection, vulnerability
analysis and network management, all available from the
to a Web of viruses, eWeek.com, June 19, 2000
Peter Coffee, eWeek Labs, mentions OpenBSD in an article subtitled
"IT wanted integration; Microsoft delivered. Now both must fix lax
security". Near the end (it's there, really), he writes:
Those who champion the open-source process point to projects
such as the OpenBSD operating system, with its tremendous security
record, as proof of concept. But there are other examples, such as
loopholes in Kerberos code that went unnoticed for years, that show
the limits of volunteer effort. Once again, we note that published
source code doesn't automatically imply a security review. It won't
happen by itself: people have to want to do it.
OpenBSD 2.7 press release, June 15, 2000
This press release was translated into several languages and distributed to the
trade press and Internet news sites.
soon: a real-time OpenBSD?, BSD Today, June 14, 2000
Randy Lewis of RTMX explains why they picked OpenBSD and how their real-time
extensions will be folded back into the OpenBSD source tree in time for the
next release. Interview by Jeremy C. Reed.
to OpenBSD Networking, BSD DevCenter, O'Reilly Network, June 13, 2000
David Jorm, no stranger to OpenBSD, gives a detailed tour of the basic steps for
setting up an OpenBSD system as a gateway with a LAN interface and a PPP connection.
He also points out the little differences that could trip up somebody just
arriving from the Linux world.
state of the daemon, UNIX Review, June 7, 2000
Michael Lucas reviews the state of the art for BSD-derived systems,
and finds much cause for optimism.
"OpenBSD delves further into constructive paranoia", he writes.
Agreed, security is a state of mind, but unless the rash of serious incidents
abates, it's not really paranoia.
By DEFAULT, OPEN SOURCES, Information Security, June 2000
OpenBSD is one OS that's likely to be voted "Most Secure."
So why not use it for all enterprise apps? Columnist Pete Loshin
looks at OpenBSD as a serious contender for secure Internet servers.
Meet the hackers, America's Network, June 1, 2000
Patrick Neighly writes a long and detailed article about the hows and whys of
the hacker community. Near the end, he interviews a hacker who states that
"OpenBSD tends to be a proactive security solution - they find holes
before they're posted on Bugtraq"
Cracked! Part4: The
Sniffer, # RootPrompt.org, May 31, 2000
Noel continues his chronicle of a cracker attack on his LAN.
In part 4, he notes that even local user vulnerabilities cannot
be overlooked because you must assume that an attacker will
eventually figure out a login/password. As part of his conclusions,
he mentions he would like to explore OpenBSD for systems that
need user accounts. The first three parts also make for interesting
reading for all system administrators.
found in PGP 5.0, Computer World, May 26, 2000
PGP 5.0 was found to have a serious coding error under Linux and
OpenBSD, where it replaced the random data obtained from /dev/random
with a string of '1' digits when generating key pairs under certain
Beyond the Garden of Eden, BeOpen.com, May 19, 2000
Sam Williams strikes again. He interviews OpenBSD lead developer Theo de Raadt
and Tom Vogt, a lead developer of Nexus, a "maximum security" Linux
distribution unveiled on May 9. This article contrasts two different
approaches to security.
perfects security by one-upmanship, Upside Today, May 17, 2000
Freelance writer Sam Williams captures the dynamics of the OpenBSD
development effort in OpenBSD, dubbing it "geeking out for perfection".
Williams also takes note of OpenBSD's business-friendly non commercial
stance -- no corporate backers, yet plenty of commercial products
with embedded OpenBSD.
Database Statistics, Security Focus, May 15, 2000
"3 out of 2 people can't figure out statistics", the saying goes. In this light,
we'd like to present Security Focus's summary of vulnerabilities. Read
the disclaimers and feel free to dispute the results, but you have to
admit it makes OpenBSD look good compared to other widely used OSes.
We think the most important chart is the top one, total vulnerabilities.
The upward trend is disturbing; it means the industry still doesn't
"get it", and the users who trade off security for feature
creep are delivering the wrong message.
We're Doomed to Failure, Security Portal, May 10, 2000
Kurt Seifried talks about what people can do to promote security and
protect themselves against the now-commonplace attacks. His first
suggestion is for software vendors to audit code like OpenBSD did, but he
feels that the effort and demand for knowledgeable programmers is too
great for this approach to succeed. Instead, he suggests add-ons such as
various Linux patches, development tools and replacement libraries. We
think he gave up too easily: by accepting mudflaps in the place of
airbags, he is taking the heat off software vendors to clean up the
defects in their products.
