He hot linked an image from my blog instead of hosting it himself… what a bandwidth leech (the puffy craptop image). Tempted to change it with a huge ISIS propaganda image just to f-ck with him.
EDIT: yay, my complaint got noticed and the image is now hosted by the author.
FWIW, I find it much more useful to read Setup OpenBSD with full disk encryption from the same author.
Sorry, but that one’s not much better… Why do people keep writing this up, leaving out some steps and adding their own? We’ve documented this in the FAQ and elsewhere for years now. Without suggestions like disabling swap encryption or having only a single partition for / and one for swap and no others. :(
For a relatively up-to-date and more in-depth view, see @stsp’s softraid(4) boot slides for EuroBSDCon 2015.
It’s a README with specfic steps of what to edit and tweak for a nicer desktop, and a pkglist of all the OpenBSD packages I use, and an INSTALL.sh file to loop through and install them.
I’ll keep it updated with each new OpenBSD release.
I’m just a fan, trying to do my part to help people get into it. ☺
What are the main differences between OpenBSD and FreeBSD? I’ve been using FreeBSD for some time now and have had very few issues, although the Intel graphics driver dies every few weeks forcing a restart. That said, I need to upgrade to 11.1.
They are very different. So you’d need to give a bit of context for that question.
But maybe it’s worth mentioning how different they are. NetBSD and FreeBSD started out nearly 24 years ago. They developed into rather different directions, had very different focuses (and no, that’s not just NetBSD working on a toaster). Somewhat over ten years ago OpenBSD forked from NetBSD. Today both operating systems are very different from each other.
One might say that code wanders between the project, which is true, but one has to keep in mind that this is also true for Linux and BSD. While this is harder, due to licensing, a lot of the developers still are willing to give permissions in regards to code. However, the kernel isn’t the most obvious thing to users anyway, in most cases, other than “which hardware” and “which file systems” are supported, but even there there is FUSE.
In other words, they are about as different as two Unix derivatives can get, but also not more than that. They have a somewhat different community and culture, but also not more different than different open source operating systems.
What you will notice is that OpenBSD is a bit slower and a bit more focused on simplicity. Even though the performance part depends a bit on use cases.
I’d hugely suggest to try it out though. Like different programming languages it can extend your horizon. At least for me trying out the different BSDs back in 2005 and the following years did. They are all general purpose operating systems, so don’t be blended by the typical categorization of saying that OpenBSD is fast, NetBSD is portable and FreeBSD is performant and has a lot of divers (even though that’s probably more true for DragonFly BSD these days).
What is rather amazing about all of them is how incredibly much each of them manages to get done, despite having a comparatively (compared to Linux) small amount of committers. They all have quite a few edges over other, similar projects, have research going on, while still remaining perfectly usable general purpose operating systems.
FreeBSD and OpenBSD are similar in that they’re both direct descendants of Unix, by way of 386BSD and 4.4BSD-Lite. Compared to Linux they are more conservative with design decisions, and have much better documentation quality.
FreeBSD is the larger project. They have more manpower and more code. Personally I think of them as a more conservative Debian. Features include: ZFS support in the kernel, the bhyve hypervisor, a Linux binary compatibility layer, and support for Wine and Steam. Nvidia graphics cards are well-supported. They also care a lot about performance: their TCP/IP stack is one of the best, and they forked the pf firewall to add multicore support. They also have the largest ports tree. Netflix uses FreeBSD for many of their servers.
OpenBSD is much more aggressive about simplicity of implementation. Dead or broken code is deleted from the tree. They’ve developed a reputation for security but it seems to derive from simplicity of implementation, which is their primary concern. When a legacy component seems broken, they’re not afraid to refactor or reimplement it: LibreSSL, doas, and pledge are all OpenBSD success stories. The vmm/vmd hypervisor is up-and-coming. While not as far along as bhyve, it is capable of running Linux guests. OpenBSD has also taken a hardline stance against blobs in the kernel, which means AMD (with the open-source radeon driver) is a better bet than Nvidia. OpenBSD is arguably the best BSD for laptops, assuming you have supported hardware.
