Media Coverage

[EN]  [SE]  [JP]  [DE]  [RU]  [PL] 

English press coverage

February, 2001

  • Hardening OpenBSD Internet Servers, GeodSoft, February 7, 2001
    Not really a press article, but this how-to has good pointers on locking down an OpenBSD server, including how to create a recovery CD to minimise site downtime (hey, hardware breaks). The tips apply also to other operating systems.

    January, 2001

  • Global geeks bet on open source, The Globe and Mail, January 29, 2001
    Columnist Jim Carroll uses the latest round of attacks on Microsoft sites to drum up a bit more business for open source software, including OpenBSD, "which is known for its absolutely bedrock security".

  • Theo de Raadt gives it all to OpenBSD, NewsForge, January 29, 2001
    This time, Open Source people profiler Julie Bresnick interviews Theo de Raadt, lead developer of OpenBSD, about how he started, the OpenBSD "family", hacking, conferences, friends, beer and mountain bikes.

  • Tucows BSD Channel is no more, BSD Today, January 24, 2001
    Editor Jeremy Reed fails to shed a tear for the poorly edited (and often openly hostile) bsd.tucows.com site.

  • With Snoopy's Eriksen, the more things change, the more they stay the same, NewsForge, January 16, 2001
    In another quirky Open Source people profile, NewsForge columnist Julie Bresnick interviews Aamodt Eriksen, author of the Snoopy command logger, who runs OpenBSD on his ThinkPad and acknowledges as a role model, among others, our own Theo de Raadt.

  • A lot of misinformation about BSD, BSD Today, January 6, 2001
    Editor Jeremy Reed takes the bsd.Tucows.com BSD reviewers to task for some inaccurate and ill-informed reviews, like the one that said that OpenBSD was licensed under the GPL (hint, it's anything but -- see our policy page. [Note Jan.24: bsd.tucows.com has been shut down.]

  • Theo deRaadt, Todd Miller, Angelos Keromytis, Werner Losh, and Jack Woehr at "A Roundtable on BSD, Security, and Quality", Dr. Dobb's, January, 2001
    Contributing Editor Jack Woehr moderated a roundtable with four key members of the BSD movement at the recent USENIX Security Symposium 2000.

  • December, 2000

  • Florist.com Blossoms with Open Source E-Commerce Software from Akopia, Enterprise Linux Today, December 26, 2000
    On-line flowers for Hollywood glitterati? OpenBSD in the supporting cast. Story by John Wolley

  • OpenBSD exploit gets serious, The Register, December 20, 2000
    OpenBSD developers upgrade the importance of an esoteric buffer overflow in the FTP daemon after an exploit is published (ftpd is not enabled by default in OpenBSD).

  • Theo de Raadt Responds, Slashdot, December 11, 2000
    Lead developer Theo de Raadt answers reader questions moderated by Slashdot editor Roblimo. The mass interview covers a seriously wide range of topics: sharing the code auditing experience, securing the ports tree, books of various colours, secure coding practices, hardware, patches and hindsight.

  • OpenBSD 2.8 runs on G3/G4 machine, MacCentral Online, December 7, 2000
    OpenBSD 2.8 has been released -- it's free -- and will now run on iMac, G3, G4, and G4 Cube machines. And if that is Greek to you, let us explain.

  • System and Network Security - Kernel Options, Kurt's Closet, Security Portal, December 6, 2000
    Going beyond the usual security measures means looking at some often neglected kernel options and settings. Kurt Seifried looks at kernel options under OpenBSD, Linux and Solaris.

  • Why I use OpenBSD, ZDNet News, December 4, 2000
    Stephan Somogyi explains why he runs OpenBSD, largely due to OpenBSD's emphasis on security. Some might argue that his example security flaw, open spam relays, is really no big deal, but we think it raises an important point: if an OS or mail system ships with relaying open by default, what message does that send about that system's resistance to less trivial attacks. He also chides Intel and 3Com for not providing driver documentation to allow their IPSec networking cards to be used.

  • BSD community learns to get along, Open Season, Upside Today, December 1, 2000
    OpenBSD gets a passing mention in this cheerleader piece by Sam Williams about the wide distribution potential of the BSD-derived Mac OS X.

  • The Future of OpenBSD: A Conversation with Theo de Raadt, Dr. Dobbs Journal, December 2000
    Contributing editor Jack J. Woehr's interview with Theo de Raadt at Usenix Security Symposium 2000 gives a bit of insight about project dynamics, where the OS is headed, and on how the security audit evolved from a hunt for security holes to a philosophy of correct and bug-free programming.

    November, 2000

  • BSD to leapfrog Linux, ZDnet Linux Opinion, November 29, 2000
    A somewhat speculative article by Henry Kingman based on recent the recent flurry of releases, new products and conference activity from the BSD world.

  • Is Darwin getting due respect?, ZD Net, November 23, 2000
    Stephan Somogyi dismisses Apple's open source offering as "opportunistic", Darwin, and sneaks in a tip of the hat to OpenBSD.

  • Beyond Windows and Linux: Discovering the BSDs, NetworkWorld Fusion, November 20, 2000
    Worried that Linux will be de-stabilized by the hype machine? Paul Hoffman suggests a serious look at the BSD-based operating systems.

  • Building Linux and OpenBSD Firewalls, book review, The Linux Gurus, November 18, 2000
    In this detailed review of the Sonnenreich & Yates firewalls book, the unnamed author concludes that the authors aren't paranoid enough in stripping down the firewall system to the bare essentials.

  • What the future holds for Unix, vnunet.com, November 10, 2000
    Dave Cartwright dons the weird robes and gazes into the crystal ball for the future of big-iron UNIX, Linux and BSD. Best quote in the article:
    "Linux, FreeBSD and OpenBSD will continue to flourish due to their openness, price, quality and attitude.". Quality, that's us (and much of the attitude too).

  • BSDCon 2000: A small, tasty conference, Sun World, November 2000
    Silicon Carny columnist Rich Morin reviews BSD Con 2000. He gives an overview of the five BSD variants available and a bit of atmosphere from the conference.

    October, 2000

  • Auditing Code, Kurt's Closet, Security Portal, October 31, 2000
    Kurt Seifried interviews John Viega, author of the ITS4 code auditing system. While he acknowledges the value of OpenBSD's strictly expert-based auditing process, he argues that using even an imperfect auditing tool is better than no audit at all.