They're after your data, vnunet.com, May 17, 2000
In a discussion related to government hacking, Dearbail Jordan interviews
a random hacker who states that "As far as operating systems go,
OpenBSD, a completely free Unix variant, is probably the most secure
C2-level Unix available today." Well, OpenBSD is not C2, mostly
because the Orange Book C2 standard is for Trusted systems, not Secure
systems, but the remainder of his comment is probably a correct viewpoint.
Source Smugglers, ComputerWorld, May 5, 2000
"Psssstt! Wanna a good, reliable operating system on the cheap? Thing is,
you just can't tell your boss about it" Technology writer Peter Wayner
tells of the techies who break the rules and sneak open source
systems on the job. He mentions the "security-conscious" OpenBSD as a
successful secure e-commerce server against an rival NT implementation,
as well as how Marcus Rannum embeds OpenBSD in the Network Flight Recorder
IDS appliance to sidestep NT vs. UNIX prejudices.
Encryption Accelerator Endorsed by OpenBSD, Business Wire, May 2, 2000
Press release from Global Technologies Group, Inc. announcing OpenBSD
support for their PowerCrypt IPSec hardware accelerators cards.
installing OpenBSD, BSD Today, May 2000
Another "how I installed OpenBSD" article. Jeremy C. Reed writes
a blow-by-blow, prompt & response chronicle of how he installed OpenBSD
2.6, to the point of setting up X, the blackbox window manager and
Netscape -- elapsed time, 4 hours and 38 minutes. Phew.
In OpenBSD 2.6, Daemon News, May 2000
Alison describes how she gave in to the geekier side of her nature and
rescued a castaway PC and put OpenBSD on it. "Contrary to popular
opinion, however, I think it's not just a matter of reliability," she
writes, "but also of clarity and simplicity - two very important and
oft-overlooked characteristics of computer software.".
Interview with OpenBSD's
Theo de Raadt, eup E-zine,
April 20, 2000
In this interview by Daniel De Kok, lead developer Theo de Raadt comments
on the BSDI/FreeBSD merger, OpenBSD as an embedded OS, and future plans for
Security Experts Say Proprietary
Code Isn't Scrutinized Well Enough, SOURCES, April 19, 2000
This bulletin discusses security concerns raised by recent reports of
vulnerabilities in commercial software such as backdoors and automatic
registration forms. The article quotes Jerry Harold, president & co-founder of
Network Security Technologies Inc. "This is why NetSec builds its products
on an operating system (OpenBSD) that has made security its number one goal."
Source - Why it's Good for Security, SecurityPortal.com, April 17, 2000
In another FUD-fighting article, security writer Kurt Seifried and
Bastille Linux project leader Jay Beale refute a recent well-circulated
article saying open source software is more vulnerable because the
black hats can find bugs just by reading the source. If this were the
case, they argue, OpenBSD could not have achieved its security record.
They counter the claim by demolishing "security through
obscurity", the myth that just won't go away.
Wide Open Source,
SecurityFocus.com, April 16, 2000
Elias Levy of BUGTRAQ fame discusses the security of open- vs. closed-source
software. OpenBSD developers are mentioned first among a few groups of people
who care about auditing code for security vulnerabilities.
32Bits Online, April 2000
Slamming some recent press which had said that Open Source (and in particular
Linux) leads to more software security problems, Clifford Smith states
"If there is ONE definitive proof that the source code being opened up for
review provides the opportunity to create secure operating systems, OpenBSD
is that proof." (his emphasis)
is a security risk, I don't think so!,
Security Portal, March 29, 2000
Columnist Kurt Seifried uses OpenBSD's code audit as an example to
refute a FUD piece on a major computer industry website that claims
that Linux is a security risk because the bad guys can find the holes
simply by reading the source code.
Kurt Seifried interview, Linux.com, March 8, 2000
The roles have changed; security columnist Kurt Seifried is now the subject.
He discusses his role at Security
Portal, the state of Linux security, OpenBSD's security model and the
Linux hardening scripts like Bastille Linux. He's pessimistic about the
future and predicts that with management apathy towards security,
"we're in for 10-50 more years of miserable computer security problems".
