Why isn't security on linux taken as seriously as openbsd when most of the internet runs on linux servers?

Why isn't security on linux taken as seriously as openbsd when most of the internet runs on linux servers? If it's GPL why aren't there more security improvements being upstreamed?

Nothing Ever Happens Shirt $21.68

Unattended Children Pitbull Club Shirt $21.68

Nothing Ever Happens Shirt $21.68

  1. 3 weeks ago
    Anonymous

    >Why isn't security on linux taken as seriously as openbsd when most of the internet runs on linux servers?
    Because if your servers are three times as fast, you only need to pay 1/3 as much for servers.

    • 3 weeks ago
      Anonymous

      why dont BSD users refute this, is it just true?

    • 3 weeks ago
      Anonymous

      why dont BSD users refute this, is it just true?

      FreeBSD is more secure and faster at network stuff than linux. Netflix for example runs on FreeBSD since the small small differences make a huge difference wheb upscaled to their traffic.

      The main reason linux is the norm is because BSD was taken to court by ATnT back in the day, and every university shat itself and switched to linux, same with all companies that used BSD. Moreover linux was made during BSD time in court.

    • 3 weeks ago
      Anonymous

      phoronix benchmarks are laughable.

      • 3 weeks ago
        Anonymous

        I hear this a lot but I don't know anything about benchmarks. What makes it so?

    • 3 weeks ago
      Anonymous

      It takes 2 seconds to turn on hyperthreading.

  2. 3 weeks ago
    Anonymous

    openbsd is vulnerable to BadUsb exploit from 2014.
    inbound moronS "it'S pHysICaL aTtAck YoU Can't DeFENd fRom iT" - well yet Linux does defend itself from it, IDIOT

    • 3 weeks ago
      Anonymous

      how does linux defend against it?

    • 3 weeks ago
      Anonymous

      >the BadUSB autist is at it again
      Not plugging in untrusted USB devices is common sense. I'm sorry you can't grasp that.

      • 3 weeks ago
        Anonymous

        >he doesn't know about Firewire's fall from grace

      • 3 weeks ago
        Anonymous

        Linux users can untruste dusb devices, bsd cucks can't

      • 3 weeks ago
        Anonymous

        Linux users can connect untrusted USB devices, bsd cucks can't

        how does linux defend against it?

        >how does linux defend against it?
        /proc/.../usb.../authorized

        automated bu usbguard for example

        • 3 weeks ago
          Anonymous

          Not enabled properly by default. Any USB spoofing gets around this. Also, any USB can lie about being a keyboard and then do mallicious things.

          But... Perhaps there is a database with ID of every sibgle USB keyboard and mouse somewhere that I am unaware of and linux uses that. But as far as I am concerned I never had to whitelist any keyboard and I bet you don't either.

          Security features need proper implementation and can't fix the stupid.
          Someone has physical access to your device you have bigger problems.

          • 3 weeks ago
            Anonymous

            >Also, any USB can lie about being a keyboard and then do mallicious things.
            not on linux when you install and enable usbguard and tell it to require confirmation for any new keyboard/HID.

            >ID database
            no, it can be spoofed.
            the solution is simple: if you connect user does he REALLY wants to add additional keyboard/HID (besides the one that was connected on bootup time).
            usbguard does that (with proper config)

            openbsd and all bsd* lacks any kernel interface to have this behaviour, they can't do that. until someone patches it to add per-device enable (that is locked while inspecting what device wants to connect as)

          • 3 weeks ago
            Anonymous

            >"when you install and enable usbguard"
            You do know such features exist on BSDs, right? Just because linux tards need package and all that to do basic things doesn't mean you can't do it without. Literally just set permissions on /dev, any moron can make a script for that and make their own usbguard but unbloated. SystemD is a bigger security issue and a dependency of usbguard.

          • 3 weeks ago
            Anonymous

            >You do know such features exist on BSDs, right?
            no, they do not.
            BSD lacks this ability in kernel.

          • 3 weeks ago
            Anonymous

            This is mental moronation. Heard of setting permissions for /dev?
            You can do that without kernel module. A simple script can do it. But linux midwits need systemD and bloat to do the simpelest things such as chmod. Too complicated for linux ppl. Or is it due to all the bloat overriding your manual chmod settings for /dev that has you need to use systemD dependent software for basic functionality/scripting?