  • Linux Boosts Unix, ZDnet Inter@ctive Week, October 23, 2000
    Charles Babcock suggests that Unix and freenix OSes like Linux and OpenBSD are putting the squeeze on Microsoft Windows 2000's share of the high end server market. Not bad for a bunch of hackers who just do it because they love coding...

  • Porting OpenBSD to the Motorola ColdFire, BSDCon, October 18, 2000
    Dean Fogarty and David O'Rourke, engineers at Stallion Technologies Pty Ltd in Australia, presented this paper at BSDCon.
    "Making an Internet embedded appliance for public consumption is not a simple task. Choices including hardware, code development and user interface design must be made, each of which could either help or hinder a product. This paper outlines how and why Stallion Technologies used the Motorola ColdFire CPU and the OpenBSD operating system to create a successful Internet appliance."

  • Cry Hackerdom!, FEED, October 17, 2000
    Brendan Koerner continues his exploration of the digital world with a visit to this year's Defcon. There's a cameo appearance by Theo de Raadt, cast as a starving hacker. Before the article sets off a verge-of-financial-collapse panic on the mailing lists, we'd like to make a correction: Theo can occasionally afford a pint of Guinness to go with the pizza.

  • Sniping at OpenBSD, #RootPrompt.org, October 9, 2000
    Columnist Noel discusses some of the angry comments made about OpenBSD's Bugtraq disclosure of a localhost vulnerability . He gets at the point of the source code audit: it's not to find exploitable holes, but rather to fix bugs so that they never become security problems.

  • Using IPSEC and Samba to integrate Windows Networks, Napalm, October 6, 2000
    OpenBSD, IPSec, IPF, Samba and Windows: azure covers it all in this networking epic about connecting two Windows-based networks over a VPN - whether they like it or not.

  • OpenBSD plugs a rare security leak, Upside Today, October 6, 2000
    Developer Aaron Campbell is interviewed by Upside reporter Sam Williams about the recent concern over format string vulnerabilities and how OpenBSD has responded to the threat.

  • The Pros and Cons of Posting Vulnerabilities, October 5, 2000
    Dissipating the smokescreen of FUD surrounding "full disclosure" is a never ending thankless task. Rik Farrow shows how it works by picking a particularly busy day in the life of BUGTRAQ, the full disclosure security mailing list. He concludes with a tip of the white hat to OpenBSD:
    "The true goal should be to write secure software in the first place. One Unix version, OpenBSD, gets all of its code audited for security bugs before it gets shipped."

  • BSD OSs Offer Unix Alternatives to Linux, Byte, October 2, 2000
    In a long-ish article subtitled "For security, scaling, consider a BSD OS", columnist Bill Nicholls does a survey of the BSDs. Mostly he summarises the history and quotes the various project web sites, but this is the kind of article that should benefit non-technical readers bombarded with Linux advocacy.

    September, 2000

  • BSD System Takes On Linux, Chris Coleman Explains BSD Unix, Inter@ctive Week, September 25, 2000
    Two BSD related articles in the same mainstream publication, on the same day. A trend, maybe? The first article, a business-oriented manager's eye view, credits OpenBSD's proactive security approach for spurring on security development in the other BSD groups, and even Linux. The second is an interview with Daemon News editor Chris Coleman which attempts to explain the various BSDs. The writer clearly hasn't mastered the topic yet, or even spelled Coleman's name consistently.

  • Primed and ready, Upside Today, September 7, 2000
    An article by Sam Williams about the reaction to RSA Security's pre-emptive release of RSA into the public domain. The impact on OpenBSD? Minimal -- most users are already taking advantage of the trick to download the ssl library after installing the OS.

  • OpenBSD as a VPN Solution, Sys Admin, September 2000
    Alex Withers contributed an article on setting up a VPN with OpenBSD's IPsec and the ISAKMPD key management daemon. He admits his implementation, though quite serviceable, only scratches the surface of the capabilities available. He strongly suggests going through the man pages (vpn(8), ipsec(4) and isakmpd(8)) and the OpenBSD IPsec FAQ to get the most out of the system.

  • FreeBSD, OpenBSD and SuSE 6.2 Eval Review, OS Opinion, September 2000
    Keith Rankin, a veteran system administrator, rates three operating systems in terms of usablility and productivity. Despite a lengthy rant about minimalist installations, vi and a default C shell, he finds nice things to say about OpenBSD's floppy + 'Net installation, the thorough system probe and the IP filtering and address translation.

    August, 2000

  • OpenBSD and the Future of the Internet, OpenBSD Explained, O'Reilly Network, August 29, 2000
    David Jorm's column notes the fact that OpenBSD ships with functioning IPv6 networking. He briefly walks through the procedure to get an OpenBSD system to participate in "6bone", the transitional IPv6 network.

  • OpenBSD's Good Example, # RootPrompt.org, August 23, 2000
    Noel moves on after his "Cracked!" series to look at other security topics. This time, he installs OpenBSD, fully expecting some brutally stripped-down system good for nothing but firewalls and sniffers, but finds a functional desktop environment. OpenBSD sets an example for other systems: "It is my opinion that there are many lessons in how OpenBSD is put together that the Linux community needs to take note of".

  • The Brit and the Big Boy, NewsForge, August 22, 2000
    NewsForge Columnist Julie Bresnick pens a quirky profile of Tom Yates, co-author with Wes Sonnenreich of Building Linux and OpenBSD Firewalls.

  • Linux Revisited, ABCnews.com, August 16, 2000
    In an article better entitled "Moody battles on", columnist Fred Moody continues his lone battle over the Linux security record. He rates OpenBSD as the choice of those who expect "much, much more" and quotes Marcus Ranum, CTO of Network Flight Recorder, talking about OpenBSD's code audit. "They did some really interesting stuff; they did complete code audits of major hunks of the operating system and found huge, horrible, gigantic holes that all the other UNIX derivatives had been ignoring."

  • The World's Most Secure Operating System, The Industry Standard, August 14, 2000
    "A lone Canadian is reshaping the way software gets written. Is the world paying attention?". (Well, actually he's got help). Veteran technology reporter Brendan Koerner interviews Theo de Raadt, security vendors and writers to compare OpenBSD's code audit and "secure by default" credo against current industry practices.