Open source software:
Ready for Credit Union Primetime?, CUES Tech Port, March 6, 2000
An article explaining the trade-offs of using open source software, how it
might be applied to credit union enterprises and some caveats about the
learning curve for staff not already familiar with UNIX-like operating
systems. Author Tom DeSot strongly recommends OpenBSD in this article
written for credit union IS managers.
Unix players change, but the (r)evolution continues, SunWorld, March 2000
Rich Morin puts the 80's UNIX history of fragmentation in perspective by
examining the creative tensions between the five operating systems derived
from 4.4BSD-Lite. Rather than repeating the platitude of how the BSD-derived
operating systems should unite, Morin's Silicon Carny column shows that the
projects and companies cooperate even though they have diverging goals. And
now that Sun has cautiously moved to open source some of its source, how
will the open source world react, he asks.
to know OpenBSD, Boardwatch Magazine, March 2000
UNIX columnist Jeffrey Carl continues his survey of the freenix alternatives
for ISPs with an interview with Louis Bertrand. The author also discusses
the relative merits of OpenBSD and how ISPs might want to use it for a
About SSH - Part II: OpenSSH, Security Portal, February 28, 2000
Seán Boran wraps up his look at SSH with an article devoted to OpenSSH
running on OpenBSD and other OSes, mentioning problems porting OpenSSH to
platforms without good crypto support.
Firewalling with IPF, Security Portal, February 16, 2000
Kurt Seifried, author of the Linux Administrators Security Guide, explains
how to set up packet filtering with
ipf. His examples are based on OpenBSD 2.6
even though his article isn't aimed at any specific OS.
OpenBSD 2.6 - new features,
Security Portal, February 9, 2000
Kurt Seifried reviews OpenBSD 2.6 and finds new features like
DSOs, and new device drivers. He also finds comfort in an old friend, the
"secure by default" installation.
Unixlike systems may be better than Linux, ComputerWorld, February 7, 2000
We really like Simson when he writes "But if you're trying to get the
most for your money or if you want a higher level of security, take a look at
the BSDs. The rewards can be considerable." But he misses the point
about strong crypto because of the fuss over 128-bit browsers. The RSA patent
has been a more effective muzzle on innovation than the export prohibitions.
Also note OpenBSD and FreeBSD also integrate IPv6 in their current codebase.
of FreeBSD 3.4, 32BitsOnline, February 2000
In a review of FreeBSD 3.4, the author, Clifford Smith, was impressed
enough about OpenBSD to say "OpenBSD is probably the most secure
distribution out of the box because it comes with a source code that has
been given a complete security audit. It also comes with KERBEROS enabled
out of the chute, OpenSSL and ssh is part of the distro now, too. IPFilter
works immediately. Just Brilliant."
Information Security, February 2000
Pete Loshin surveys the state of the industry in Linux and UNIX-like
security. He highlights an emerging problem, novice Linux users
who may unknowingly leave installation holes, or inadvertently create some.
The OpenBSD sidebar explains the goals and purpose of OpenBSD, and highlights
its reputation among security experts.
OpenBSD and SuSE 6.2 Eval Review, OS Opinion, February 2000
Can't decide? Let's try a bunch. Veteran computer jockey Keith Rankin
compares a Linux distro and two of the BSDs. Long and quite detailed.
by default - a review of OpenBSD, Epinions.com, January 26, 2000
OpenBSD gets a five-star rating in this reader contributed review by
Justin Roth. It's a short glowing article that focuses on the security
of OpenBSD. The reviewer cautions however that it's only secure if
the administrator is vigilant.
Opening up, government style, ZDNet, January 24, 2000
Linux columnist Evan Leibovitch notes a small victory for open source
when the US government recognised it as being for "the
Public Good" in the recently relaxed cryptography export rules.
He quotes Theo mentioning that the RSA patent has had a far greater
chilling effect on US-based cryptography than the export prohibitions.
"Info.sec.radio" radio show. 11:00AM, Monday, January 10, 2000
CJSW 90.9 FM campus radio in Calgary in
association with SecurityFocus
In the inaugural show of Info.sec.radio, Dean Turner of
Security Focus interviews Theo de Raadt about OpenBSD, security,
Mudge, the halo and the 2.4 sticker, MSNBC, January 6, 2000.