          • 3 weeks ago
            Anonymous

            most of usb guard can't be done, you need to half-init usb device enough to inspect it.

            how ever, maybe it's possible to block the suprising-keyboard attack.
            which in /dev/ is the 2nd keyboard?

          • 3 weeks ago
            Anonymous

            Just block all USB HIDs.Tbf the threatmodel when that is an issue is usually when you have a server physically in another place. And then you probably connect using ssh.
            But then there is hotplugd if you worry about plugging in while running.
            Since my server is in my home and I live in a ghetto where ext4 is equally good as encryption I haven't had any need to look into it. Currently at office were we run linux so I can't check usb devices sorting on OpenBSD atm.

            If someone has access to my server then my physical well being is at stake. If I get a remote server then I'd just disable all USB HIDs.

            Sure I can agree it is a bigger hassle on OpenBSD having to script it manually and set permissions.

          • 3 weeks ago
            Anonymous

            no, the use case is that I want to connect usb pendrive. I am logged into console probly so I can cp / mount / inspect it.

            how to stop any new HID at that time?

          • 3 weeks ago
            Anonymous

            set permissions or rules or do hotplugd to make script run if USB is plugged in

  3. 3 weeks ago
    Anonymous

    [...]

    >it's not cucking if you SHARE your wife but giving her away is

    • 3 weeks ago
      Anonymous

      good point
      with GPL software, everyone shares the same wife
      with BSD/MIT/ISC software, everyone gets their own wife
      makes one think

      • 3 weeks ago
        Anonymous

        >everyone gets their own wife
        everyone gives away their own wife

  4. 3 weeks ago
    Anonymous

    Probably because the mentality of large software companies is to pretend to care about security and implement every single mitigation under the sun, hoping that by throwing enough shit at the wall you will be resilient to most of the common exploits. This is why namespaces and seccomp are so attractive. Tools like Kubernetes, Docker and Podman make them relatively easy to manage and while they don't fix shit like
    >https://www.phoronix.com/news/Google-Restricting-IO_uring
    they limit how much damage an attacker can make. So there's no pressure to make Linux secure by default, people trust containers (for now).

  5. 3 weeks ago
    Anonymous

    Just guessing, but possibly because there's so much fragmentation in the Linux space that people don't even know where to begin, unless it's Kernel-level.

  6. 3 weeks ago
    Anonymous

    Suppose there is a security bug in OpenBSD. Who is going to invest the effort to find it? Nobody cares, it's a meme OS.

    That's why Linus Torvalds is a household name and Theo de Raadt is not. You can sperg out all you want about some particular aspect of your software, but if your software is not useful, nobody cares.

    • 3 weeks ago
      Anonymous

      They look through it all the time. Proactively secure. Linux doesn't do that. No fixing until after they find the issue exploit backdoor that's called an exploit or bugg. Linux security depends on OpenBSD as well. Heard of sudo? SSH? Those things are made by OpenBSD. Sudo was dropped for not being secure enough. Moreover, no NDAs in OpenBSD, linux has a lot of NDAs signed for drivers and shit. You trust software that was ported and implemented under NDAs?

      • 3 weeks ago
        Anonymous

        > They look through it all the time. Proactively secure. Linux doesn't do that.
        If you honestly think there are more eyeballs on OpenBSD source than GNU/Linux source, you need to be involuntarily committed for your own safety. (Except for OpenBSD software that people actually use, sure, i.e., ones that are often bundled with GNU.)

        >Moreover, no NDAs in OpenBSD, linux has a lot of NDAs signed for drivers and shit. You trust software that was ported and implemented under NDAs?

        Do you actually think anyone gives a frick? Yeah dude, much of the Linux kernel is maintained by corporate employees. Those employees often sign NDAs, yes. But those employees exist because the software is actually useful

        • 3 weeks ago
          Anonymous

          That's my point, no one cares about NDAs. Also, OpenBSD wasn't affected by meltdown. They noticed the issue 7 years earlier and patched it. One example of proactive security.

          More eyes on code doesn't mean more security. After around 4 experienced coders reviewing more eyes don't help much, but security testing and actively trying to find exploits is not common in linux except for some google employees.

