This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: BSD

Interview: Theo de Raadt of OpenBSD

By Manolis Tzanidakis on March 28, 2006 (9:00:00 AM)

Share    Print    Comments   

Theo de Raadt is the project leader for OpenBSD, a Unix-like operating system. We spoke with Theo about the upcoming release of OpenBSD, 3.9, the financial state of the project, and about companies that profit from free software without contributing back.

NewsForge: Hello Theo. Could you tell us a few things about yourself and your involvement in the OpenBSD project?

Theo de Raadt: I have been the project leader for OpenBSD now for more than 10 years, and along the way I have had some good adventures with the developers in the group. We've developed some side projects as well, which are heavily used by everyone in the Unix world, such as OpenSSH.

NF: How many developers contribute to OpenBSD at the moment?

TdR: Inside the project, the count has slowly grown. It was 40 in the early years, and now it is about 80. Of course, that is just counting internal developers. There are many more people on the outside who send us bug reports, fixes, or new code contributions. We also are able to take pieces of code from other sources if they are sufficiently free. But since internal developers have more responsibility -- they have really maintained the areas they are in -- the people on the outside really have an easier job, and should not envy the people on the inside. Instead, they should find a bug, write a fix, and send it in. When someone on the outside sends us many (good) bug fixes, we invite them to become a developer.

NF: You regularly organize events called hackathons. What exactly is a hackathon?

TdR: This is something we started many years ago. A bunch of us would fly to one location (typically before or after a conference) and we would sit down and code. These events really are about getting tasks done; there is very little chatter, as we already know basically what needs to be done. They are not meetings, no one presents talks, nor are they so-called summits. They are for taking action in the source tree, knowing that the guy you need to ask a question of really quickly is sitting at a table a meter away.

NF: OpenBSD is considered one of the most secure operating systems currently available. What approaches do you take towards security?

TdR: We've had 10 years of nearly fanatical devotion to anything which can make OpenBSD more secure. A very important part of that is that we have not been afraid to completely overhaul anything even if it breaks backward compatibility. Secondly, when we have found a flaw in any part of the system we have assumed that the same mistake was made elsewhere, and gone on a hunt to fix them all. Thirdly, we have developed and incorporated a collection of methods that make software flaws very difficult to attack.

The important detail is that in all three of these areas we have not only been fanatical, but pretty much first. Other vendors are not treating their source code the way we treat ours -- with distrust, knowing that we should always actively churn it, so that it can slowly evolve into a better state.

Someone on wikipedia has gone through a lot of effort to identify some of our security efforts, and there is the Exploit Mitigation Techniques paper which I have presented at a number of conferences.

NF: Why should someone use OpenBSD instead of another operating system, besides security?

TdR: I don't really take any position of advocacy. People should use what they want to, and I am not the right person to say anyone "should" do anything. But hey, if someone is adventurous, check it out.

NF: A new stable version, 3.9, is about to be released on May 1. A complete changelog between 3.8 and 3.9 is available; would you comment on some of the new features of this release? Start with G5-based Mac support on macppc architecture. How well does it work at the moment?

TdR: It works on some of the models. For some of the machines we have a strange bug in the Serverworks SATA chipset that we have not been able to fix yet. There is no documentation for that chipset, of course.

NF:Hardware sensors support (ESM, IPMI, IIC) -- a useful feature, especially on servers.

TdR: This has been a significant effort this release. These are three major subsystems that provide temperature, voltage, and fan sensor data. We have a unified system above that, that takes all this and makes it available to a daemon that can alert you when things go wrong.

Regarding specifically the "i2c" subsystem: in the Linux world there is the lm-sensors package, which requires all sorts of hand-configuration for each specific machine. In OpenBSD, we carefully probe for the devices, and it should just work, on every single PC, without any configuration. Thus, pretty much every OpenBSD 3.9 machine will have some sort of sensor now.

We have more work to do now that 3.9 is released, since the sensor daemon is a bit weak for reporting events. We want to make it fantastic.

NF: The new ftp-proxy -- why write a new FTP proxy daemon when the previous one worked fine?

TdR: FTP is a nasty protocol to begin with, and trying to proxy it perfectly is a very difficult task. The new daemon just has a better design, and IPv6 works as well.

NF: NFE, the Nvidia nForce MCP Ethernet adapter. How did you manage to write this driver? Is it reverse-engineered?

TdR: Nvidia did not give anyone documentation. Instead, they expect people to load a gigantic blob of binary code into their kernel, and just be happy with that. Some Linux people in Germany reverse-engineered the driver years ago, but the rough story I heard is that Nvidia asked them to stop, and they did. This just astounds me! In any case, Jonathan Gray (who started this effort) asked for their help with a few problematic technical details, and they refused. I could not believe that, so I asked as well -- and they refused again. These are Linux developers, basically placing the community in a situation where they have to run a binary blob of unknown code from a vendor, instead of sticking to their guns about open source? I must admit, I just don't understand some people. They must have much more flexibility to their belief systems than I have.

Damien Bergamini joined Jonathan toward the end and got all the bugs out of the driver. We are happy to say that it appears to be working better than the Nvidia binary blob. It is also significantly smaller, and it is very clean source code.

NF: In the past there was a movement in the OpenBSD community to press hardware vendors to release documentation about their products (Ethernet and wireless network adapters, RAID controllers, etc.) so that drivers could be written for OpenBSD or other open source projects. Some vendors did release documentation, but others didn't. Why do you think vendors do that? They don't want their products to be supported on OpenBSD?

TdR: There are always at least a few efforts in the project to get more documentation out of vendors. But some vendors are still incredibly resistant. We often run into vendors who have signed NDA agreements with Linux developers, who will then happily write a Linux driver filled with magic numbers, which only one developer in the world understands. Having signed the NDA ensured that Linux got a working driver, sure, but the internals are indistinguishable from magic. It cannot be fixed by anyone else, because it is full of secrets. It is a source code version of a blob.

There are many reasons why vendors will not give information out. I believe that all their reasons are a lie to the customer. I can get nearly complete data books for the parts that are in my car, and I should be able to get them for the parts in my computer.

Once in a while we hear from vendors out of the blue, and they offer us hardware and software without us having to ask. It is happening more -- mostly from Asian hardware manufacturers eager to have their hardware supported by all systems. On the other hand, American companies in particular are becoming increasingly insular, and sometimes we think twice before wasting our time trying to contact them. As a result, our support for a few high-end or very new American products is lagging, because there just isn't documentation available. That is a problem, but it should not be overstated, because 99% of the world is buying these Asian products. For instance, Asian 802.11 vendors accounted for perhaps 1% of the market five years ago, but within a year or two the market is likely to be split between Intel (because of how they tie their wireless chipset into their laptop Centrino brand) and the Asian vendors, such as RAlink and Zydas.

NF: Now that OpenBSD's user base seems to have increased a bit, do you have more success convincing vendors to release documentation for hardware?

TdR: We are having more success getting documentation, but I am not sure if it is due in any way to our user base size. Part of it might be that many more products are coming from Asia (where business sense still applies -- the customer gets the documentation he wants). I think that the Asian businesses are just being smarter about this. When it comes to documentation requests, an Asian company that says no is rare. An American company that says yes is rare.

NF: I understand that OpenBSD is financed from CD sales and donations. Does this money pay for all the projects needs?

TdR: Our income varies year to year. Donations rise and fall, and so do the sales of our products. Meanwhile, our FTP servers just keep getting busier.

We have built up some savings to deal with a rainy day, but our basic operation is perhaps falling behind slowly, or at least slowing our growth. We want to hold more hackathons, since that is where many amazing developments come from. If we had more money, we would also want to pay the travel expenses of some of the poorer developers, since we have some smart developers who are students or live in poorer countries. But with the finances we have, it is difficult to justify these things now. I want us to do much more, but we are constrained.

Donations make the most difference, since our project does not get taxed on them. We have investigated becoming a non-profit organization, but the margins and savings really do not make sense for our project, especially since most of our donations do not come from the country where we operate. Also, there are numerous other constraints and rules. So for now we are sticking to clear cash donations, without tax receipts.

NF: Lots of hardware vendors use OpenSSH. Have you got anything back from them?

TdR: If I add up everything we have ever gotten in exchange for our efforts with OpenSSH, it might amount to $1,000. This all came from individuals. For our work on OpenSSH, companies using OpenSSH have never given us a cent. What about companies that incorporate OpenSSH directly into their products, saving themselves millions of dollars? Companies such as Cisco, Sun, SGI, HP, IBM, Siemens, a raft of medium-sized firewall companies -- we have not received a cent. Or from Linux vendors? Not a cent.

Of course we did not set out to create OpenSSH for the money -- we purposely made it completely free so that the "telnet infrastructure" of the 1980s would die. But it sure is sad that none of these companies return even a fraction of value in kind.

If you want to judge any entity particularly harshly, judge Sun. Yearly they hold interoperability events, for NFS and other protocols, and they include SSH implementation tests as well. Twice we asked them to cover the travel and accommodation costs for a developer to come to their event, and they refused. Considering that their SunSSH is directly based on our code, that is just flat out insulting. Shame on you Sun, shame, shame, shame.

I will say it here -- if an OpenSSH hole is found that applies to SunSSH, Sun will not be informed. Or maybe that has happened already.

Share    Print    Comments   

Comments

on Interview: Theo de Raadt of OpenBSD

Note: Comments are owned by the poster. We are not responsible for their content.