The beastie sticker from OpenBSD 2.4 was spotted on Mudge's laptop cover
in a file photo for this story about L0pht joining with corporate heavyweights.
mean secure?, NetworkWorld Fusion Newsletters, January 5, 2000
Security Portal founder Jim Reavis calls OpenBSD "Linux's Linux". We're not
sure what it means, but he was making the point that public scrutiny of
source code helps security, so it must be a compliment.
Back, Sm@rt Reseller Online, January 4, 2000
Linux columnist Steven J. Vaughan-Nichols writes mostly about VA Linux
creating a source repository for open source projects, but there's an
interesting quote: "Whether an open-source program runs on OpenBSD,
Palm or even Windows, so long as it's an open-source program it's game
for SourceForge." OpenBSD, soon to be a household word!
more to open source than just Linux, Computing Canada, January 2000
"Lack of consistency in different versions of distributions is leading some
administrators to re-examine their approach", writes Linux columnist Gene
Wilburn. He suggests the BSD systems as an alternative because they offer
a "high level of consistency and integrity".
report from LISA, SunWorld, January 2000
Columnist Peter Galvin gives a recap of LISA '99, mentioning among others
Bob Beck's paper about securing public
access Ethernet jacks on a university campus.
Canadian open source projects, The Computer Paper, January 2000
OpenBSD is featured in a year-end review of Canadian Open Source projects
The Computer Paper.
Linux columnist Gene Wilburn gets it right. Unfortunately, the article isn't on
the Computer Paper's site, but it is available at the author's site.
A Home-Grown Operating System?, Alberta Venture Magazine,
Grace Casselman interviews Theo about the development process of OpenBSD.
projects - what I learned from Bastille (and others), Security
Portal, December 23, 1999
analyst and author of the Linux Administrators Security Guide, discusses
the effort needed to create a Linux distribution. He mentions OpenBSD's
code audit as a reference point for securing the OS.
2.6 Now Available, Server Watch, December 3, 1999
Picked up on OpenBSD 2.6 press release.
Review, TekPress.COM, December 1999
Vlad Sedach offers a detailed look at OpenBSD, its history, security stance
and cryptography. He notes the lack of
but rates the security as best available, especially compared to NT.
up to BSD: Part Three - Regrouping, Linux.com, November 15, 1999
Reviewer Matt Michie responds to critics of his previous OpenBSD
article in an opinion piece that discusses OpenBSD and Linux advocacy.
OpenBSD comes close to security nirvana with a system that is
'secure by default', InfoWorld, November 8, 1999
Security Watch columnists Stuart McClure and Joel Scambray say good things
about OpenBSD's security stance. "As you've come to expect from us,
our faith in vendors' attention to security is waning, but OpenBSD
gives us hope. OpenBSD is a group that has done it
right -- or at least strives to".
up to BSD: Part Two - OpenBSD, Linux.com, November 8, 1999
Reviewer Matt Michie narrates his experience with an FTP installation
of OpenBSD 2.5 on an aging P-133. Despite trouble with the installation he
recommends it to experienced Linux users who wish to broaden their horizons.
Then the reader feedback flames him for his trouble.
UK Royal Family webmaster prefers OpenBSD,
Slashdot, November 4, 1999
Mick Morgan, of the UK's Central Computer and Telecommunications Agency,
answers Slashdot readers and talks about the design of a high profile
web site like the Royal Family's. In hindsight, he would have chosen
OpenBSD for its security aspects.
Turning on the Zedz, ZDNet, November 2, 1999
Linux columnist Evan Leibovitch tries to make sense of the byzantine
US crypto laws and offers some alternative crypto software and
resources including OpenBSD and OpenSSH.
flavors or, three demons and a penguin, Boardwatch Magazine, November, 1999
Boardwatch Magazine's UNIX columnist Jeffrey Carl surveys the freenix choices
for ISPs. We debate his conclusion that security and functionality are
mutually exclusive choices. If that were the case, security conscious users
would unplug from the Net and just send faxes.
OpenBSD - a secure alternative,
Security Portal, October 27 1999
analyst and author of the Linux Administrators Security Guide,
discusses setting up an OpenBSD firewall.
Interview with The Cult of the Dead Cow,
Slashdot, October 22, 1999
In between cheeky and rude answers to slashdot reader questions, cDc'ers
mention OpenBSD's security model and code audit.
The existence of OpenSSH-1.0 has been confirmed,
Linux Weekly News, October 14, 1999
Linux Weekly News was the first non-BSD news agency to report the existence of
OpenSSH, which will ship with OpenBSD 2.6.