          • 3 weeks ago
            Anonymous

            >actively trying to find exploits is not common in linux
            I am in awe that BSD turbo-virgins actually believe this. Bless your heart

          • 3 weeks ago
            Anonymous

            I did say google is the main actor for the security part. Few other actors do proactive linux security

  7. 3 weeks ago
    Anonymous

    Not taken seriously because of containers and hax that give illusion of security. Moreover linux is run by big tech that want backdoors. 0 gatekeeping comoared to OpenBSD and other BSDs. Spaghetti code is encouraged on linux due to funders wanting that.

    SystemD developer works for microsoft. Linux Foundation doesn't even finance linux development. Ppl focus on NVidia for "going open source" (they aren't really) and work for free to help make it run better instead of focusing on security.

    The biggest contributor to linux security is google. I don't trust google, anyone doing that is mentally defiecent. So many "bugs and exploits" are most likely there by mallicious intent. But unless you can prove mallicious intent it is considered a bug or exploit.
    Xs perfect example, just an autist benshmarking ssh, how many similar backdoors have been unnoticed or considered buggs/exploits?

    • 3 weeks ago
      Anonymous

      Gotcha, so the main users of OpenBSD are conspiracy-minded perverts jealous of FAANG salaries

      • 3 weeks ago
        Anonymous

        Yes, google wanting back doors and mallicious actors for the biggest server OS is conspiracy minded.

        Literally mental defiecency at work here.
        Google has your best interest in mind, right? Microsoft also has your best interest in mind. No backdoors ever made or censorship by them.
        The most common form of exploits getting implemented is social engineering or bribes. Not hacking or such. Ppl pretending to have your best interest in mind and then sign NDAs... Yea, no. If linux devs refused that NVidia would be forced to go full open source, their biggest market is AI and cloud computing shit, you think they run windows? If their biggest customer base can't run their hardware they will change the software to be open. But linux cucks sign the NDAs and allow microsoft and google to run their projects. Brilliant, absoluteky brilliant for security.

        • 3 weeks ago
          Anonymous

          >Yes, google wanting back doors and mallicious actors for the biggest server OS is conspiracy minded.

          Yes. You have never worked at a big company my friend, definitely not a FAANG company. They are basically a collection of fiefdoms viciously fighting with each other, run by anxious libs trying to keep their metrics high enough not to get fired. You are overestimating how organized they are.

          No, Google does not have anyone's "best interest in mind" besides theirs. But there is no reason they would intend to put backdoors in the kernel/userspace unless at the behest of the CIA/NSA. But why would intelligence agencies bother with that when they could simply take a Jia Tan approach?

          And why is the OpenBSD project immune to infiltration in your eyes? You think if a CIA agent holds a gun to Theo's head he'll just spit out the bullet like the Hulk?

          • 3 weeks ago
            Anonymous

            OpenBSD (like most BSDs) don't accept badly written code. It must be clear as day to ensure no code obfuscation is made.

            Yes, code obfuscation is used to make backdoors but it looks like bugs or exploits by obfuscating it. And yes while it's true he probs value his life more, I still trust him more than microsoft or google employees that already sold their soul.

          • 3 weeks ago
            Anonymous

            Forgot to give example. Compare dwm source code with cwm source code. Cwm is way more readable and easier to understand.

          • 3 weeks ago
            Anonymous

            >OpenBSD (like most BSDs) don't accept badly written code
            only openbsd is unique in security and correctness. wildly different from freebsd that has c++ in base and generally is linux imitation garbage. netbsd is also pretty bad

          • 3 weeks ago
            Anonymous

            >You think if a CIA agent holds a gun to Theo's head he'll just spit out the bullet like the Hulk?
            yeah

          • 3 weeks ago
            Anonymous

            to be serious for a second here the other contributors would look at "theo's" backdoor code and sound the alarms even if he complied.

  8. 3 weeks ago
    Anonymous

    cuck license

  9. 3 weeks ago
    Anonymous

    >Why isn't security on linux taken as seriously as openbsd

    because we want to be more than just a launchpad for closed-source software while also having real features desktop users want (like WINE, gaming, robust software support)

    you will always be niche and in the corner, the original sin of your operating system is the famous BSD permissive theft license.

Your email address will not be published. Required fields are marked *