OpenSSH Funding, etc

Posted by: Anonymous Coward on March 29, 2006 04:02 AM
Theo was fairly nice during this interview, but I have a few points to make.

1. lm_sensors isn't perfect, but I've used it on lots of hardware and 'sensors-detect' always seems to make it 'just work' for me. I've never had to hand configure it (and I'm glad too because the config file looks insane).

Hopefully though OpenBSD will really do something better and we can learn from them. But I'm pretty happy with lm_sensors as it is.

2. Curious about the NVIDIA nForce issue, because afaik there's a reverse engineered driver in there. Haven't ever used it...

But it's not like Linux guys don't go out of their way to reverse engineer all the time. Hell, we're just now pushing for bcm43xx in mainline finally<nobr> <wbr></nobr>:)

3. I agree that OpenSSH deserves funding. As long as the distinction between OpenBSD and OpenSSH is made (I understand from the OpenSSH website that that distinction can be made, but a lot of people don't seem to be really comfortable with it).

#

Re:OpenSSH Funding, etc

Posted by: Anonymous Coward on March 29, 2006 04:19 PM
I think, many open source developers making mistake about how money works.

They don't just pour out of kindness. You make it so, they pay you.

It's like, "we're doing this for free, we're good, so come on, pay us, we're poor, please now, you want better stuff right?"

Partly right, but then again, we're living in the world where business isn't that easy. If you need money, you make business. Imo, OpenBSD has enough product and number of people and maybe publication to get some decent business going than beg for money out of free license that they chose to use.

It is up to them to keep themselves in financial trouble or get some business up instead. You cannot live in a dream land where you can only do what you want to do...(in this case, program coding I guess) you need to make life, to make life, get money, to get money, you got to do that yourself. Of course, if some kind people's donation make your life, then that's happy.

FOSS guys aren't anything special, releasing stuff free doesn't suddenly make you a buddah. So... think again about getting money. If you hire some publicity and contracting guys instead of making it hackathon and such, maybe you can run a OpenBSD sell business that gets you enough money for hackathon and such, but I have no idea.

#

Re:OpenSSH Funding, etc

Posted by: Anonymous Coward on March 29, 2006 11:39 PM


Theo is quick to criticize "Americans" for the glaring lack of hardware documentation. That is unfortunately a common Canadian attitude. But I want to ask, that since:



most of our donations do not come from the country where we operate



Where do most of your users come from? Where does most of your funding come from?



Slightly related...



People will give to registered non-profits because they get tax breaks, yeah, but they also give because there is a sense of accountability. People like to know that their money is going to be used according to how they donated it, instead of to buy beer and pizza (essential as they may or may not be for software development). With no financial disclosure and third-party financial auditing process, where is that assurance to the donator that their money is being used in a certain manner?

#

Re:OpenSSH Funding, etc

Posted by: Anonymous Coward on March 30, 2006 04:17 AM
He criticized "American COMPANIES" for the glaring lack of hadrware documentation. Not Americans. Americans probably do account for a large part of the user base, as well as donations. That has no bearing on the actions of American COMPANIES, who I'm absolutely positive are not a major source of donations towards the project.

#

Re:OpenSSH Funding, etc

Posted by: Anonymous Coward on March 30, 2006 01:04 AM
I would like to know if they’ve tried the U.S. Department of Homeland security or other
related types of government organizations. Surely OpenSSH continuity has far more reaching ramifications indirectly to Global/U.S. security and economy than its direct employment by software companies. All that would have to be shown would be the vast resources effected by lagging OpenSSH and even OpenBSD development.

#

Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:15 AM
They are doing exactly as they are entitled to with BSD licensed code. This is precisely why most open source developers want their contributions under the GPL.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:26 AM
Yeah, this is a good point. Under the GPL, Sun would at least have to make their modified versions available to their users. In practice, this would probably have meant Sun wouldn't have forked it at all; rather, just used it and contributed to it.

And if they contributed to it, they'd probably be more likely to fly its developers around to conferences. Sad but true.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:43 AM
You're delusional kid, Sun wouldn't do anything of the kind. They'd have not held a interoperability test for SSH if they didn't have their own version, and they deliberately are trying to not talk about SunSSH just being the most recent OpenSSH+ Solaris patches.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:49 AM
SunSSH is not the most recent OpenSSH + Solaris patches. No way...

It is a 5 year old version of OpenSSH, with Sun only merging minimal changes from OpenSSH...

95,000 lines of "diff -uN" changes to OpenSSH in 5 years...<nobr> <wbr></nobr>.... including 2 years of proactive integer overflow/truncation fixes.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 03:20 PM
SunSSH isn't anywhere close to current.
It was forked from either 3.6 or 3.7. It does NOT implement the UseDNS nor ReverseNameLookup config controls, meaning you CANNOT turn of DNS lookup if using it in an environment where DNS is not available.

It also has a major issue with public key authentication, in that if you lock a users directory down so that permissions are highly restrictive, the public key authentication breaks, at least in Solaris 9's version of SunSSH.

I've had multiple discussions with Sun on these 2 issues, and Sun has refused to fix the Bugs, even though I've proven beyond a shadow of a doubt that they exist, and did not exist in the code that was forked to generate their bastard step-child.

#

Money, not code, was the thrust of the complaint.

Posted by: Anonymous Coward on March 29, 2006 05:26 PM
I don't see why any large corporate developer should be let off the hook for failing to share some money with the OpenSSH project.

This section of the interview was chiefly about money, not source code ("Twice we asked them to cover the travel and accommodation costs for a developer to come to their event, and they refused."), so a GPL-covered OpenSSH would not have gotten the OpenSSH developers the money they seek. Many people in this discussion apparently misread that (or profoundly misunderstand the GPL). Thanks to the OpenSSH developers' generosity, we have another example of how greedy big businesses are. Not surprisingly, really, but important to point out to the younger more naive crowd who frequent these discussions.

--J.B. Nicholson-Owens (jbn@forestfield.org)

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:45 AM
Dude its the same fucking thing. Besides, who wants sun code in OpenSSH?

I don't trust those folks.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:51 AM
I don't trust Sun either, but how on earth can you call GPL and BSD the same thing? I'd say the abundance of GPL code versus code in other licenses demonstrates that it does something uniquely right.

#

Not really...

Posted by: Anonymous Coward on March 29, 2006 05:00 AM
The abundance of gpl code is largely due to it's catering to the culture of entitlement, it is what I call false altruism, where people will only help if they are getting something back. Similar to the way people don't donate blood in America without getting money for it.

The idea is that it gives greedy, selfish people what they want, a way that noone can use their stuff without giving them something while at the same time appearing to be a giving and good person.

#

Re:Not really...

Posted by: Anonymous Coward on March 30, 2006 04:30 AM
The idea with the GPL isn't "I'll only help you if you agree to help me". It's "I'll only help you if you agree not to harm me" (specifically, not using the help offered as a means of doing harm).

It's selfish, yes, but it's a very reasonable sort of selfishness.

-Flash

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 10:16 AM
Why dont you trust Sun? What specifically have they done to make you not trust them?

Btw, SunSSH is opensource now - <a href="http://cvs.opensolaris.org/source/xref/on/usr/src/cmd/ssh/" title="opensolaris.org">http://cvs.opensolaris.org/source/xref/on/usr/src<nobr>/<wbr></nobr> cmd/ssh/</a opensolaris.org>

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:51 AM
Yep. Richard Stallman has, on more than one occasion, talked about how C++ support became part of GCC. It seems that the company that wrote the C++ support wanted to keep it proprietary. However, they couldn't and make it part of GCC, because of the GPL (GCC, unlike glibc, is GPL'd, not LGPL'd). Thus, they knew that they had something useless.

The result: this company released the C++ support under the GPL, and we all now benefit. If GCC had been under a BSD-type license, this company would've had no incentive to do that.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:57 AM
That's not incentive, that's the law at that point. The incentive was the existance of a c compiler to save them the work of making a new one, had they the option of a bsd licensed c compiler they would not have had any incentive to use the gpl one.

The gpl doesn't incite people to give their code, it inforces.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 06:59 AM
Had there been an equivalent C compiler under the BSD license, then perhaps you are right. This is one of the reasons I think the BSD license is often a BAD THING -- because its proponents (who act as members of the so-called 'free software' community) often promote their openness to code robbery, which does nothing but damage everyone in the process.

Of course, it's often the case that the GPL does entice people to give their code (just not directly). Since the GPL is far more habitable to most developers (especially corporate contributors), GPL projects tend to advance light years ahead their counterparts. (The Linux kernel and all of the wonderful contributions is a good example of that.)

And so your options become:

1) Take some decent BSD-licensed software and make a proprietary product.
2) Contribute to a BSD-licensed project, knowing that your competitor could easily turn around and do #1 to you. You'll get the thanks of the community, and their help making your stuff better, but be prepared to take it in the rear.
3) Base your product off of an excellent piece of GPL-licensed software. Your product will be improved by the community, who will thank you for your contribution greatly. Your competition cannot get a leg up on you, just because you decided to play open-source.

Not everyone chooses #3. But quite a few do.

Of course, BSD developers are free to develop any code they want using any license they want, and for that matter, say whatever they want about the benefits of their creations.

Most of us though seem to go GPL.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 09:44 AM
"1) Take some decent BSD-licensed software and make a proprietary product."