Capsicum vs Pledge is a great example of FreeBSD vs OpenBSD. Both projects attempt to achieve the same thing: restrict program permissions so they do less damage if misbehaving. Capsicum is a complex capabilities-based system which is very sophisticated and took years to write. Adjusting programs to use capsicum is usually hard work. In contrast, pledge is a simple privilege-dropping syscall developed in a few months. Adding pledge to a program is often just a 2-line diff. [Pledge slides]
Why? One could argue that both DragonFly and MacOS might be better. But then it is for hardware reasons, which you seem to have excluded from that statement.
Netflix uses FreeBSD for many of their servers.
Do you know if they use it outside of Open Connect?
DragonflyBSD laptop support seems ratherlimited. MacOS has BSD code in userspace but I wouldn’t really call it “a BSD”. Even Windows had BSD code in userspace.
Your questions about Netflix and the TCP/IP stack are related: they chose it for performance. Netflix probably has servers that aren’t FreeBSD, but they definitely use it for their content delivery.
When it comes to raw performance, especially in terms of system load per packet, nothing beats FreeBSD. This has been true for as long I can remember.
OpenBSD is focused on security and simplicity. It has a ton of exploit mitigation features (though there’s HardenedBSD, a FreeBSD fork with a lot of these). OpenBSD lacks a lot of features a FreeBSD power user would be used to. No jails, no DTrace, no ZFS… going from a modern CoW FS with snapshots and stuff to old UFS/FFS makes me very sad.
He hot linked an image from my blog instead of hosting it himself… what a bandwidth leech (the puffy craptop image). Tempted to change it with a huge ISIS propaganda image just to f-ck with him.EDIT: yay, my complaint got noticed and the image is now hosted by the author.
Additionally, someone on twitter claims it serves/served a js coin miner https://twitter.com/TheNgratefulDed/status/910384872098877440 - personally I didn’t see it running so maybe that got removed.
Oh, so that’s why my laptop started heating up like crazy.
Turns out attributing to stupidity what can also be explained by malice doesn’t always work either.
“someone on twitter claims it serves/served a js coin miner”
My fan didn’t even increase on this backup with a Celeron. I guess NoScript saved the box again! :)
Don’t leave localhost without it!
The article is honestly quite poor and besides a long intro it only contains three setup instructions:
machdep.allowaperture=2pkg_add xfce xfce-extras firefox vlcexec startxfce4FWIW, I find it much more useful to read Setup OpenBSD with full disk encryption from the same author.
Sorry, but that one’s not much better… Why do people keep writing this up, leaving out some steps and adding their own? We’ve documented this in the FAQ and elsewhere for years now. Without suggestions like disabling swap encryption or having only a single partition for / and one for swap and no others. :(
For a relatively up-to-date and more in-depth view, see @stsp’s softraid(4) boot slides for EuroBSDCon 2015.
If anyone is interested, the shortcuts I use to set up a great OpenBSD desktop every time, are free for download, at the bottom of this page:
https://sivers.org/openbsd
The direct link is https://sivers.org/file/61.tar
It’s a README with specfic steps of what to edit and tweak for a nicer desktop, and a pkglist of all the OpenBSD packages I use, and an INSTALL.sh file to loop through and install them.
I’ll keep it updated with each new OpenBSD release.
I’m just a fan, trying to do my part to help people get into it. ☺
Nice. I used to have OpenBSD as my desktop in the 4.x days
What are the main differences between OpenBSD and FreeBSD? I’ve been using FreeBSD for some time now and have had very few issues, although the Intel graphics driver dies every few weeks forcing a restart. That said, I need to upgrade to 11.1.
They are very different. So you’d need to give a bit of context for that question.
But maybe it’s worth mentioning how different they are. NetBSD and FreeBSD started out nearly 24 years ago. They developed into rather different directions, had very different focuses (and no, that’s not just NetBSD working on a toaster). Somewhat over ten years ago OpenBSD forked from NetBSD. Today both operating systems are very different from each other.