  • An Overview of OpenBSD Security, OpenBSD Explained, O'Reilly Network, August 8, 2000
    David Jorm details the steps to configuring OpenSSH's sshd, and how to set up a secure Web server using OpenBSD's SSL support. He also looks at OpenBSD's security stance, the ongoing code audit and how to install security patches.

  • OpenBSD runs fuzz, Linux Weekly News, August 3, 2000
    Linux Weekly News security editor Liz Coolbaugh picks up on a Bugtraq thread about fuzz, a tool that tests commands with randomly generated command line arguments. Lead developer Theo de Raadt ran it against OpenBSD and found routine coding errors in about a dozen commands, none security-related. The article reprints de Raadt's posting and comments. Though the exercise was worthwhile, the tool only points to the areas to check, and is no substitute for careful code reviews, he concludes.

  • OpenBSD in a Datacenter Scale Environment, BSD DevCenter, O'Reilly Network, August 1, 2000
    David Jorm's OpenBSD Explained column talks about IT Manager Grant Bailey's initial skepticism about OpenBSD being able to handle the load for www.2600.org.au's Web and FTP site. On a tight budget, he set up a K-6 450MHz system, with 128 MB RAM and an IDE drive, got a few friends with cable modems to pound on it, and was pleasantly surprised.
    Update (Aug.4/2000): Grant writes that he has just seen the site's biggest day: 56GB outbound to everywhere on the Internet with 260 clients at one point, limited mostly by the RAM.

    July, 2000

  • Linux developers hunt for kernel bugs, vnunet.com, July 26, 2000
    John Leyden talks about the new Linux Kernel Auditing Project, and how last month some people decided that Linux needed some auditing. It is about time. The article mentions that "OpenBSD, another Unix-like open source operating system, has been subject to an ongoing security audit since 1996."
    The article apparently used to quote Roy Hills of NTA as saying ""This is the first time I've heard of an audit of the whole of a general purpose operating system kernel", but it has been ammended since.

  • Interview: Theo de Raadt, Sécurité.org, July 26, 2000
    Nicolas Fischbach caught up to Theo de Raadt at CanSecWest in Vancouver a while back, and the resulting interview discusses Secure by Default and the genesis of OpenSSH.

  • IPSec - We've Got a Ways To Go (Part II), Security Portal, July 26, 2000
    Kurt Seifried discusses various key management and tunnel modes and extensions possible with IPSEC implementations, including OpenBSD's ethernet over IPSEC bridging.

  • Setting up OpenBSD 2.7 as a cable NAT system , BSD Today, July 24, 2000
    Vlad Sedach writes about his experiences in setting up a ipnat/ipf box based on OpenBSD as his firewall.

  • Most secure operating system update uses Digital Signature Algorithm, vnunet.com, July 17, 2000
    James Middleton lists the features of the new 2.7 release.

  • OpenBSD is installed -- now what?, BSD Today, July 14, 2000
    As a follow-up to Installing OpenBSD 2.7, Clifford Smith explains how to set "up OpenBSD as a single-user, desktop system with basic information on installing the ports tree, setting up KDE, stopping unneeded services and using IPFilter."

  • IPsec Crash Course (part 1), Napalm, July 13, 2000
    Technical article about IPSec by ajax, discussing the networking basics, the key management daemons and various free and commercial implementations. This goes well beyond the usual how-to articles to explain the underlying protocols and their quirks.

  • , Computing Canada, July 7, 2000
    Viewpoint columnist Matthew Friedman tries to set the record straight -- open source is not all about Linux. He focuses on the rock-solid networking performance and security and speaks with OpenBSD's Theo de Raadt and FreeBSD's Jordan K. Hubbard.

  • Be An Engineer, Not An Artist, OS Opinion, July 6, 2000
    Monty Manley throws open the debate about artistic whim versus solid engineering in open source software development. Too few, like the OpenBSD auditors, are willing to sweat the details to make the code really work, he writes.

  • Attempting to install OpenBSD under VMware, BSD Today, July 6, 2000
    BSD Today reader Jeremy Weatherford tries his hand at installing OpenBSD on VMware, a system that allows multiple OSes to run concurrently on the same hardware. We can't fault him for trying, but being new to both OpenBSD and VMware, he might have been a tad too ambitious, considering VMware doesn't even list OpenBSD as a supported "guest" OS.

    June, 2000

  • Installing OpenBSD 2.7, BSD Today, June 29, 2000
    So you want to try out OpenBSD, right? Sounds like your kind of operating system, right? Patrick Mullen installs and reviews the 2.7 release. Another first-hand experience installing OpenBSD, with a sprinkling of humour because these articles can be a bit dry.

  • BSD (and Joe) are Canadian, letter to the editor, Computing Canada, June 23, 2000
    "Dave the Canadian software guy" wrote to complain about a column entitled "The computing road less travelled". The article on alternative OSes never mentioned OpenBSD, published in Canada, or NetBSD, the sole BSD at Linux Quebec in April. "Is it time for a Joe the Canadian commercial for Canadian Software?", Dave asks.
    The letter is further down the page.

  • Securing Your Network With OpenBSD, Kurt's Closet, Security Portal, June 21, 2000
    Kurt Seifried looks at some new features in OpenBSD 2.7 and recommends it as a platform for patrolling your network. He also gives a sampling of the many security tools available for intrusion detection, vulnerability analysis and network management, all available from the "Ports" collection.

  • Exposed to a Web of viruses, eWeek.com, June 19, 2000
    Peter Coffee, eWeek Labs, mentions OpenBSD in an article subtitled "IT wanted integration; Microsoft delivered. Now both must fix lax security". Near the end (it's there, really), he writes: Those who champion the open-source process point to projects such as the OpenBSD operating system, with its tremendous security record, as proof of concept. But there are other examples, such as loopholes in Kerberos code that went unnoticed for years, that show the limits of volunteer effort. Once again, we note that published source code doesn't automatically imply a security review. It won't happen by itself: people have to want to do it.

  • OpenBSD 2.7 press release, June 15, 2000
    This press release was translated into several languages and distributed to the trade press and Internet news sites.