So what? This is what freedom is all about, not to mention top code quality for all. The BSD code and software are always there for anyone to use. Nothing prevents the buyers of proprietary products from switching to the sensible BSD one; thereby, getting freedom and better code. Without this freedom, would you see OpenSSH as popular as it is now? What SSH client are you using?

"2) Contribute to a BSD-licensed project, knowing that your competitor could easily turn around and do #1 to you. You'll get the thanks of the community, and their help making your stuff better, but be prepared to take it in the rear."

The BSD philosophy is Freedom. You obviously don't believe in it, or believe in subjugation of freedom in order to promote freedom. It doesn't make any sense. BSD has no competitor in the sense BSD developers encourage everyone to use their code, Free Source. Only the GPLegalese creates this competitor between proprietary and Open Source. If you think making the internet safer and spreading freedom as taking it in the rear, you don't understand the BSD license. If you can't understand the short and readable BSD license, what chances are you'll understand the GPLegalese?

"3) Base your product off of an excellent piece of GPL-licensed software. Your product will be improved by the community, who will thank you for your contribution greatly. Your competition cannot get a leg up on you, just because you decided to play open-source.

Not everyone chooses #3. But quite a few do."

It's nice to see the MPAA and the RIAA make use of GNU/Linux without having contributed anything, since their modifications are private. It's also nice to see the majority of IBM employees work for free on their GNU/Linux projects. I should include the Blob, while I am at it. Yes, this is reaming your rear, getting a leg up on you, and forcing DRM down your throat, if you don't understand what I mean.

Open Source may be a game to you, but Free Source and Freedom is not to BSDs.

Blob
<a href="http://undeadly.org/cgi?action=article&sid=20060327165125" title="undeadly.org">http://undeadly.org/cgi?action=article&sid=200603<nobr>2<wbr></nobr> 7165125</a undeadly.org>

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 03:19 PM
This is what freedom is all about [..]

Depends entirely how much power to screw others your idea of "freedom" contains.

[..] not to mention top code quality for all.

Except the poor bastards who get a half-broken proprietary version and have no idea that it was once BSD licensed.

The BSD code and software are always there for anyone to use.

So is GPLed code, please stop confusing usage with distribution.

Nothing prevents the buyers of proprietary products from switching to the sensible BSD one [..]

Except that the seller is under no obligation to tell them that it exists and can benefit by keeping them in the dark. That and the classic embrace and extend.

[..] thereby, getting freedom and better code.

Would you like fries with that FUD? The point is that you can't allways tell where the better code lies because you can only see one side of the coin.

Without this freedom, would you see OpenSSH as popular as it is now?

Is that a trick question? Is a large portion of OpenSSH users using ClosedSSH?

What SSH client are you using?

Certainly not a proprietary one! How does the ability for someone to make proprietary versions help me with OpenSSH usage again?

It doesn't make any sense.

Depends, can I shoot you?

If you think making the internet safer and spreading freedom as taking it in the rear, you don't understand the BSD license.

If you think that dozens of forks of the same code with unknown, unfindable holes in most of them is making for a safer net you don't understand what security is. I understand the GPL just fine, I have problems with thick headed idiots.

Yes, this is reaming your rear, getting a leg up on you, and forcing DRM down your throat, if you don't understand what I mean.

If there is DRM in the Linux kernel we can know it and remove it. If there is in a "99% OpenBSD, real secre" proprietary product you may not know until it's too late--I have to ask again: what is the use of proprietary versions if no one who cares about freedom will not use them anyway. You lose mindshare and often code pursuing an ideal of "freedom" that would people allow to sell their kids into slavery in the real world.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 03:22 PM
What SSH client are you using?

What compiler are you using?

#

Nothing prevents them but impracticality

Posted by: Stephen Samuel on March 30, 2006 11:46 AM
Nothing prevents the buyers of proprietary products from switching to the sensible BSD one;


A large company with force of market share (e.g. Microsoft) could take your BSD licensed code and make a proprietary and willfully noncompliant version. They could even patent or DMCA the changes they make. At that point someone who has grown up with the proprietary version and learns of the (incompatible) BSD version has two nasty choices -- Stay with the (possibly broken) proprietary version, or go to the BSD version that will break all their existing code and make them incompatible with 90% of the universe.


That kind of problem is why I prefer GPL to BSD licensing.

Anarchy and maximal freedom are not necessarily the same things.
Protecting the greater freedoms sometimes requires carefully designed constraints on lesser freedoms.


For example, protecting my freedom of life, liberty and the pursuit of happiness might require the restriction of your liberty to pursue the happiness that would result from (threatening to) putting a bullet thru the back of my head. (and vice versa)


The GPL attempts to strike a nice balance between the two freedoms, and many people seem to agree that it does a good job of that.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 02:57 PM
The initiative is the existing code base, you are not forced to use it.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:12 PM
It was not C++, but Objective C, and the company was NeXT. Otherwise, you are right.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 30, 2006 12:02 PM
Actually, it did happen with C++ as well. Here's the link that details this, as well as the Objective C episode that you (quite correctly) mention.

<a href="http://www.gnu.org/philosophy/pragmatic.html" title="gnu.org">http://www.gnu.org/philosophy/pragmatic.html</a gnu.org>

I quote Stallman himself:

"If you want to accomplish something in the world, idealism is not enough--you need to choose a method that works to achieve the goal. In other words, you need to be ``pragmatic.'' Is the GPL pragmatic? Let's look at its results.

Consider GNU C++. Why do we have a free C++ compiler? Only because the GNU GPL said it had to be free. GNU C++ was developed by an industry consortium, MCC, starting from the GNU C compiler. MCC normally makes its work as proprietary as can be. But they made the C++ front end free software, because the GNU GPL said that was the only way they could release it. The C++ front end included many new files, but since they were meant to be linked with GCC, the GPL did apply to them. The benefit to our community is evident.

Consider GNU Objective C. NeXT initially wanted to make this front end proprietary; they proposed to release it as<nobr> <wbr></nobr>.o files, and let users link them with the rest of GCC, thinking this might be a way around the GPL's requirements. But our lawyer said that this would not evade the requirements, that it was not allowed. And so they made the Objective C front end free software.

Those examples happened years ago, but the GNU GPL continues to bring us more free software."

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 07:36 AM
Yep, that is a good point. I wonder when will BSD people learn such a basic principle that the GPL has its clear advantages too. Or will they just stubbornly stick to their religious mantra: everytyhing BSD, like the BSD license is always good, everything Linux and GPL is always bad, nevermind the real issues, pros and cons?

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 08:39 AM
Theo once said there is no freedom in GPL. I kinda agree with him. You could try to find his explanation in one of the old interviews.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:46 PM
Because OpenBSD give the freedom they think that doesn't exist in GPL, the code isn't given back and they start whining, they don't give back a thing...

If you gave some freedom, do you respect it?
If that wasn't your intention, I suggest they start dual licensing or dropping BSD license if that's troubling them...

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 11:13 PM
This has nothing to do with code contribution though, its about financing, which is addressed in neither the BSD nor GPL licenses.

They're asking for money, plain and simple.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 31, 2006 04:36 AM
"the code isn't given back and they start whining"

I can assure you that Theo is not whining about not getting code back from Sun. I don't want to speak for him, but his aditude toward sun seems to be that he wouldn't want the code anyway.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 09:53 AM
The fact is neither license guarantee donations, so what was your point? Can you explain how changing a license will guarantee corporate donations for OpenBSD? Or, you're trying to tell OpenBSD to sell out? It won't happen, and neither is changing to a less Free legalese.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 30, 2006 04:00 AM
Neither license guarantees donations -- I never said they did.

The GPL caters to a larger community. Larger communities engage in more community support.

Linux was in a way an accident, but not totally so. A lot of the Linux's support - speaking of code *and* financial resources - came to it because of that quirky thing Stallman invented called Copyleft.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 09:58 AM
Err, read the article again, and then go read the licenses again. Theo is not asking for code, he's asking for money. The gpl provides for code and has nothing to do with money. Hence, it's irrelevant.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 04:23 PM
He asks for money, but BSD license does not require you to pay, so won't he just dual license or something for them to actually force paying if he keep begging for money?

Sun never broke license, but Theo is like 'hey, you not doing as I want, which is beside the point of BSD license, but I'm no longer helping you guys'

Please...

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 11:16 PM
Just because Sun or other corporate vendors of OpenSSH code aren't breaking the license doesn't mean that Theo (or anyone else) can't accuse them of being stingy in regards to donations.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 11:24 PM
Except it starts making him childish for asking something it wasn't asked for in the first place in the license he chose to distribute.

If he really want money back, make them pay.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 11:44 PM
Yes, this is a problem that wouldn't occur in GPL-land. However, there is some rationale for Theo's complaints. He is saying that, legally, they can do whatever they want with the code, but that ethically, they should give something back to the developers. Instead of using the law to persue corporations, he is using the court of public opinion. The problem is, it makes him look a whiner. I don't think he realizes how bad this is. Perhaps a better solution would be to use the carrot - to trumpet the contributions of The Good Guys ("OpenBSD's 3.9 release is sponsored by Joe-Bob's servers"). On the other hand, I am happy that OpenBSD's web site has not descended to to the level of some sites and become polluted with banner ads from Google and Yahoo. Another solution would be for more emphasis on features for money: If some company needs a particular feature developed, and that feature is otherwise a low priority for the OpenBSD team, the company pays the OpenBSD team to do the work. The code becomes public. I know this works for other projects. But I wonder if the OpenBSD team feels this would cause them to loose focus. It's a hard trade off.