Easing on Software Exports Has Limits,
New York Times, October 11, 1999
Peter Wayner takes a closer look at some consequences of the US government's
restrictions on the export of strong cryptographic software, and finds no
small amount of irony. OpenBSD is prominently featured, along with a picture
of Theo de Raadt brandishing CD-ROMs. (No charge registration required to
read the NY Times on the web).
NSTI announces commercial support services for OpenBSD,
Yahoo News, Oct. 6, 1999
Network Security Technologies press release on the PR Newswire. NSTI
already uses OpenBSD in their Network Ops Center.
I've been hacked!
How OpenBSD saved our project, Daemon News, October 1999
Overworked system administrator John Horn tells us about his adventures with
a publicly-accessible Lynx server.
Calgarian heads team ensuring OpenBSD security,
Calgary Herald, Sept. 30, 1999
Technology reporter Matthew McClearn interviewed system administrators and
security specialists in Calgary and Edmonton who choose OpenBSD for its
stability and proactive security audit. He also gives some project history.
Small town in Kentucky has Internet connectivity unlike the rest of
America, MSNBC, Sept. 29, 1999
Jethro reports on the mailing lists that MSNBC aired a segment about a small
town in Kentucky with high-speed Internet connectivity. During an interview
with the town's teenage security guru, you could read the prompt on his
Connected to spanweb.glasgow-ky.com.
Escape character is '^]'.
OpenBSD/mac68k (spanweb.glasgow-ky.com) (ttyp0)
Hack this! Microsoft and its critics dispute software-security issues, but users make the final call, Infoworld, Sept. 27, 1999
Microsoft: Bad security, or bad press?, CNN, Sept. 28, 1999
A scathing look at the Microsoft "Insecure by Default" scheme quotes the
CDC as saying that "The most secure platform 'out of the box' is OpenBSD,
because security is a focus on the project". Contrast the Microsoft scheme
Open source has roots in the Net, USA Today, Sept. 20, 1999
Nice high profile mention of OpenBSD by Will Rodger:
"Yet backers say the speed and transparency with which open source
programmers compete to discover and then fix problems separates their
operations from traditional software shops. OpenBSD -- still another
open source operating system -- is often called the most secure
operating system in the world."
Even better than Linux, Boston Globe, Sept 16, 1999
Technology writer Simson L. Garfinkel confesses he prefers the BSDs better
than Linux and explains why. He writes a nice paragraph or two about OpenBSD
and its security and cryptography goals. However, reading this, you'd think
all the developers were Canadian (hint: they're not). The article has moved
to the archives, free registration required.
Linux to become duopoly?, ComputerWorld Australia, Sept 8, 1999.
Reporter Natasha David interviews lead developer Theo de Raadt, who notes that cross-UNIX
compatibility is losing ground in the rush for Linux applications. de Raadt
was a keynote speaker at the Australian Unix User Group (AUUG) meeting in
launches free encryption tool, IDG News Service, September 08, 1999
GNU Privacy Guard runs fine on OpenBSD.
Patch Levels with Open Source BSDs, SysAdmin feature article, Sept. 1999
Michael Lucas explains the broad lines of the BSD development model and
how to keep *BSD systems up-to-date with CVS. The author takes most of the
examples from FreeBSD, but he takes the time to explain differences
between the three systems. (Most of this is technology was originally
invented by the earliest OpenBSD developers, as described in a
paper presented at Usenix).
My own private IRP, open source IT tutorial, Sept. 1999
Sean Sosik-Hamor descibes how he built up his own Internet resource provider
(IRP) and web hosting business out of available hardware and freenix
software. He chose OpenBSD exclusively for his DMZ and describes the FTP
Web site offers raft of free OSes,
ComputerWorld Australia, September 1999
OpenBSD is one of many free OSes offered at FreeOS,
an India-based alternative OS news and portal site.
A Secure and Open Society,
ComputerWorld Canada, Aug 27, 1999
The article starts off as a personal story about lead developer Theo de Raadt,
but if you read carefully, it does explain a lot about the origins and goals
1999's Technically Excellent Canadians,
COMPUTERMAGS.COM, Aug 10, 1999
"CCW is very pleased to name our five Technically Excellent Canadians,
who are significantly impacting on technology both at home and
abroad. Thanks to our readers for your involvement and nominations."
The publisher of Canadian Computer Wholesaler (August 1999) and
The Computer Paper (September 1999) presented this award
to Theo de Raadt for his part in OpenBSD (the sub-article is half
way down the page).