  • Coming soon: a real-time OpenBSD?, BSD Today, June 14, 2000
    Randy Lewis of RTMX explains why they picked OpenBSD and how their real-time extensions will be folded back into the OpenBSD source tree in time for the next release. Interview by Jeremy C. Reed.

  • Introduction to OpenBSD Networking, BSD DevCenter, O'Reilly Network, June 13, 2000
    David Jorm, no stranger to OpenBSD, gives a detailed tour of the basic steps for setting up an OpenBSD system as a gateway with a LAN interface and a PPP connection. He also points out the little differences that could trip up somebody just arriving from the Linux world.

  • The state of the daemon, UNIX Review, June 7, 2000
    Michael Lucas reviews the state of the art for BSD-derived systems, and finds much cause for optimism. "OpenBSD delves further into constructive paranoia", he writes. Agreed, security is a state of mind, but unless the rash of serious incidents abates, it's not really paranoia.

  • Security By DEFAULT, OPEN SOURCES, Information Security, June 2000
    OpenBSD is one OS that's likely to be voted "Most Secure." So why not use it for all enterprise apps? Columnist Pete Loshin looks at OpenBSD as a serious contender for secure Internet servers.

  • Meet the hackers, America's Network, June 1, 2000
    Patrick Neighly writes a long and detailed article about the hows and whys of the hacker community. Near the end, he interviews a hacker who states that "OpenBSD tends to be a proactive security solution - they find holes before they're posted on Bugtraq"

    May, 2000

  • Cracked! Part4: The Sniffer, # RootPrompt.org, May 31, 2000
    Noel continues his chronicle of a cracker attack on his LAN. In part 4, he notes that even local user vulnerabilities cannot be overlooked because you must assume that an attacker will eventually figure out a login/password. As part of his conclusions, he mentions he would like to explore OpenBSD for systems that need user accounts. The first three parts also make for interesting reading for all system administrators.

  • Flaw found in PGP 5.0, Computer World, May 26, 2000
    PGP 5.0 was found to have a serious coding error under Linux and OpenBSD, where it replaced the random data obtained from /dev/random with a string of '1' digits when generating key pairs under certain conditions.

  • Security Beyond the Garden of Eden, BeOpen.com, May 19, 2000
    Sam Williams strikes again. He interviews OpenBSD lead developer Theo de Raadt and Tom Vogt, a lead developer of Nexus, a "maximum security" Linux distribution unveiled on May 9. This article contrasts two different approaches to security.

  • OpenBSD perfects security by one-upmanship, Upside Today, May 17, 2000
    Freelance writer Sam Williams captures the dynamics of the OpenBSD development effort in OpenBSD, dubbing it "geeking out for perfection". Williams also takes note of OpenBSD's business-friendly non commercial stance -- no corporate backers, yet plenty of commercial products with embedded OpenBSD.

  • Vulnerability Database Statistics, Security Focus, May 15, 2000
    "3 out of 2 people can't figure out statistics", the saying goes. In this light, we'd like to present Security Focus's summary of vulnerabilities. Read the disclaimers and feel free to dispute the results, but you have to admit it makes OpenBSD look good compared to other widely used OSes. We think the most important chart is the top one, total vulnerabilities. The upward trend is disturbing; it means the industry still doesn't "get it", and the users who trade off security for feature creep are delivering the wrong message.

  • Why We're Doomed to Failure, Security Portal, May 10, 2000
    Kurt Seifried talks about what people can do to promote security and protect themselves against the now-commonplace attacks. His first suggestion is for software vendors to audit code like OpenBSD did, but he feels that the effort and demand for knowledgeable programmers is too great for this approach to succeed. Instead, he suggests add-ons such as various Linux patches, development tools and replacement libraries. We think he gave up too easily: by accepting mudflaps in the place of airbags, he is taking the heat off software vendors to clean up the defects in their products.

  • They're after your data, vnunet.com, May 17, 2000
    In a discussion related to government hacking, Dearbail Jordan interviews a random hacker who states that "As far as operating systems go, OpenBSD, a completely free Unix variant, is probably the most secure C2-level Unix available today." Well, OpenBSD is not C2, mostly because the Orange Book C2 standard is for Trusted systems, not Secure systems, but the remainder of his comment is probably a correct viewpoint.

  • Open Source Smugglers, ComputerWorld, May 5, 2000
    "Psssstt! Wanna a good, reliable operating system on the cheap? Thing is, you just can't tell your boss about it" Technology writer Peter Wayner tells of the techies who break the rules and sneak open source systems on the job. He mentions the "security-conscious" OpenBSD as a successful secure e-commerce server against an rival NT implementation, as well as how Marcus Rannum embeds OpenBSD in the Network Flight Recorder IDS appliance to sidestep NT vs. UNIX prejudices.

  • PowerCrypt Encryption Accelerator Endorsed by OpenBSD, Business Wire, May 2, 2000
    Press release from Global Technologies Group, Inc. announcing OpenBSD support for their PowerCrypt IPSec hardware accelerators cards.

  • An experience installing OpenBSD, BSD Today, May 2000
    Another "how I installed OpenBSD" article. Jeremy C. Reed writes a blow-by-blow, prompt & response chronicle of how he installed OpenBSD 2.6, to the point of setting up X, the blackbox window manager and Netscape -- elapsed time, 4 hours and 38 minutes. Phew.

  • My Adventures In OpenBSD 2.6, Daemon News, May 2000
    Alison describes how she gave in to the geekier side of her nature and rescued a castaway PC and put OpenBSD on it. "Contrary to popular opinion, however, I think it's not just a matter of reliability," she writes, "but also of clarity and simplicity - two very important and oft-overlooked characteristics of computer software.".

    April, 2000

  • Interview with OpenBSD's Theo de Raadt, eup E-zine, April 20, 2000
    In this interview by Daniel De Kok, lead developer Theo de Raadt comments on the BSDI/FreeBSD merger, OpenBSD as an embedded OS, and future plans for OpenBSD.

  • Security Experts Say Proprietary Code Isn't Scrutinized Well Enough, SOURCES, April 19, 2000
    This bulletin discusses security concerns raised by recent reports of vulnerabilities in commercial software such as backdoors and automatic registration forms. The article quotes Jerry Harold, president & co-founder of Network Security Technologies Inc. "This is why NetSec builds its products on an operating system (OpenBSD) that has made security its number one goal."