Personally, I think they should spin off an embedded OpenBSD, to make up for the lameness of Wasabi Systems' embedded NetBSD. OpenBSD could charge some money for it. I would pay for that.

-Bob K.

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 08:20 PM
The BSD licence is about real freedom.
The freedom for people to steal your stuff and the freedom for you to call them a cunt for doing it.
- Jesse McNelis

#

Re:Don't moan about Sun

Posted by: Anonymous Coward on March 29, 2006 10:07 PM
The difference between "stealing" and "forking" away source code is that you retain the original, regardless of license. I know, it's a difficult concept for GPL trolls to grasp...

#

Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 29, 2006 04:46 AM
Cisco, unfortunately, extends this same "take, take, take" attitude toward not only Free Software developers, but even to their own customers. I work in a "Cisco/Microsoft shop", so I know. Yes, we use SSH on our routers and (increasingly more, thanks to my efforts) our switches. I've always guessed that they use OpenSSH in the Cisco IOS. Cisco will do anything they can to take from others, including software "piracy".

One famous example regards the Netfilter code from Linux that was used by Linksys (now part of Cisco). After Linksys got bought by Cisco, Harald Welte, one of the authors of Netfilter, contacted Cisco about their violation of the GNU GPL, the license that governs Netfilter (Cisco wasn't providing source code to their customers, as the GPL requires). Cisco told him to go jump in the lake and get lost. It was only after Mr. Welte filed a lawsuit against Cisco that they decided to actually comply with the license and make the source code, with any Cisco/Linksys-made changes, available.

Think about that, folks. It took actually suing a "Big, Reputable Company (TM)" to just get them to FOLLOW THE LAW!

It's no surprise to me, therefore, that the Ciscos of the world don't give anything back. Free Software developers are the geese that lay the treasure-trove of golden eggs that are Free Software, and as Eben Moglen eloquently said in a recent interview, some companies are finally realizing the need to maintain those "geese."

Sun's major saving grace, in my opinion, is its heavy sponsorship of the OpenOffice.org project. Many of those developers are Sun employees. The firm might not contribute toward OpenSSH--and yes, they ought to a little bit since they benefit handsomely from it--but at least they are contributing to Free Software. Matter of fact, OpenOffice.org is a particularly important piece of Free Software, which allows me to use a Free platform here at work, in an all-Cisco/Microsoft shop (I currently use GNU/Linux with OpenOffice.org and Evolution). Another example is GNOME; they contribute to that project as well. So Sun *is* contributing.

By contrast, what does Cisco do? They threaten the OpenBSD team with software patents for wanting to implement the IETF-standard VRRP. They make recommendations to their customers that only promote vendor lock-in (EIGRP, VTP, and PVST+, as examples). Cisco is the Microsoft of network infrastructure. I find them considerably worse than Sun.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 29, 2006 04:53 AM
Agreed. Reason #596928392 for the GPL license - vendors can be forced to play nice.

#

It doesn't...

Posted by: Anonymous Coward on March 29, 2006 05:02 AM
It only forces them to supply code, playing nice has nothing to do with it. It makes them give their modifications of the code back, but it doesn't make them help pay for the servers or bandwidth, it doesn't make them hire a developer to help improve the codebase.

It does only one thing, makes them give up their code.

#

Re:It doesn't...

Posted by: Anonymous Coward on March 29, 2006 05:28 AM
I said nothing about donations or finances. I said that the GPL can be used to force vendors to 'play nice' - in this case, referring to the parent's comments about Cisco appropriating netfilter. If netfilter were BSD, Cisco could swallow it and run.

Because it is GPL, Cisco can be forced to play nice.

Now, it's entirely up to Cisco if they stop there. But as most reasonable companies have demonstrated, once they get more than ankle deep in GPL code, they're usually willing to start opening up the pockets too.

#

You're hard of reading, right

Posted by: Anonymous Coward on March 29, 2006 05:38 AM
And as I say, giving the code you have to give up by law isn't playing nice, it's complying with licence restrictions which legally compell distribution of source code. Playing nice is doing more, but the GPL has nothing to do with that.

#

Perhaps you expect everyone to be just like you.

Posted by: Anonymous Coward on March 29, 2006 06:41 AM
No. You are defining 'playing nice' in your terms and context and casting it over my post, and then criticizing me for it. I'm sorry if you don't agree with my usage of 'playing nice' in this context, but given that it's merely an expression and a subjective thing, I think it's a bit silly that we're even having this conversation.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 29, 2006 03:52 PM
Don't forget that Sun also contributes to Mozilla (and not only for Java support).

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 29, 2006 04:27 PM
When do people 'learn' that the '"take, take, take" attitude' actually was made possible by the developer themselves. If they don't like it that way, then they chose the wrong license in the first place.

You can write your own license for sake, world isn't only bsd/gpl/mozilla license...

Like, 'indivual -> free, but sun,cisco you pay me $1000 a month'. This sounds too explicit, of course, but if you need to cry out loud for begging money, I think it's better than whining over valid use of the license.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 29, 2006 11:08 PM

They make recommendations to their customers that only promote vendor lock-in (EIGRP, VTP, and PVST+, as examples)


Just a minor bit of defense and truth. Often, Cisco is ahead of standards committees for emerging standards. They implement something before the standard is created, or before a committee is started to standardize it, to benefit their customers. They also join the committee and work on the final standard.



When the final standard arrives, they implement that too, and often encourage customers to migrate if it is better.



And no, they can't "just wait" for the standard. The goal of business is to make money for its shareholders -- it has nothing to do with being beneficial to customers or suppliers. It's why businesses must increasingly move closer to the shadier end of the ethical spectrum to continue to make more money. In this capitalist society, those businesses who stand by their morals are generally surpassed by those who don't.



But yeah, Cisco does make truly bone-headed decisions. Their reaction to the hole that Whatshisname presented at Black Hat comes to mind.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 30, 2006 11:54 AM
But the cited examples are correct. Oh, and add HSRP. They are even running around and suing people who provide hsrp copmpatible stuff, or even try to provide something similar. Fucking patents.

Dito EIGRP. EIGRP is probaly the most genial vector distance routing protocol in existence right now - but it's a Cisco only monoculture thing, and they have a history of grimly enforcing that.

This is not about "waiting" for a standard. It is about monopolizing a good solution, about locking in their customers with armies of lawyers etc.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 30, 2006 12:42 PM
While strictly speaking, what you've said is correct (e. g. Cisco now pushes 802.1q VLANs instead of ISL), it is unfortunately just one part of the story. The part that's missing is that Cisco is on record as pushing a technology through the IETF (fine, so far), and then, right as it's about to get ratified, Cisco will at the last minute "discover", and claim, patent/royalty rights on it (not fine anymore; they should've disclosed their patent claims up front). The most obvious example of this is VRRP, the debacle of which is recommended reading for everyone. It's detailed on the OpenBSD web site, in the "Lyrics" section.

As for standards, remember that EIGRP's development was a direct response to a perceived "competitor", namely the IETF-standard OSPF. Cisco did not have to "wait for the standard" in OSPF's case; it was already there. EIGRP was developed for one reason: to try to keep existing IGRP shops, who wanted a dynamic routing protocol that would scale to larger networks, on a Cisco-only routing protocol. OSPF wouldn't give Cisco that (witness Juniper, Zebra/Quagga, and OpenOSPFD). When we went from static routing to dynamic routing, we chose OSPF for exactly this reason, and it's been great for us.

And I agree with you about the Black Hat conference. The guy's name is Michael Lynn, and I'm glad he did what he did; it took some chutzpah.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 30, 2006 08:02 PM
Sun doesn't sponsor OpenOffice for altruistic reasons, they sponsor it to hurt their enemy Microsoft. Not that they've really succeeded at that.

#

Re:Cisco is worse than Sun, Theo. Really.

Posted by: Anonymous Coward on March 31, 2006 08:18 AM
That's true, but they're still contributing. Same with the other Free Software projects to which they contribute. It's a business decision.

Actually, this makes the case for why Cisco, Sun, etc. should contribute to the OpenBSD project. Remember that, from the project's perspective, OpenSSH is a part of the OpenBSD project. What if the OpenBSD team were to stop working on OpenSSH? Who would pick it up and keep it Free? Would Cisco do it? Not from what I've read about them. Would Sun do it? I don't know. Would Microsoft? Hell, NO! So who would? I think that's the essence of what Theo's getting at; if you benefit from it financially, you obviously don't *have* to contribute, but you *should*. I happen to agree with this, and it's why I have bought more than one release of OpenBSD (I'm a student with not a lot of money, but it's important). That, and the stickers are 1337.<nobr> <wbr></nobr>:-) I've also bought Slackware Linux at my local Micro Center, for the same reason (it was $19.95, and thus rather affordable).

And as for OpenOffice.org not hurting Microsoft, I think the Massachusetts decision to go with OpenDocument is directly attributable to OpenOffice.org. Remember that OpenDocument is based on the original OO.o 1.x file formats. Look at Venezuela and Brazil; they're moving to OSS, including OO.o. China is looking hard at Linux, and therefore, presumably OO.o. You just don't see much in the United States, thanks to (at least) the combination of campaign contributions and audit threats. I'm guessing most of you are a lot older than I am, but even at my age, I can see that. But guess what, politicians? I'm now old enough to vote! I'll show you...at the ballot box!