The Net's stealth operating system, MSNBC, July 22, 1999
"The OpenBSD group, which did a line-by-line security audit of BSD
code, and now has what is widely regarded as the most secure OS
IPsec Tech Tutorial,
Data Communications, June 1999
"IPsec may be an open standard, but that's no guarantee that different
vendors' gear will work together. To assess interoperability, we put an even
dozen products through their paces." OpenBSD 2.4 and commercial IPsec
implementations were tested by an independent lab for interoperability
and ease in setting up tunneling gateways.
glimpse at the USENIX Technical Conference, SunWorld, June 1999
In a review of this year's event subtitled "USENIX
and Unix -- then and now", writer Vicki Brown contrasts the first
conference in 1979 to the recent one in Montery, California. Although it
only mentions OpenBSD in the links section below the article, it's still
an interesting read.
Operating system designed to foil hackers,
National Post, May 25, 1999
The Post's technology reporter David Akin interviews Theo de Raadt for
in a story that ran on the front page of the business section.
OS Also-Rans: After Windows 98, Mac OS and Linux, what's left for your
Macintosh or Intel PC? Lots, St.Paul-Minneapolis Pioneer-Planet, May 17 1999
Despite the terrible title, staff writer Julio Ojeda-Zapata gives fair
treatment to the alternatives.
In Search of OpenBSD, DaemonNews, May 1999
Ejovi Nuwere in Japan: three days, three locations, one operating system.
Safe and friendly
read-only chroot jails for FTP and WWW, DaemonNews, May 1999
"Ruffy" explains how to set up safe and friendly read-only FTP and WWW services
with OpenBSD's ftpd as an example.
Why to BSD in a Linux world, March, 1999
Description of the OpenBSD development process, and arguments as to why
Linux probably cannot achieve the same level of security audit.
OSes face a Sisyphean struggle to get into the PC mainstream, Infoworld, March 8, 1999
Guest columnist Brett Arquette points out that Linux isn't the only alternative
PC OS out there, then describes why hardware drivers and end user support is
crucial to popularising an OS. He mentions OpenBSD and adds a link to this
NFR Performance Testing, report written by
Anzen. February, 1999
This report compares the network monitoring performance of the
NFR (Network Flight Recorder) package at
handling flat-out 100Mbit ethernet monitoring, running on OpenBSD, BSDI,
Linux, and Solaris. OpenBSD comes out as a clear winner just for raw
performance; even before you consider the superior security of OpenBSD
which you probably would want for a network-monitoring station.
DaemonNews: Serving NT filesystems from an OpenBSD server
A system administrator debunks the myth that you must use NT as a file server
when you run Windows clients. Squeezing performance out of vintage hardware and
adding in some scripts to automate the setup of new projects won management
over to OpenBSD.
Security Watch, end of year Golden Guardian awards.
"Finally, we'd be remiss in ignoring OpenBSD in any discussion of top
open-source security products. It registered high in our e-mail
survey, and we promise to take a more active look at it in future
Software: Power to the People, Data Communications, January 4, 1999
Columnist Lee Bruno marvels that free software is serving alongside name-brand
software. Page three mentions OpenBSD in the roundup.
return of BSD, SunWorld, January 1999
BSD veteran Greg Lehey notes the strong loyalty of SunOS 4 users and surveys the
BSD-derived OSes available on SPARC and PC hardware. The article also comes with
a long list of useful links (some are stale).
OpenBSD and IPSec, leading the pack, November, 1998
A two-part article by Ejovi Nuwere focusing on OpenBSD's IPSec Development.
Part one is an introduction to OpenBSD's Photurisd and its current
Implementation, including a brief interview with
Photurisd creator Neils Provos.
Beyond HOPE coverage, Wired Magazine, Aug 11, 1997
Completely bogus (but quite amusing) description of what
Security Watch: Monthly Editorial.
Points at our security page
calling it "OpenBSD's mantra".
Wired Magazine, June 1998, page 96 (paper edition only)
A half-page description of what OpenBSD is, with a strange picture
of project founder Theo de Raadt (Wired loves Photoshop).
WebServer Online, reprinted in
Server/Workstation Expert (formerly
SunExpert Magazine), June 1998, page 81
A glowing four-page description of OpenBSD emphasizing its use
as a server and an OS that ships with security in the box
(the SunExpert version is in PDF but includes their own
graphic - a cross between Superman and the BSD Daemon, which
the WebServer version in HTML does not).