One might say that code wanders between the project, which is true, but one has to keep in mind that this is also true for Linux and BSD. While this is harder, due to licensing, a lot of the developers still are willing to give permissions in regards to code. However, the kernel isn’t the most obvious thing to users anyway, in most cases, other than “which hardware” and “which file systems” are supported, but even there there is FUSE.
In other words, they are about as different as two Unix derivatives can get, but also not more than that. They have a somewhat different community and culture, but also not more different than different open source operating systems.
What you will notice is that OpenBSD is a bit slower and a bit more focused on simplicity. Even though the performance part depends a bit on use cases.
I’d hugely suggest to try it out though. Like different programming languages it can extend your horizon. At least for me trying out the different BSDs back in 2005 and the following years did. They are all general purpose operating systems, so don’t be blended by the typical categorization of saying that OpenBSD is fast, NetBSD is portable and FreeBSD is performant and has a lot of divers (even though that’s probably more true for DragonFly BSD these days).
What is rather amazing about all of them is how incredibly much each of them manages to get done, despite having a comparatively (compared to Linux) small amount of committers. They all have quite a few edges over other, similar projects, have research going on, while still remaining perfectly usable general purpose operating systems.
Somewhat over ten years being over 20 years ago.
look, for some of us, thirty years ago will always be the 70s.
FreeBSD and OpenBSD are similar in that they’re both direct descendants of Unix, by way of 386BSD and 4.4BSD-Lite. Compared to Linux they are more conservative with design decisions, and have much better documentation quality.
FreeBSD is the larger project. They have more manpower and more code. Personally I think of them as a more conservative Debian. Features include: ZFS support in the kernel, the bhyve hypervisor, a Linux binary compatibility layer, and support for Wine and Steam. Nvidia graphics cards are well-supported. They also care a lot about performance: their TCP/IP stack is one of the best, and they forked the pf firewall to add multicore support. They also have the largest ports tree. Netflix uses FreeBSD for many of their servers.
OpenBSD is much more aggressive about simplicity of implementation. Dead or broken code is deleted from the tree. They’ve developed a reputation for security but it seems to derive from simplicity of implementation, which is their primary concern. When a legacy component seems broken, they’re not afraid to refactor or reimplement it: LibreSSL, doas, and pledge are all OpenBSD success stories. The vmm/vmd hypervisor is up-and-coming. While not as far along as bhyve, it is capable of running Linux guests. OpenBSD has also taken a hardline stance against blobs in the kernel, which means AMD (with the open-source radeon driver) is a better bet than Nvidia. OpenBSD is arguably the best BSD for laptops, assuming you have supported hardware.
Capsicum vs Pledge is a great example of FreeBSD vs OpenBSD. Both projects attempt to achieve the same thing: restrict program permissions so they do less damage if misbehaving. Capsicum is a complex capabilities-based system which is very sophisticated and took years to write. Adjusting programs to use capsicum is usually hard work. In contrast, pledge is a simple privilege-dropping syscall developed in a few months. Adding pledge to a program is often just a 2-line diff. [Pledge slides]
Lots of insights, but a few questions came up.
Why? One could argue that both DragonFly and MacOS might be better. But then it is for hardware reasons, which you seem to have excluded from that statement.
Do you know if they use it outside of Open Connect?
Measured by what?
DragonflyBSD laptop support seems rather limited. MacOS has BSD code in userspace but I wouldn’t really call it “a BSD”. Even Windows had BSD code in userspace.
Your questions about Netflix and the TCP/IP stack are related: they chose it for performance. Netflix probably has servers that aren’t FreeBSD, but they definitely use it for their content delivery.
https://www.quora.com/Why-did-Netflix-choose-FreeBSD-over-Linux
You need to upgrade to -CURRENT :)
OpenBSD is focused on security and simplicity. It has a ton of exploit mitigation features (though there’s HardenedBSD, a FreeBSD fork with a lot of these). OpenBSD lacks a lot of features a FreeBSD power user would be used to. No jails, no DTrace, no ZFS… going from a modern CoW FS with snapshots and stuff to old UFS/FFS makes me very sad.