And since this is a thread about Cisco, I'll say that pf is ultra-1337. My parents use it now for a firewall on an old Pentium *One* (wow, it's maybe older than I am!<nobr> <wbr></nobr>:-) ), and it works great. Cisco? We don't need no stinkin' Cisco!

#

Quit whining

Posted by: Anonymous Coward on March 29, 2006 05:20 AM
I am a Free Software and Open Source Software advocate. I have not used a closed source OS on my personal computers for several years now. I contribute with support, code and donations when I can. I wish only the best for FS/OSS projects. They can, literally, change lives for the better.

Having said that, FS/OSS projects need to quit whining about people taking and not giving back. The GPL requires that source code be released. BSD type licenses only require attribution, not even source code. Neither require direct payment, cash or in-kind, to the developer. If you want direct payment, or monitary support, release your work under a different license that requires it!

Calling "Shame, shame!" on users of your labor who don't support you back is just a waste of time. As long as they are following the rules of your license, you have nothing to complain about. Cisco, Sun or whoever is being a bad community member if they just take without giving back but you chose to allow them to do that when you chose that license.

Bad people and companies take. That's what they do. Find a way to get funding and support from the good people without looking like a whiner!

#

Re:Quit whining

Posted by: Anonymous Coward on March 29, 2006 06:59 AM
A-freakin-men. I wish that money be taken out from Open Source - now lets see who the real "open source" people are.

Just like during the dot-com boom everybody (including my barber) was a web-programmer. After the boom, the wanna-bees left and now the computer industry is just left with the real "software" programmers.

#

Re:Quit whining

Posted by: Anonymous Coward on March 29, 2006 04:30 PM
Too bad I still see some wannabe's from time to time in various work locations<nobr> <wbr></nobr>;)

'what is utf8?'
'what is hex?'
'where do i download apache?'

umm, k...

#

Re:Quit whining

Posted by: Anonymous Coward on March 29, 2006 10:13 AM
Theo and his team code full-time, and the results are there for you to evaluate. If he started taking a job and do this in his spare time, OpenBSD couldn't achieve its greatness today. This is not whining as you and others have put it. It's about fairness, freedom, top code, and organized documentation, not black and white written in a license. If you don't think it's wrong for these companies to take and don't donate to OpenBSD, then good for you. Most of us don't live in a black and white world, like yourselves.

#

I'm all for fairness

Posted by: Anonymous Coward on March 29, 2006 12:07 PM
Don't assume that I think it is "OK" or "right" that companies take code without paying back with support or contributions and the like. Giving back is the fair thing to do.

However, the license does not demand that they do this. The license defines the rules and these companies are playing by the rules that the *coders* defined. If they are unhappy with the rules, that is not the leeching companies' problem.

Eclipse, Fire Fox / Mozilla, Joomla!, KDE, GNOME, etc., etc. are all projects that are thriving, are FS/OSS and are not in need of money. Why? They ask for donations. They have marketing or community outreach people. The have foundations and financial structure. The sell the benefits of the product.

As far as I can see, OpenBSD and their projects expect to be supported based only on the excellent technology they create. The tech world is full of excellent technology that failed to their inferior competitor(s) because they thought the tech would sell itself.

OpenBSD has no method of processing donations since they have no corporate structure. To quote their site "OpenBSD has no wealthy sponsors, nor a business model." (<a href="http://openbsd.org/donations.html" title="openbsd.org">http://openbsd.org/donations.html</a openbsd.org>). They have no community development arm or evangelists.

They have good tech. And the rules of their license that allows people to take and not give back. And whining.

As one who uses OpenSSH every day, as one who wants the good guys, including Theo and OpenBSD, to win and as a fan of, user of and contributor to FS/OSS, I stand by my statement. They need to stop whining and get a "business model." They need to stop whining and start selling. It'd be nice if they could just code and release cool stuff but they will die if that is all they do.

I don't want them to die off. But FS/OSS is growing up and that means the Suits and the Marketdroids actually do have a place and are needed. If Theo just wants to manage projects and code, that's fine. Get someone else to be handle the fund raising and all the non-coding stuff. They will only ever just scrape by if they don't.

#

Re:I'm all for fairness

Posted by: Anonymous Coward on March 30, 2006 09:48 AM
If you follow the misc@ mailing list, you'd know why they can't afford to go into business and won't. Moreover, not one person/company bought anything OpenBSD related from

<a href="http://www.dixongroup.net/?q=openbsd" title="dixongroup.net">http://www.dixongroup.net/?q=openbsd</a dixongroup.net>

The offer is still available.

What is it you want, Free quality code or OpenBSD make money providing strings attached and poor code?

Many will see this as whining, but that's your collective opinion. If Theo and the team wanted to make money selling out, they could have done it easily, but the code wouldn't be as it is today. I guess people just don't understand OpenBSD's project goals, when they start suggesting ways for OpenBSD to make money. It's all there in the archives, when the money subject surfaces.

I am confident the project will continue as always.

#

Bad argument

Posted by: Anonymous Coward on March 30, 2006 11:40 PM
"Free quality code" and "make money" are not exclusive. "make money" and "selling out" are also not the same thing. You are making bad arguments.

I'm suggesting that Theo continue to lead the project and concentrate on code. They need to find someone who is a people-person, good at business and good at marketing. This person would setup a structure for the project and market it to the world and corporate donors. This person would bring in funding.

Sending Theo out on interviews whining that everyone is unfair will not bring in funds. Concentrating on good code will not bring in funds. If you want funding, you have to solve the funding problem. And, in todays world that almost always means business structure and marketing.

If that is not in the projects goals, they will not be funded the way they want. They won't. And whining about it will not change that fact.

Writing a driver for a new network card for use in OpenBSD is a known problem with known methods to reach a solution. Getting funding is a known problem with known methods to reach a solution. If Theo and the project doesn't want to use any of the known methods for getting funding and wants to keep seeing if whining about fairness will work, more power to them. But, whining is a known method to fail at getting funding.

I too, am confident the project will continue. And I fully expect to continue hearing whining about fairness while the project continues to be short funded.

#

Re:Quit whining

Posted by: Anonymous Coward on March 29, 2006 04:37 PM
Well, in the 'real' world, you don't make money out of
'i made this cool thing, can you maybe give me money?'
'yeah, here'.
This doesn't work.

As you put it, if
'here, take it free'
'thanks for your app, here's some appericiation'
business model worked, why is OpenBSD in financial problem? I mean, why no one makes news headline by 'I became millionare by making this FOSS of my own'? I think if the world is how you put it, OpenBSD must be running a casino by now.

So, to actually make money, you force them but not wait and expect and if expect doesn't come, whining doesn't help, because businesses and companies ignore people whining over something that they didn't do wrong about. I mean for sake, they ignore people over what they did wrong either...

#

Re:Quit whining

Posted by: Anonymous Coward on March 30, 2006 10:12 AM
You are keen on selling out and ignore OpenBSD's project goals. OpenBSD haven't worked this way, and will not sell out. This isn't whining, it's the exposing of these companies' "take, take, take" attitude, and a warning for you to not support them. If you don't care and think this is whining, then do as you wish. You believe in Open Source, I believe in Free Source, but at least I don't pretend Open Source is Free Source. Distinction between the two is key.

You might want to ask why freedom matters, when you moved from proprietary to Open Source.

#

Make money != sell out

Posted by: Anonymous Coward on March 30, 2006 11:45 PM
Your attitude is screwy, dude.

I think you need to redefine what it means to "sell out" OpenBSD can get funding without compromising their principles. It is possible to earn money without loosing your freedom.

What do you mean by "sell out?"

#

Not funding or contributions, just a courtesey

Posted by: Anonymous Coward on March 29, 2006 03:45 PM
Theo wasn't asking for Sun to pay his rent, he was asking for a plane ticket for a colleague. Obviously there's nothing legally requiring Sun to give back, but sponsoring a trip for a developer wouldn't break their budget, either, and it wouldn't be bad PR to openly align themselves with one of the most secure operating systems out there -- even if OpenBSD isn't as well-known as GNU/Linux.

Companies drop little sponsorships like this all the time; it's part of keeping a Not Evil image. Holding out on OpenBSD devs is petty on their part.

#

Re:Quit whining

Posted by: Anonymous Coward on March 29, 2006 05:45 PM
Using a GPL license forces companies to post their source code, it doesn't force them to contribute in a constructive way.

Most companies are happier to contribute to a community when they are not forced to. Often these contributions are of more value than a company who is releasing a bunch of jumbled source code because its a requirement of the license.

Many projects have relaxed their licenses (I think Mono is an example) to encourage companies to contribute.

But I suppose that it is a double edged sword... a bsd type license will encourage certain companies to contribute but will allow others to do the opposite. Not every company will see the obvious benefits to their business that come from contributing to the community. However forcing them to contribute is often not *good* solution.

#

Re:Quit whining

Posted by: Anonymous Coward on March 29, 2006 09:53 PM
> Most companies are happier to contribute

More like, they can't make promise to contribute when they wanted to put some proprietry code into their product. So, if they can contribute when they can, they might instead of totally rejecting the code.

#

Re:Quit whining

Posted by: Anonymous Coward on March 30, 2006 04:06 AM
I disagree. I think if you measured the volume of contributions from the 'corporate' world, if you will, the bulk of it is in the GPL.