Usenix coverage, Wired Magazine, May 1, 1998
Mention of OpenBSD with regards to our involvement in the
Freenix track held at Usenix in New Orleans.
Swedish press coverage (in Swedish)
Säkerhet & Sekretess, No 4, 2000
This article reports in a positive tone on OpenBSD's latest security feature,
Computer Sweden, May 2, 2000
An article describing *BSD as the choice of the "very demanding".
OpenBSD is noted for its focus on security and cryptography.
Datateknik, Nov 20, 1998
An article on the swedish IPSec interop event
mentions OpenBSD as one of the successful participants, and has a
mini-interview with OpenBSD developer Niklas Hallqvist.
Datateknik, Nov 13, 1998 and
Datateknik, Nov 14, 1998
Two published letters talking about OpenBSD's role in MacOS X. The first
one has some misconceptions which are corrected by the second which
explains the licensing issues and points to our
copyright policy page.
Japan press coverage (in Japanese)
why I use OpenBSD, MacWIRE Online, ZDNet Japan, December 6, 2000
Translation of Stephan Somogyi's opinion piece, explaining why he runs
OpenBSD. Some might argue that his example security flaw,
open spam relays, is really no big deal, but we think it raises an
important point: if an OS or mail system ships with relaying open by default,
what message does that send about that system's resistance to less trivial
attacks. He also chides Intel and 3Com for not providing driver
documentation to allow their IPSec networking cards to be used.
Sept. 28, 1999
ASCII Corporation is launching a Japanese language magazine that covers the
freenix BSDs, BSD/OS and related subjects. The magazine will also be
translating and reprinting articles from
Daemon News, the BSD ezine.
Germany press coverage (in German)
Das BSD-Ports-Verzeichnis, FreeX Magazin, 4.Quartal 2000
Jörg Braun surveys the Ports system that gives
users easy access to hundreds of net freeware applications. The author covers
make options and targets, and also notes OpenBSD's
"fake" installation used to create easily distributable binary
packages as an automatic by-product of building a port.
Open Source Software in der Bundesverwaltung, Bundesministerium des Innern,
A paper on open source software in the German federal government,
published by the Federal Ministry of the Interior. The paper, which
gave reference to OpenBSD among many other OSes and applications, was
posted then retracted on "orders from above" in the ministry.
Giving way to
the pressure and protests of the open source movement the ministry
rerelased the document after cutting out some numbers.
(the Microsoft Licence fees, btw.!)
OpenBSD 2.6 ist da, heise online newsticker, December 2, 1999
Brief summary of the OpenBSD 2.6 press release.
Russian press coverage (in Russian)
Byte Magazine, Russia,
January 2000 issue
Interview with Theo de Raadt about history and feature of OpenBSD project.
Byte Magazine, Russia,
July/August 1999 issue.
A review of OpenBSD 2.5 and OpenBSD project goals.
Poland press coverage (in Polish)
OpenBSD and Linux, LinuxNews
Radio, August 2, 2000
Bartek Rozkrut (aka Madey), made a guest appearance on LinuxRadio, speaking
about differences betwen OpenBSD and Linux. During the show, listeners were
able to comment and ask questions on IRCNET's #linuxnews channel. The main
criticism was that OpenBSD doesn't support SMP and isn't available for the
IA-64 platform. LinuxNEWS is the biggest polish Linux news service, covering
the entire Linux scene in Poland.
Here's the MP3.
OpenBSD - ma same zalety?,
OpenBSD - Nothing but advantages?, LinuxNews Serwis Informacyjny,
Bartek Rozkrut combines an overview of OpenBSD with a review of how to
download and install the system. He mentions Theo de Raadt's "craze"
about security and how he frustrates Linux advocates on Bugtraq with
mails like "the problem was fixed a year ago in OpenBSD".
The author spends some time explaining the disklabel partitioning scheme and
reassuring would-be users that the no-frills installation script actually
works even though it doesn't have a fancy point & click interface. He even
gives typical download times from the various national ISPs.
Thanks to Vadim Vygonets, Wojciech Scigala and Tenyen for their help
with the translation. For the full text, see the
mail archives. Interpretation errors are mine --louis
$OpenBSD: press.html,v 1.176 2001/02/09 14:29:55 louis Exp $