  • Open Source - Why it's Good for Security, SecurityPortal.com, April 17, 2000
    In another FUD-fighting article, security writer Kurt Seifried and Bastille Linux project leader Jay Beale refute a recent well-circulated article saying open source software is more vulnerable because the black hats can find bugs just by reading the source. If this were the case, they argue, OpenBSD could not have achieved its security record. They counter the claim by demolishing "security through obscurity", the myth that just won't go away.

  • Wide Open Source, SecurityFocus.com, April 16, 2000
    Elias Levy of BUGTRAQ fame discusses the security of open- vs. closed-source software. OpenBSD developers are mentioned first among a few groups of people who care about auditing code for security vulnerabilities.

  • Bad Press, 32Bits Online, April 2000
    Slamming some recent press which had said that Open Source (and in particular Linux) leads to more software security problems, Clifford Smith states
    "If there is ONE definitive proof that the source code being opened up for review provides the opportunity to create secure operating systems, OpenBSD is that proof." (his emphasis)

    March, 2000

  • Linux is a security risk, I don't think so!, Security Portal, March 29, 2000
    Columnist Kurt Seifried uses OpenBSD's code audit as an example to refute a FUD piece on a major computer industry website that claims that Linux is a security risk because the bad guys can find the holes simply by reading the source code.

  • The Kurt Seifried interview, Linux.com, March 8, 2000
    The roles have changed; security columnist Kurt Seifried is now the subject. He discusses his role at Security Portal, the state of Linux security, OpenBSD's security model and the Linux hardening scripts like Bastille Linux. He's pessimistic about the future and predicts that with management apathy towards security, "we're in for 10-50 more years of miserable computer security problems".

  • Open source software: Ready for Credit Union Primetime?, CUES Tech Port, March 6, 2000
    An article explaining the trade-offs of using open source software, how it might be applied to credit union enterprises and some caveats about the learning curve for staff not already familiar with UNIX-like operating systems. Author Tom DeSot strongly recommends OpenBSD in this article written for credit union IS managers.

  • The Unix players change, but the (r)evolution continues, SunWorld, March 2000
    Rich Morin puts the 80's UNIX history of fragmentation in perspective by examining the creative tensions between the five operating systems derived from 4.4BSD-Lite. Rather than repeating the platitude of how the BSD-derived operating systems should unite, Morin's Silicon Carny column shows that the projects and companies cooperate even though they have diverging goals. And now that Sun has cautiously moved to open source some of its source, how will the open source world react, he asks.

  • Getting to know OpenBSD, Boardwatch Magazine, March 2000
    UNIX columnist Jeffrey Carl continues his survey of the freenix alternatives for ISPs with an interview with Louis Bertrand. The author also discusses the relative merits of OpenBSD and how ISPs might want to use it for a competitive advantage.

    February, 2000

  • All About SSH - Part II: OpenSSH, Security Portal, February 28, 2000
    Seán Boran wraps up his look at SSH with an article devoted to OpenSSH running on OpenBSD and other OSes, mentioning problems porting OpenSSH to platforms without good crypto support.

  • Firewalling with IPF, Security Portal, February 16, 2000
    Kurt Seifried, author of the Linux Administrators Security Guide, explains how to set up packet filtering with ipf. His examples are based on OpenBSD 2.6 even though his article isn't aimed at any specific OS.

  • OpenBSD 2.6 - new features, Security Portal, February 9, 2000
    Kurt Seifried reviews OpenBSD 2.6 and finds new features like OpenSSH, Apache DSOs, and new device drivers. He also finds comfort in an old friend, the "secure by default" installation.

  • Three Unixlike systems may be better than Linux, ComputerWorld, February 7, 2000
    We really like Simson when he writes "But if you're trying to get the most for your money or if you want a higher level of security, take a look at the BSDs. The rewards can be considerable." But he misses the point about strong crypto because of the fuss over 128-bit browsers. The RSA patent has been a more effective muzzle on innovation than the export prohibitions. Also note OpenBSD and FreeBSD also integrate IPv6 in their current codebase.

  • Review of FreeBSD 3.4, 32BitsOnline, February 2000
    In a review of FreeBSD 3.4, the author, Clifford Smith, was impressed enough about OpenBSD to say "OpenBSD is probably the most secure distribution out of the box because it comes with a source code that has been given a complete security audit. It also comes with KERBEROS enabled out of the chute, OpenSSL and ssh is part of the distro now, too. IPFilter works immediately. Just Brilliant."

  • Securing Linux, Information Security, February 2000
    Pete Loshin surveys the state of the industry in Linux and UNIX-like security. He highlights an emerging problem, novice Linux users who may unknowingly leave installation holes, or inadvertently create some. The OpenBSD sidebar explains the goals and purpose of OpenBSD, and highlights its reputation among security experts.

  • FreeBSD, OpenBSD and SuSE 6.2 Eval Review, OS Opinion, February 2000
    Can't decide? Let's try a bunch. Veteran computer jockey Keith Rankin compares a Linux distro and two of the BSDs. Long and quite detailed.

    January, 2000

  • Secure by default - a review of OpenBSD, Epinions.com, January 26, 2000
    OpenBSD gets a five-star rating in this reader contributed review by Justin Roth. It's a short glowing article that focuses on the security of OpenBSD. The reviewer cautions however that it's only secure if the administrator is vigilant.

  • Opening up, government style, ZDNet, January 24, 2000
    Linux columnist Evan Leibovitch notes a small victory for open source when the US government recognised it as being for "the Public Good" in the recently relaxed cryptography export rules. He quotes Theo mentioning that the RSA patent has had a far greater chilling effect on US-based cryptography than the export prohibitions.

  • "Info.sec.radio" radio show. 11:00AM, Monday, January 10, 2000
    CJSW 90.9 FM campus radio in Calgary in association with SecurityFocus

    In the inaugural show of Info.sec.radio, Dean Turner of Security Focus interviews Theo de Raadt about OpenBSD, security, and cryptography.

  • Mudge, the halo and the 2.4 sticker, MSNBC, January 6, 2000.
    The beastie sticker from OpenBSD 2.4 was spotted on Mudge's laptop cover in a file photo for this story about L0pht joining with corporate heavyweights.