The GPL enforces one thing - fairness. If SGI wants to donate XFS, they know that Microsoft can't slurp it up into Windows and use it to kill them. So many companies are more encouraged to give freely.

And once that ecosystem is established, it grows on its own. (See: kernel.org)

#

nearly fanatical devotion

Posted by: Anonymous Coward on March 29, 2006 05:55 AM
No one expects a thorough code audit! Our main approach we take towards security is not being afraid to overhaul anything and assuming a flaw exists in more than one place in the code. Two, our two approaches we take towards security are not being afraid to overhaul anything, assuming a flaw exists in more than one place, and incorporating methods that make flaws difficult to attack. Our three approaches we take... no - Among our main approaches we take to make OpenBSD more secure.. Wait... I'll come in again.
</inquisition>

#

Re:nearly fanatical devotion

Posted by: Anonymous Coward on March 29, 2006 10:02 AM
Nice<nobr> <wbr></nobr>:p

#

question

Posted by: Anonymous Coward on March 29, 2006 08:08 AM
Why do we care what the financial situation of openbsd or whatever it is is?

#

Re:question

Posted by: Anonymous Coward on March 29, 2006 10:05 AM
Because a lack of money directly hinders their ability to produce good, free software. That includes software that very nearly every *nix system uses these days.

#

Re:question

Posted by: Anonymous Coward on March 29, 2006 04:39 PM
Maybe becuase some people just care, and some people use OpenBSD for their business as well?

If you don't, why are you even posting here?

#

Re:question

Posted by: Anonymous Coward on March 29, 2006 10:56 PM
Some of us care because we use it. That's why I pay for a CD rather than just download the OS for free (also, I like the artwork).

If Theo has to get a day job to keep a roof over his head, we don't get as good an OS. Then we've got to go through the endless update and patch cycle that our overworked Windows brethren suffer through. It's worth buying a $40 CD twice a year to avoid that.

#

I agree specifically on the critique towards Sun

Posted by: Anonymous Coward on March 29, 2006 09:23 AM
Yes, I know I am on a hit & run thing and anonymous, but, read it from my lips: I agree on the specific Sun stance Mr De Raadt was showing, definately, from my own experience in multiple affairs.

I was unaware of the OpenSSH issues (cost coverage for a developer to be brought to a developer conference), but it completely integrates with my own setup here.

I see myself in the position to further critizise as follows.

I currently am oppositional to any "big software enterprise", because they put me into the belief that they are incapable to support the decentralised open source development environment properly. Effectively, I do not care for what they do anymore and hold it, wether you like it or not, with RMS and an opinion as he expressed in [1].

Otherwise, I congratulate the entire BSD community on the very good quality of their results, especially in spite of such odds.

References:
[1] <a href="http://kerneltrap.org/node/4484" title="kerneltrap.org">http://kerneltrap.org/node/4484</a kerneltrap.org>
Search document for "no software".

#

Re:I agree specifically on the critique towards Su

Posted by: Anonymous Coward on March 30, 2006 02:00 AM
See <a href="http://www.opensolaris.org/jive/thread.jspa?threadID=7083&tstart=15" title="opensolaris.org">http://www.opensolaris.org/jive/thread.jspa?threa<nobr>d<wbr></nobr> ID=7083&tstart=15</a opensolaris.org>


Theo's an ungrateful bastard. Sun has donated to OpenBSD and OpenSSH

#

nVidia MCP, G5 SATA etc....

Posted by: Anonymous Coward on March 29, 2006 03:09 PM
I'm not sure in what world Theo lives, but if you look at drivers/net/forcedeth.c in any moderately recent linux kernel, you'll find a nicely working driver for MCP chipsets that was initially done via reverse engineering. Funnily enough, if you look at the change history, you'll notice that the latest documented changes to that driver were done by<nobr> <wbr></nobr>... nVidia employees<nobr> <wbr></nobr>:)

Now regarding the G5 SATA driver, it works fine on all models in linux too, and I'm sure the author of this driver would be very happy to give a hand fixing the problem if asked... as I am that person<nobr> <wbr></nobr>:)

#

Re:nVidia MCP, G5 SATA etc....

Posted by: Anonymous Coward on March 29, 2006 10:09 PM
The problem is that this code is probably GPL, like most linux kernel code. Anything that is GPL won't make it's way into OpenBSD's kernel.

#

GP is the copyright owner!

Posted by: Anonymous Coward on March 30, 2006 03:02 AM
He can dual license his own code if he likes.
Alternately, he can use his own knowledge to improve BSD code.
Wonderful Freedom!

#

Pain relief

Posted by: Anonymous Coward on May 28, 2006 02:14 PM
<tt>[URL=http://painrelief.fanspace.com/index.htm] Pain relief [/URL]
[URL=http://lowerbackpain.0pi.com/backpain.htm] Back Pain [/URL]
[URL=http://painreliefproduct.guildspace.com] Pain relief [/URL]
[URL=http://painreliefmedic.friendpages.c<nobr>o<wbr></nobr> m] Pain relief [/URL]
[URL=http://nervepainrelief.jeeran.com/pa<nobr>i<wbr></nobr> nrelief.htm] Nerve pain relief [/URL]</tt>

#

Has anyone heard about the Lemmings in Scandinavia

Posted by: Anonymous Coward on March 29, 2006 03:58 PM
!!!!!

Well I admire Theo de Raadt but I do not understand very well his compleins, and I have to point out something that I have also exposed in other place:

As much as I love all the BSD distros and think they are solid, quick and good, I have to say that I have to disagree with they kind of Philosophy and licence model.

I also do not understand that others post claiming similar views are quickly accused of trolling by the BSD zealots... Sure there are GNU zealots, but if they prove their views with logic and empiric demostrations, why they should not do it?

The zealots of the explotation, the greed, the ultracompetitive social and economic models do not need troll too much, they simply are in power, and take what they need, and I you give it easy, so much the better...

Pretending that companies are going to contribute just because they are using what you relase for free based on good will is having too much confidence in the humang being...

And also ignoring some basic facts of economics (specially the neoliberal US and anglosaxon model), psicology, sociology, history, philosophy, and even biology and how life on earth was developed and the extrapolation of ecological niches and competition with/to the social and economic organisations...

I respect Mr. de Raat, and all the people making BSD distros, but I can not agree with thei philosophy and licence.
I would recommend the lecture of some basic text of Thomas Moore(Utopia), or Nieztche to start with...

I am not saying that they should change to the GPL licence model, it is their right not to do so, but I am afraid that many of their efforts will be fruitless.

Most companies will keep on using their soft without contributing, or contributing back, but just until they do not need it anymore. I wish I was wrong, though!

At the end the BSD model is empowering the people with their software, and many companies in which there are people with moral patterns of behaviour, but also empowering all the companies and people that do not give a damn about all that, and just take what is convenient for them and simply go away (at best, or simply use what you give to f**k you up)...

The problem is that the later kind of people and companies are already powerfull, and I do not see the reason to empower them even more. They will never contribute back, and they will use what you give them to own you, and to surender and dominate you...

Each one has to follow his way, his mind, and his soul. And if BSDs people feel like that, there is not much to do, but trying to explain why you think their model is not the appropiate one. They can listen if they want to, though...

Only that for those that have the power and the means to contribute back and do not do it, it is a good present, and as they probably know: divede and you will win<nobr> <wbr></nobr>...

Has anyone heard about the Lemmings in Scandinavia, throwing themselves to the death from the cliffs...? That is what happens when your model is not substainable!

!!!!!

#

Re:Has anyone heard about the Lemmings in Scandina

Posted by: Anonymous Coward on March 29, 2006 04:37 PM
Business understanding constantly evolves, and good practise as you suggested it, with mutual respect and arguing based on logical reasoning needs time to settle in to become solid practise.

For example: I am trying to graduate now with a thesis based on a mixture of open source software and free software. Since I am low in money I cannot immediately donate. But if I graduate then I will have a solid reference working with that software and then I can feed back to those contributors to my success. In a way, this is the true "web of trust": of course I can also decide to be an arsehole and never give back anything, or it may not work out and my financial situation remains unchanged, with again no feeding back possible. But that's the uncertainty of the business world, meaning, if I could tell now what happened in 2 years or 5 years I probably had no money problem in the first place<nobr> <wbr></nobr>;-)

#

Re:Has anyone heard about the Lemmings in Scandina

Posted by: Anonymous Coward on March 30, 2006 05:32 PM
!!!

NO guy... You are the stupid, poor assh**e, ignorant.

I have never seen a Disney film about lemmings, and they do it naturally when there is an overpopulation of lemmings in an area. They get nervous (a kind of collective paranoia, i guees), they move and migrate in masses, hyperexcited, they attack and kill each others too, sometimes, and they fall down the cliffs (not pushed by men, but for themselves, in their kind of collective paranoia, and many of them die...

!!!

#

Yes...

Posted by: Anonymous Coward on March 29, 2006 05:35 PM
You're stupid, and I'll tell you why. That lemmings myth you've just repeated as fact was created by Disney to make their movie about lemmings more interesting - they don't do that unless pushed off a cliff by a team of men hired to do so. Perhaps if you learned to read more the rest of your post would have been worth reading, unfortunately it went down hill from the subject.

#

Re:Yes...

Posted by: Anonymous Coward on March 29, 2006 11:49 PM
The poster was obviously not a native English speaker. There is a discernable difference between poor grammar and thinking/working/writing in a language you do not natively speak.

