1. 4

    I wish you could select the language to view it in as well.

    1. 1

      I was thinking the same thing while browsing the site.

    1. 5

      I’m pretty happy with https://github.com/dropbox/zxcvbn to show password strength instead of asking for a special requirement.

      1. 12

        Lol, why are the OpenBSD Developer hats in Comic Sans?

        1. [Comment removed by author]

          1. [Comment removed by author]

            1. 4

              e) it is amazing.

              1. 3

                f) people love to talk about it (same for our use of CVS)

            2. 7

              Am I correct in assuming that OpenBSD devs don’t even see the font because it’s not installed in OpenBSD?

              1. 4

                Yes you are. I didn’t notice until I read this tread :P . fonts/comic-neue ftw!

            3. 15

              Because Comic Sans is secure by default.

              1. 2

                Because you’re using Windows or Mac OS X, perhaps? I’m font-blind, but I think all the hats have the same font for me.

                  1. 4

                    Yeah, I guess I don’t have that font. Which I think is pretty typical for most free OSes. So, I guess being able to see the font outs you as someone using Windows or Mac OS X or Android or iOS?

              1. 2

                Any clue if any of these are on the way into ports? I didn’t see any obvious answers on their various webpages.

                (Edit: you people are awesome.)

                1. 5

                  Are you asking if there are ports using pledge(2)?

                  Yes, there are pledged ports and the number is growing. Chrome for example. You can check which ports define # uses pledge() in their Makefile.

                  or if these language bindings found their way into ports?

                  Yes, some of them

                  If you look at the twitter conversation you will learn that:

                  • lang/node contains the pledge binding for node
                  • OpenBSD-Pledge is part of the base system

                  I didn’t find any others with a quick scan. I do remember some chat on ports@ from a long time ago about ruby I think.

                  tl;dr things are getting there :)

                  1. 5

                    I’m the author of the python version.

                    I’m waiting for pledge to stabilize a bit before polishing it. As you can see in the BUGS section of the man page “The path whitelist feature is not available at this time.”

                    After that I plan to see how things goes for real usages in python and eventually push it into ports.

                    1. 3

                      lang/node ships with node-pledge ready and waiting to be used in regular apps.

                      I haven’t added the path stuff yet.

                      1. 3

                        I wrote the C# implementation - the package manager it’ll go into is probably NuGet. I might also consider wrapping other OpenBSD specific syscalls (like sendsyslog) and putting it into an “OpenBSD#” project, or something.

                      1. 1

                        I would like some advice on this, arc4random is that bad ?

                        1. 3

                          I don’t think so. It wouldn’t be my first choice for a new system, but I’m not about to panic.

                          The latest attack, for example, which completely broke TLS, actually only recovers the first 256 bytes of plaintext. arc4random discards way more than the first 256 bytes. In short, TLS was broken not for using rc4, but for failing to use decade old rc4 best practices.

                          1. 1

                            Thanks for the clarification

                        1. 2

                          No problem on radeon 6850, dual screen, one rotated.