  • Does 'open' mean secure?, NetworkWorld Fusion Newsletters, January 5, 2000
    Security Portal founder Jim Reavis calls OpenBSD "Linux's Linux". We're not sure what it means, but he was making the point that public scrutiny of source code helps security, so it must be a compliment.

  • Giving Back, Sm@rt Reseller Online, January 4, 2000
    Linux columnist Steven J. Vaughan-Nichols writes mostly about VA Linux creating a source repository for open source projects, but there's an interesting quote: "Whether an open-source program runs on OpenBSD, Palm or even Windows, so long as it's an open-source program it's game for SourceForge." OpenBSD, soon to be a household word!

  • There's more to open source than just Linux, Computing Canada, January 2000
    "Lack of consistency in different versions of distributions is leading some administrators to re-examine their approach", writes Linux columnist Gene Wilburn. He suggests the BSD systems as an alternative because they offer a "high level of consistency and integrity".

  • A report from LISA, SunWorld, January 2000
    Columnist Peter Galvin gives a recap of LISA '99, mentioning among others Bob Beck's paper about securing public access Ethernet jacks on a university campus.

  • Canadian open source projects, The Computer Paper, January 2000
    OpenBSD is featured in a year-end review of Canadian Open Source projects in The Computer Paper. Linux columnist Gene Wilburn gets it right. Unfortunately, the article isn't on the Computer Paper's site, but it is available at the author's site.

  • A Home-Grown Operating System?, Alberta Venture Magazine, January/February, 2000
    Grace Casselman interviews Theo about the development process of OpenBSD.

    December, 1999

  • OpenSource projects - what I learned from Bastille (and others), Security Portal, December 23, 1999
    Kurt Seifried (seifried@seifried.org), security analyst and author of the Linux Administrators Security Guide, discusses the effort needed to create a Linux distribution. He mentions OpenBSD's code audit as a reference point for securing the OS.

  • OpenBSD 2.6 Now Available, Server Watch, December 3, 1999
    Picked up on OpenBSD 2.6 press release.

  • OpenBSD Review, TekPress.COM, December 1999
    Vlad Sedach offers a detailed look at OpenBSD, its history, security stance and cryptography. He notes the lack of multiprocessor support but rates the security as best available, especially compared to NT.

    November, 1999

  • Buddying up to BSD: Part Three - Regrouping, Linux.com, November 15, 1999
    Reviewer Matt Michie responds to critics of his previous OpenBSD article in an opinion piece that discusses OpenBSD and Linux advocacy.

  • OpenBSD comes close to security nirvana with a system that is 'secure by default', InfoWorld, November 8, 1999
    Security Watch columnists Stuart McClure and Joel Scambray say good things about OpenBSD's security stance. "As you've come to expect from us, our faith in vendors' attention to security is waning, but OpenBSD gives us hope. OpenBSD is a group that has done it right -- or at least strives to".

  • Buddying up to BSD: Part Two - OpenBSD, Linux.com, November 8, 1999
    Reviewer Matt Michie narrates his experience with an FTP installation of OpenBSD 2.5 on an aging P-133. Despite trouble with the installation he recommends it to experienced Linux users who wish to broaden their horizons. Then the reader feedback flames him for his trouble.

  • UK Royal Family webmaster prefers OpenBSD, Slashdot, November 4, 1999
    Mick Morgan, of the UK's Central Computer and Telecommunications Agency, answers Slashdot readers and talks about the design of a high profile web site like the Royal Family's. In hindsight, he would have chosen OpenBSD for its security aspects.

  • Turning on the Zedz, ZDNet, November 2, 1999
    Linux columnist Evan Leibovitch tries to make sense of the byzantine US crypto laws and offers some alternative crypto software and resources including OpenBSD and OpenSSH.

  • Freenix flavors or, three demons and a penguin, Boardwatch Magazine, November, 1999
    Boardwatch Magazine's UNIX columnist Jeffrey Carl surveys the freenix choices for ISPs. We debate his conclusion that security and functionality are mutually exclusive choices. If that were the case, security conscious users would unplug from the Net and just send faxes.

    October, 1999

  • OpenBSD - a secure alternative, Security Portal, October 27 1999
    Kurt Seifried (seifried@seifried.org), security analyst and author of the Linux Administrators Security Guide, discusses setting up an OpenBSD firewall.

  • Interview with The Cult of the Dead Cow, Slashdot, October 22, 1999
    In between cheeky and rude answers to slashdot reader questions, cDc'ers mention OpenBSD's security model and code audit.

  • The existence of OpenSSH-1.0 has been confirmed, Linux Weekly News, October 14, 1999
    Linux Weekly News was the first non-BSD news agency to report the existence of OpenSSH, which will ship with OpenBSD 2.6.

  • Easing on Software Exports Has Limits, New York Times, October 11, 1999
    Peter Wayner takes a closer look at some consequences of the US government's restrictions on the export of strong cryptographic software, and finds no small amount of irony. OpenBSD is prominently featured, along with a picture of Theo de Raadt brandishing CD-ROMs. (No charge registration required to read the NY Times on the web).

  • NSTI announces commercial support services for OpenBSD, Yahoo News, Oct. 6, 1999
    Network Security Technologies press release on the PR Newswire. NSTI already uses OpenBSD in their Network Ops Center.

  • I've been hacked! How OpenBSD saved our project, Daemon News, October 1999
    Overworked system administrator John Horn tells us about his adventures with a publicly-accessible Lynx server.

    September, 1999

  • Calgarian heads team ensuring OpenBSD security, Calgary Herald, Sept. 30, 1999
    Technology reporter Matthew McClearn interviewed system administrators and security specialists in Calgary and Edmonton who choose OpenBSD for its stability and proactive security audit. He also gives some project history.

  • Small town in Kentucky has Internet connectivity unlike the rest of America, MSNBC, Sept. 29, 1999
    Jethro reports on the mailing lists that MSNBC aired a segment about a small town in Kentucky with high-speed Internet connectivity. During an interview with the town's teenage security guru, you could read the prompt on his terminal:
    Connected to spanweb.glasgow-ky.com.
    Escape character is '^]'.

    OpenBSD/mac68k (spanweb.glasgow-ky.com) (ttyp0)

  • Hack this! Microsoft and its critics dispute software-security issues, but users make the final call, Infoworld, Sept. 27, 1999
  • Microsoft: Bad security, or bad press?, CNN, Sept. 28, 1999
    A scathing look at the Microsoft "Insecure by Default" scheme quotes the CDC as saying that "The most secure platform 'out of the box' is OpenBSD, because security is a focus on the project". Contrast the Microsoft scheme with ours.

  • Open source has roots in the Net, USA Today, Sept. 20, 1999
    Nice high profile mention of OpenBSD by Will Rodger: "Yet backers say the speed and transparency with which open source programmers compete to discover and then fix problems separates their operations from traditional software shops. OpenBSD -- still another open source operating system -- is often called the most secure operating system in the world."

  • Even better than Linux, Boston Globe, Sept 16, 1999
    Technology writer Simson L. Garfinkel confesses he prefers the BSDs better than Linux and explains why. He writes a nice paragraph or two about OpenBSD and its security and cryptography goals. However, reading this, you'd think all the developers were Canadian (hint: they're not). The article has moved to the archives, free registration required.

  • Microsoft, Linux to become duopoly?, ComputerWorld Australia, Sept 8, 1999.
    Reporter Natasha David interviews lead developer Theo de Raadt, who notes that cross-UNIX compatibility is losing ground in the rush for Linux applications. de Raadt was a keynote speaker at the Australian Unix User Group (AUUG) meeting in Melbourne.

  • GNU launches free encryption tool, IDG News Service, September 08, 1999
    GNU Privacy Guard runs fine on OpenBSD.

  • Maintaining Patch Levels with Open Source BSDs, SysAdmin feature article, Sept. 1999
    Michael Lucas explains the broad lines of the BSD development model and how to keep *BSD systems up-to-date with CVS. The author takes most of the examples from FreeBSD, but he takes the time to explain differences between the three systems. (Most of this is technology was originally invented by the earliest OpenBSD developers, as described in a paper presented at Usenix).

  • My own private IRP, open source IT tutorial, Sept. 1999
    Sean Sosik-Hamor descibes how he built up his own Internet resource provider (IRP) and web hosting business out of available hardware and freenix software. He chose OpenBSD exclusively for his DMZ and describes the FTP installation.

  • India-based Web site offers raft of free OSes, ComputerWorld Australia, September 1999
    OpenBSD is one of many free OSes offered at FreeOS, an India-based alternative OS news and portal site.

    August, 1999

  • A Secure and Open Society, ComputerWorld Canada, Aug 27, 1999
    The article starts off as a personal story about lead developer Theo de Raadt, but if you read carefully, it does explain a lot about the origins and goals of OpenBSD.

  • 1999's Technically Excellent Canadians, COMPUTERMAGS.COM, Aug 10, 1999
    "CCW is very pleased to name our five Technically Excellent Canadians, who are significantly impacting on technology both at home and abroad. Thanks to our readers for your involvement and nominations." The publisher of Canadian Computer Wholesaler (August 1999) and The Computer Paper (September 1999) presented this award to Theo de Raadt for his part in OpenBSD (the sub-article is half way down the page).

    July, 1999

  • The Net's stealth operating system, MSNBC, July 22, 1999
    "The OpenBSD group, which did a line-by-line security audit of BSD code, and now has what is widely regarded as the most secure OS available."

    June, 1999

  • IPsec Tech Tutorial, Data Communications, June 1999
    "IPsec may be an open standard, but that's no guarantee that different vendors' gear will work together. To assess interoperability, we put an even dozen products through their paces." OpenBSD 2.4 and commercial IPsec implementations were tested by an independent lab for interoperability and ease in setting up tunneling gateways.

  • A glimpse at the USENIX Technical Conference, SunWorld, June 1999
    In a review of this year's event subtitled "USENIX and Unix -- then and now", writer Vicki Brown contrasts the first conference in 1979 to the recent one in Montery, California. Although it only mentions OpenBSD in the links section below the article, it's still an interesting read.

    May, 1999

  • Operating system designed to foil hackers, National Post, May 25, 1999
    The Post's technology reporter David Akin interviews Theo de Raadt for in a story that ran on the front page of the business section.

  • OS Also-Rans: After Windows 98, Mac OS and Linux, what's left for your Macintosh or Intel PC? Lots, St.Paul-Minneapolis Pioneer-Planet, May 17 1999
    Despite the terrible title, staff writer Julio Ojeda-Zapata gives fair treatment to the alternatives.

  • In Search of OpenBSD, DaemonNews, May 1999
    Ejovi Nuwere in Japan: three days, three locations, one operating system.

  • Safe and friendly read-only chroot jails for FTP and WWW, DaemonNews, May 1999
    "Ruffy" explains how to set up safe and friendly read-only FTP and WWW services with OpenBSD's ftpd as an example.

    March, 1999

  • Why to BSD in a Linux world, March, 1999
    Description of the OpenBSD development process, and arguments as to why Linux probably cannot achieve the same level of security audit.

  • Alternative OSes face a Sisyphean struggle to get into the PC mainstream, Infoworld, March 8, 1999
    Guest columnist Brett Arquette points out that Linux isn't the only alternative PC OS out there, then describes why hardware drivers and end user support is crucial to popularising an OS. He mentions OpenBSD and adds a link to this site.

    February, 1999

  • NFR Performance Testing, report written by Anzen. February, 1999
    This report compares the network monitoring performance of the NFR (Network Flight Recorder) package at handling flat-out 100Mbit ethernet monitoring, running on OpenBSD, BSDI, Linux, and Solaris. OpenBSD comes out as a clear winner just for raw performance; even before you consider the superior security of OpenBSD which you probably would want for a network-monitoring station.

  • DaemonNews: Serving NT filesystems from an OpenBSD server February, 1999
    A system administrator debunks the myth that you must use NT as a file server when you run Windows clients. Squeezing performance out of vintage hardware and adding in some scripts to automate the setup of new projects won management over to OpenBSD.

  • Security Watch, end of year Golden Guardian awards. February, 1999
    "Finally, we'd be remiss in ignoring OpenBSD in any discussion of top open-source security products. It registered high in our e-mail survey, and we promise to take a more active look at it in future columns."

    January, 1999

  • Open-Source Software: Power to the People, Data Communications, January 4, 1999
    Columnist Lee Bruno marvels that free software is serving alongside name-brand software. Page three mentions OpenBSD in the roundup.

  • The return of BSD, SunWorld, January 1999
    BSD veteran Greg Lehey notes the strong loyalty of SunOS 4 users and surveys the BSD-derived OSes available on SPARC and PC hardware. The article also comes with a long list of useful links (some are stale).

    November, 1998

  • OpenBSD and IPSec, leading the pack, November, 1998
    A two-part article by Ejovi Nuwere focusing on OpenBSD's IPSec Development. Part one is an introduction to OpenBSD's Photurisd and its current Implementation, including a brief interview with Photurisd creator Neils Provos.

    August, 1998

  • Beyond HOPE coverage, Wired Magazine, Aug 11, 1997
    Completely bogus (but quite amusing) description of what OpenBSD is.

    July, 1998

  • Security Watch: Monthly Editorial. July, 1998
    Points at our security page calling it "OpenBSD's mantra".

  • Wired Magazine, June 1998, page 96 (paper edition only)
    A half-page description of what OpenBSD is, with a strange picture of project founder Theo de Raadt (Wired loves Photoshop).

    June, 1998

  • WebServer Online, reprinted in Server/Workstation Expert (formerly SunExpert Magazine), June 1998, page 81
    A glowing four-page description of OpenBSD emphasizing its use as a server and an OS that ships with security in the box (the SunExpert version is in PDF but includes their own graphic - a cross between Superman™ and the BSD Daemon, which the WebServer version in HTML does not).

    May, 1998

  • Usenix coverage, Wired Magazine, May 1, 1998
    Mention of OpenBSD with regards to our involvement in the Freenix track held at Usenix in New Orleans.

  • Swedish press coverage (in Swedish)

    June, 2000

  • Säkerhet & Sekretess, No 4, 2000
    This article reports in a positive tone on OpenBSD's latest security feature, hardware-supported cryptography.

  • May, 2000

  • Computer Sweden, May 2, 2000
    An article describing *BSD as the choice of the "very demanding". OpenBSD is noted for its focus on security and cryptography.

  • November, 1998

  • Datateknik, Nov 20, 1998
    An article on the swedish IPSec interop event mentions OpenBSD as one of the successful participants, and has a mini-interview with OpenBSD developer Niklas Hallqvist.

  • Datateknik, Nov 13, 1998 and Datateknik, Nov 14, 1998
    Two published letters talking about OpenBSD's role in MacOS X. The first one has some misconceptions which are corrected by the second which explains the licensing issues and points to our copyright policy page.

  • Japan press coverage (in Japanese)

    December, 2000

  • Opinion: why I use OpenBSD, MacWIRE Online, ZDNet Japan, December 6, 2000
    Translation of Stephan Somogyi's opinion piece, explaining why he runs OpenBSD. Some might argue that his example security flaw, open spam relays, is really no big deal, but we think it raises an important point: if an OS or mail system ships with relaying open by default, what message does that send about that system's resistance to less trivial attacks. He also chides Intel and 3Com for not providing driver documentation to allow their IPSec networking cards to be used.

    September, 1999

  • BSD Magazine, Sept. 28, 1999
    ASCII Corporation is launching a Japanese language magazine that covers the freenix BSDs, BSD/OS and related subjects. The magazine will also be translating and reprinting articles from Daemon News, the BSD ezine.

  • Germany press coverage (in German)

    September, 2000

  • Das BSD-Ports-Verzeichnis, FreeX Magazin, 4.Quartal 2000
    Jörg Braun surveys the Ports system that gives users easy access to hundreds of net freeware applications. The author covers the various make options and targets, and also notes OpenBSD's "fake" installation used to create easily distributable binary packages as an automatic by-product of building a port.

    February, 2000

  • Open Source Software in der Bundesverwaltung, Bundesministerium des Innern, Februar 2000
    A paper on open source software in the German federal government, published by the Federal Ministry of the Interior. The paper, which gave reference to OpenBSD among many other OSes and applications, was posted then retracted on "orders from above" in the ministry. Giving way to the pressure and protests of the open source movement the ministry rerelased the document after cutting out some numbers. (the Microsoft Licence fees, btw.!)

    December, 1999

  • OpenBSD 2.6 ist da, heise online newsticker, December 2, 1999
    Brief summary of the OpenBSD 2.6 press release.

  • Russian press coverage (in Russian)

    January, 2000

  • Byte Magazine, Russia, January 2000 issue
    Interview with Theo de Raadt about history and feature of OpenBSD project.

    July, 1999

  • Byte Magazine, Russia, July/August 1999 issue.
    A review of OpenBSD 2.5 and OpenBSD project goals.

  • Poland press coverage (in Polish)

  • OpenBSD and Linux, LinuxNews Radio, August 2, 2000
    Bartek Rozkrut (aka Madey), made a guest appearance on LinuxRadio, speaking about differences betwen OpenBSD and Linux. During the show, listeners were able to comment and ask questions on IRCNET's #linuxnews channel. The main criticism was that OpenBSD doesn't support SMP and isn't available for the IA-64 platform. LinuxNEWS is the biggest polish Linux news service, covering the entire Linux scene in Poland.
    Here's the MP3.

  • OpenBSD - ma same zalety?, OpenBSD - Nothing but advantages?, LinuxNews Serwis Informacyjny, January 2000
    Bartek Rozkrut combines an overview of OpenBSD with a review of how to download and install the system. He mentions Theo de Raadt's "craze" about security and how he frustrates Linux advocates on Bugtraq with mails like "the problem was fixed a year ago in OpenBSD". The author spends some time explaining the disklabel partitioning scheme and reassuring would-be users that the no-frills installation script actually works even though it doesn't have a fancy point & click interface. He even gives typical download times from the various national ISPs.
    Thanks to Vadim Vygonets, Wojciech Scigala and Tenyen for their help with the translation. For the full text, see the advocacy@openbsd.org mail archives. Interpretation errors are mine --louis

  • OpenBSD www@openbsd.org
    $OpenBSD: press.html,v 1.176 2001/02/09 14:29:55 louis Exp $