Learn the difference.

#

Take paypal!!

Posted by: Anonymous Coward on March 29, 2006 05:30 PM
Hey, I found a place where I can easily post this;

If OpenSSH project takes paypal, I'll make a donation.

Explanation here: <a href="http://www.liddicott.com/~sam/?p=47" title="liddicott.com">http://www.liddicott.com/~sam/?p=47</a liddicott.com>

#

Re:Take paypal!!

Posted by: Anonymous Coward on March 29, 2006 06:12 PM
I second that.

Why bother helping people living in closed shell...

#

Shame on you

Posted by: Anonymous Coward on March 30, 2006 12:43 AM
No PayPal? This is the lamest excuse I've ever heard!

#

telnet v. ssh

Posted by: Anonymous Coward on March 29, 2006 06:09 PM
Of course we did not set out to create OpenSSH for the money -- we purposely made it completely free so that the "telnet infrastructure" of the 1980s would die.


You ought to love that guy!!! Thanks!!!!!

#

Cost of distribution &amp; bandwith

Posted by: Anonymous Coward on March 29, 2006 11:10 PM
I don't understand why Theo is so worried about bandwith and FTP costs.

He should talk to long-time Linux distro sites like <a href="http://ibiblio.org/" title="ibiblio.org">http://ibiblio.org/</a ibiblio.org> for support. They mirror and do bittorrenting <a href="http://torrent.ibiblio.org/" title="ibiblio.org">http://torrent.ibiblio.org/</a ibiblio.org>of a huge number of distros. I am 100% positive that ibiblio will be more than happy to support OpenBSD

#

Re:Cost of distribution &amp; bandwith

Posted by: Anonymous Coward on March 31, 2006 06:12 AM
I don't believe he was saying that at all. I think his point was that the FTP servers continue to get busier while the donations and CD sales are decreasing.

#

Credit where credit is due?

Posted by: Anonymous Coward on March 29, 2006 11:30 PM


Of course we did not set out to create OpenSSH for the money -- we purposely made it completely free so that the "telnet infrastructure" of the 1980s would die. But it sure is sad that none of these companies return even a fraction of value in kind.



Let's remember that Theo or OpenBSD did not "create" OpenSSH as he makes it sound here. OpenSSH is derived from the last free version of SSH created by Tatu Ylonen. Ylonen changed his license and OpenBSD forked it into the OpenSSH we have today. Yes, it's a wonderful piece of code, but OpenBSD forked someone else's idea. OpenBSD forked SSH to keep it free, not to make it free.



That leads me to wonder, since we are casting stones here<nobr> <wbr></nobr>... What did OpenBSD give back to the original SSH project? How much money did OpenBSD sent to the SSH project when it was free?

#

Re:Credit where credit is due?

Posted by: Anonymous Coward on March 30, 2006 03:46 AM

How much money did OpenBSD sent to the SSH project when it was free?



A better question: How much money did OpenBSD make from the original SSH project?

#

Re:Credit where credit is due?

Posted by: Anonymous Coward on March 31, 2006 08:38 AM
At the time, they were, I believe, making NetBSD and had just started with the creation of OpenBSD (remember that Theo was one of the founders of the NetBSD project). So, the answer is, they were writing Free Software.

Theo and Co. never have claimed that they invented SSH. They claimed, and continue to claim, that they *kept* SSH free when Tatu Ylonen took it non-free. They've always given credit to Ylonen for coming up with SSH. But the implementation called OpenSSH, while originally derived from Ylonen's code, has diverged drastically from that version 1.2.12 of vintage what, 1996? It's been ten years now, and the OpenSSH that we see today bears very little resemblance to Ylonen's code from back then.

Thus, I believe that the OpenBSD project can rightly claim "create" credits for the OpenSSH implementation, at this point.

#

Figures

Posted by: syberghost on March 29, 2006 11:37 PM
First he accuses Linux developers of being "flexible in their beliefs" in a way he implies is unethical, then he makes an exception to his project's CORE BELIEF regarding Full Disclosure for somebody who pissed him off.

#

Fund OpenSSH *only*

Posted by: Anonymous Coward on March 30, 2006 12:32 AM
The real question to be asked is: Can one contribute money to OpenSSH and **only OpenSSH**?

All this whining annoys me. Yes, sure, IBM, Red Hat, Novell, etc. all benefit from OpenSSH, but can they fund OpenSSH without watching their money spent on OpenBSD?

I don't care about OpenBSD (I see it as a quality OS, but I'm not using it anywhere), nor do the Linux vendors care.

And normally these (Linux) vendors support projects with manpower and/or infrastructure, not money. And (correct me if I'm wrong) the OpenSSH folks seem to follow the "elite" way of the *BSDs by not accepting patches very easily.

#

Re:Fund OpenSSH *only*

Posted by: Anonymous Coward on March 30, 2006 02:37 AM


The real question to be asked is: Can one contribute money to OpenSSH and **only OpenSSH**?



That's a concern for investors or donators. What do they really do with the money you send. The short answer is that you have no real guarantee that your money designated for OpenSSH won't be used somewhere else that the OpenBSD leadership feels is necessary. There is no accountability in place.



However, if you do use and benefit from OpenBSD (not just OpenSSH) then you probably should donate. Sure, there is no accountability so they could use the money for beer and pizza, but they would do that anyway with their own money. And they write this software because they enjoy writing the software, and it scratches an itch they (and others) have. The only question left is whether the donated money is fairly distributed.



And normally these (Linux) vendors support projects with manpower and/or infrastructure, not money.



It is easier to procure manpower resources, and explain that, than it is to explain to shareholders that the company gave money to some entity out of goodwill. Especially if the product is "free" already. Even more so if the company is not a registered non-profit (which means no tax benefits).



Above that, for the ones who know and care (admittedly, not many), the elitism, prejudice, and hypocritical attitude towards outsiders and large corporations will add further distaste in the minds of shareholders. This attitude also reduces the willingness for these corporations to even help with code, hardware, or manpower resources for people within organizations who do care and who do want to try to help in some manner.




Corporations don't care about goodwill. They can't, really, or they will ultimately fail in this capitalistic society of today. They (have to) care about profit and the business.

#

Re:Fund OpenSSH *only*

Posted by: Anonymous Coward on April 08, 2006 06:26 PM
Sorry, this not how it works. You donate to reward someone for something that he has already done and that you happen to have benefited from it. You have the reasonable expectation that your donation will help in the future development (one way or an other, even by simply morally encouraging the developers by showing that someone actually appreciates their work), but IMO it is DISRESPECTFUL to ask such thing as a guarantee that your donation money will be used in a certain way. You are not paying for something, you donate to some people that have ALREADY saved you money and time. You can expect that they will continue to do so, but you can not commit them -unless you hire them. Even if they don't, they' ve already saved you more time and money than your donation is worth, so you can say nothing<nobr> <wbr></nobr>;)

People that fail to understand that obvious fact, should have problems justifying the existence of free software as well (typical, miserable businessmen with no resourceful interest blah blah... )

cheers

#

Re:Fund OpenSSH *only*

Posted by: Anonymous Coward on April 08, 2006 10:53 PM
Sorry for the mistake, the above was meant as a reply to the thread one-level up

#

Good hardware vendors

Posted by: Larry_Dillon on March 30, 2006 02:33 AM
I use Linux, OpenBSD and FreeBSD. Like 90% of OpenSource users, I've never contributed a line of code, and really do not posess the skill.
The question I keep having is "Which hardware should I buy." We have Theo talking about which vendors are OpenSource-friendly, but what we need is a database where developers can say what hardware has open specs and likely the best drivers.

I think the most meaningful thing most of us can do is "vote with our dollars" for vendors that release hardware info.

#

Re:Good hardware vendors

Posted by: Anonymous Coward on March 30, 2006 10:12 PM

[...], I've never contributed a line of code, and really do not posess the skill. [...]


if you use this attitude in support of self-improvement (not implying that I was urging you to do so), you soon will posess it.<nobr> <wbr></nobr>:-)

#

The natural effect of BSD-style licenses?

Posted by: Anonymous Coward on March 30, 2006 03:39 AM
For projects that choose a BSD-style permissive license for a software project, the priority is to have the software used as widely as possible, period.

For projects that choose a GPL-style license, the priority is to ensure that people can't take from the community without giving something back.

It's puzzling how people who choose a BSD-style license can be baffled by companies taking from them without giving anything back in return. That's what the license is geared for; that's what it encourages. Companies have incentive to take from the community, but there's no incentive for them to contribute something back.

In a sense, BSD-style licenses encourage software to thrive at the expense of the community, while GPL-style licenses encourage communities to thrive at the expense of the software (limiting the usage of the software).

In a tiebreaker, I'd favor GPL-style licenses for the simple reason that software doesn't build communities, communities build software.

If communities are encouraged, sustainable software will naturally follow. But if software is encouraged at the expense of communities, there's no mechanism for sustaining either the software or the community that created it.

In general, I'm interested in learning what helps to encourage sustainable communities.

-Flash

#

OpenBSD's financial situation

Posted by: Anonymous Coward on March 30, 2006 04:00 AM
<a href="http://evilcode.net/sjg/blog/2006/03/openbsds-financial-situation.html" title="evilcode.net">http://evilcode.net/sjg/blog/2006/03/openbsds-fin<nobr>a<wbr></nobr> ncial-situation.html</a evilcode.net>

#

Re:OpenBSD's financial situation

Posted by: Anonymous Coward on March 30, 2006 05:05 AM
Hmmm, picking on Sun? AFAIK, HP-UX's SSH is also based on openSSH code, as is IBM's AIX implementation iirc....

Why are you picking exclusively on Sun, Theo?

#

Re:OpenBSD's financial situation

Posted by: Anonymous Coward on March 31, 2006 08:50 AM
He might still be sore about the refusal of Sun to give him specs for some of the hardware about three years back. OpenBSD 3.3's "song" is about that refusal. If he's still actively holding a grudge about it, then he's wasting energy.

You're right; if he's going to criticize anyone, I say that he should be criticizing all equally. Actually, a previous poster was correct; Cisco is way worse than Sun, about like Microsoft. He ought to be criticizing Cisco more than Sun.

#

Ouch - no wonder you don't donations

Posted by: Anonymous Coward on March 30, 2006 07:38 AM
So for now we are sticking to clear cash donations, without tax receipts.

So how would a company like SUN or IBM donate money to the project? Actually how would I -- is buying CDs and T-Shirts the only option?

I've never met a BSD developer and I don't live anywhere near what could be considered a metropoliton area, much less one with a convention center.

I'm not too keen on sending checks to any old Joe Blow through the mail, especially without receipts. Do all cash "donations" go to Theo and then we depend on him to disperse it?

#

Re:Ouch - no wonder you don't donations

Posted by: Anonymous Coward on March 30, 2006 07:47 AM
Oops, I should have included a sentence or two to point out that like other posters above, knowing what will happen to the money (accountability) is a major factor in donating. Especially when you're nowhere near the action.

#

Badly Squeeezing for Dollars !!!

Posted by: Anonymous Coward on March 30, 2006 07:55 AM
!!!

I have posted that in another thread but, here I go:

BSD

Bad Sofware Developpers

Badly Squeeezing for Dollars<nobr> <wbr></nobr>:)

Sorry, I could not help it!

or

Beware! Some Despicable

BaStarDs sons of UNIX

Begging for Some Dollars!

--

This one was bad at all neither !

---

Yep.. its true.. No exuse.

Only perhaps these:

- Montepulziano d'Abruzzio " Denominazione d'Origine Contallata", La Rinalda 2004 - 1 Bottle

- Vitoria "Gran Reserva" 1997, Valdepenas, denominacion de Origen, Tempranillo - 2 Bottles

- Cotes du Rhone 2004, Denomination d'origine - 2 Bottles

- some still to come...

that we are finishing here !!!

It is being a great night here! We have also been trying the DesktopBSD 1.0 distro. Pretty good actually... Not all the good stuff is Linux...

!!!

#

No contributions because leader is asshole

Posted by: Anonymous Coward on March 30, 2006 12:17 PM
This guy won't accept any ideas, he gets pissed if you think of an idea that he hasn't and if you ever did make some code for something, he would never use it because he didn't write it.
So why bother writing code for anything this guy "leads"?
They need to kick this guy off.
This guy *IS* the problem with the whole project.

#

Re:No contributions because leader is asshole

Posted by: Anonymous Coward on March 30, 2006 01:36 PM
Read just about any maillist for OpenBSD or OpenSSH, the abuse against other developers is unbelievable!

#

Re:No contributions because leader is asshole

Posted by: Anonymous Coward on March 30, 2006 02:13 PM
thats how you get a clean code you moron.. people like you are the biggest problem.. do everyone a favour by kissing an on coming train..

#

Re:No contributions because leader is asshole

Posted by: Anonymous Coward on March 30, 2006 03:13 PM
Yea, that's how open source projects work, whine and complain that you need more funding while pretending that you actually have a "team" of programmers working on it.

I say let him run out of money so that someone else can fork the project and do a better job.

It really takes one manager type personality to run a good open source project. Programmers are well known for being "anal" and having zero people skills.

Money isn't the real issue here, the project needs a manager. Anyone? Please!

#

Re:No contributions because leader is asshole

Posted by: Anonymous Coward on April 09, 2006 02:58 AM
The project has a manager and that's why it is what it is. You fool yourself if you believe that openbsd would continue to exist for long under a management that would give higher priority to good PR rather than good code. Don't ask why, but these two things tend to work against each other in practice.. Just watch the competition<nobr> <wbr></nobr>;)

Anyway.. is this a real argument? Let me rephrase it otherwise then:

"TDR, I like your software, I use it and profit from it, but screw you. Nevermind that every day charlatans in the IT industry rip me off for air, blackmail me into using their inferior products or make me captive of their decisions, they are polite and you are rude. Well, not that you have ever been rude to me personally, but from what I hear, in technical arguments you tend to be rude with those that disagree with you for your own project. Of course you are a programming genious and you are probably right in your arguments, since these are technical arguments, but that doesn't matter -nor does the fact that you are an honest guy. Besides, we all know that stealing is a minor sin in comparison to being rude. So screw you and screw your project (which I'll keep using however, since I profit from it)."

whatever...

#

Clean code, maybe. Funding, no!

Posted by: Anonymous Coward on March 31, 2006 03:07 AM
Being rude do your developers *may* be a way to get clean code.

It is definately *not* the way to get people to fund you or donate to you.

Also, just so you know, being rude to people is also *not* a good way to get your point across and considered seriously.

#

OpenSSH needs better management, out of OpenBSD

Posted by: Anonymous Coward on March 30, 2006 05:46 PM
OpenSSH needs to be it's own project away from OpenBSD and with proper management.
It's becoming more important to Linux and servers in general but yet it's bogged down with developer management problems (only one programmer and no management is a big problem).
Before donating any money I would want to see a more open project with many developers contributing code and a good manager that keeps the changes in order.
What we have now is one high and mighty programmer that doesn't allow any room for others to contribute, preventing further innovation and progress.
It wouldn't be hard to fork the project and continue to be compatible for a few years.

#

How to be a leader of an OS project, by Theo

Posted by: Anonymous Coward on March 31, 2006 06:11 AM
How to be a leader of an open source project, by Theo

1. Be rude to everyone because you are a god.
2. Be really, really obnoxious.
3. Make sure everyone else knows you are a god.
4. Never accept any code from anyone, even if someone spends weeks or months working on it.
5. Do not use other people's code, it's "not clean" that way.
6. Do everything yourself so it takes forever for the code to be updated.
7. Do not let anyone touch your "baby", it's your code, keep it that way.
8. Just say "mine, mine, mine" like a little baby and everyone will go away.
9. Ask for funding and pretend like you are a leader of many developers to get it.
10. Pretend to be a nice guy during interviews so no one is the wiser.
11. Never, ever accept any new ideas from outside.
12. Make sure you belittle other people.
13. Remember you are a god.
14. No one else could possibly program as good as you can.
15. God, you are.
16. Make sure the universe revolves around you.
17. Look in the mirror every day and say to yourself "damn I'm good".
18. Remember that all other programmers are below you.
19. Know that no one else can think of any good ideas, it's a great ego boost, use the thought often.
20. Tell everyone else off whenever having a conversation.

#

Re:How to be a leader of an OS project, by Theo

Posted by: Anonymous Coward on March 31, 2006 09:20 AM
So true. The OpenBSD project was at one time asking for Gigabit Ethernet cards, as, at the time, these cards were still quite expensive--several hundred dollars, at a minimum. See, nearly every Gig-E NIC sold at that time was fiber-optic; there were very few copper-based Gig-E cards available, and even they weren't exactly cheap. I bought and offered him one, a fiber-optic card that used a chipset for which the programming docs were, unfortunately, not freely available. I, a non-programmer, saw "Linux support" on the box and took this as a good sign.

Theo's refusal of the offered NIC used such an acidic tone that I said to myself, "well, OK, if that's your attitude, then up yours, too." It's not that he said no. Rather, it's how he said it. He could've been a lot nicer than he was about why he was saying no, and he could even have (in a friendly manner) given me a suggestion about who to call at the chipset manufacturer, since he's had experience in this area. But he'd rather be an asshole and put someone down...for trying to help him. I walked away from OpenBSD right then and there and went straight for Trustix, and I've stayed with Trustix ever since.

OpenBSD may be good software, but the project leader's attitude leaves a whole lot to be desired. I sure won't be offering anything to him, or his project, again.

#

Re:How to be a leader of an OS project, by Theo

Posted by: Anonymous Coward on March 31, 2006 09:48 AM
Even with all the posts here and other places, the guy will never change.
I use Ubuntu now, it's got a good firewall and it's updated often. It's also based on debian.
Theo would be a nobody if it wasn't for OpenSSH, and even then, it won't take much for someone else to take over.
SSH has a lot of problems right now on servers. The crackers know it's one of the few open ports and they are attacking like mad.
Theo won't listen to anyone and so the security of SSH is suffering.

#

Re:How to be a leader of an OS project, by Theo

Posted by: Anonymous Coward on April 09, 2006 07:48 AM
WTF are you talking about? Attacking, how? OpenSSH (not surprisingly) has an excellent history of security. You may comment on Theo's attribute if you really want to (though I suggest you do so only if speaking from personal experience), but don't throw inaccuracies or make assumptions that only make you look stupid<nobr> <wbr></nobr>:p

#

Interview: Theo de Raadt of OpenBSD

Posted by: Anonymous [ip: 132.248.205.70] on September 04, 2007 11:17 PM
Theo de Raadt sucks

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya