Talk:OpenBSD/Archive 3

Todo
I do not like this todo on a seperate page and in a little box as I think it stifles discussion, so I've moved any todos which are not agreed upon out here. I think we should discuss them first, then move them to seperate todo when its clear that something should be done. To this end I have also added my comments below. NicM 17:16, 29 January 2006 (UTC).
 * Good job archiving the old content though. NicM 17:18, 29 January 2006 (UTC).


 * Link the trademark dispute between OpenSSH and SSH Communications Security/Tatu Ylönen, which is covered in the OpenSSH article.
 * I'm not sure about this one. Does it help explain anything about OpenBSD? Can't we take it as read people will visit OpenSSH. NicM 17:16, 29 January 2006 (UTC).


 * Link OpenBSD developers in a manner that isn't the See alsos.
 * I don't think this is necessary. NicM 17:16, 29 January 2006 (UTC).


 * Mention the usage of the 1.3 series of Apache (webserver), rather than the 2.0. Reasons and OpenBSD's changes to the code.
 * I'll do this one. NicM 17:16, 29 January 2006 (UTC).


 * Talk of Sendmail's usage, give the reasoning used by the project.
 * Definitely don't think this is necessary, there is nothing unusual in using sendmail, and no reason we should single it out. NicM 17:16, 29 January 2006 (UTC).


 * Perhaps expand mention spamd.
 * Don't think this is necessary either. NicM 17:16, 29 January 2006 (UTC).


 * The wireless campaign, mention Taiwan, Ralink and Realtek.
 * I think a mention of this would not be amiss. But where? Suggestions? NicM 17:16, 29 January 2006 (UTC).
 * On second thoughts, wouldn't this be better with full blow-by-blow detail in OpenBSD history? NicM 17:18, 29 January 2006 (UTC).


 * Make a new article for a play-by-play OpenBSD history, which covers major changes in each release, dates and special notes like the artwork and special happenings during the development cycle.
 * Excellent idea. NicM 17:16, 29 January 2006 (UTC).


 * Reintegrate mention of DARPA and the POSSE project, so that it is not just a See also.
 * Don't agree. Not key and don't explain anything not already covered about the OpenBSD project. Put them in the new OpenBSD history article. NicM 17:16, 29 January 2006 (UTC).


 * More thorough mention of OpenBSD's documentation.
 * This deserves something. NicM 17:16, 29 January 2006 (UTC).


 * Discuss how OpenBSD does it's patch branch and errata.
 * I don't think this is interesting enough to put in, to be honest, its a minor organisational detail and doesn't really enlighten anyone: anyone using OpenBSD knows this, anyone moving to it will find out pretty quickly, and it won't help anybody who is just interested. NicM 17:16, 29 January 2006 (UTC).


 * Section "code auditing": maybe this could be improved by trying to explain the TdR's statements about security achived by code quality/purity, not only by targeting explicits "security features". Like in this Theo de Raadt statement: Almost all security problems are simply a result of poor quality. (source: http://www.tuxjournal.net/intervista3-en.html). Or better, this long citation from http://www.theepochtimes.com/news/5-7-5/30084.html : So, weve got a large code base, and we started auditing it. The basic idea of our auditing process was that wed find a bug, and wed go fix that same bug everywhere. So the process isnt fix a bug and then go find the next type of bug; its find a classification of a bug, decide what it is, then go fix it everywhere. And we classified bugs differently. You dont say, Oh, this is a buffer overflow of this type. Wed say this is an idiomatic error made by a programmer who believes that the thing that hes using works this way, but it doesnt work that way, it works this other way. So, lets go find every single case where the programmer misuses this application programming interface and make them all perfect. So, we did this throughout our source tree, with probably about 100 types of common programmer mistakes. Some of them dont even have direct security impact, but we did it anyway, because theres no way you can build security if you dont have quality. So, the slogan I used to toss around a while ago was Security is decided by quality. I think this Theo de Raadt citation is more pertinent for the "code auditing" section than the Espie's one. What's your opinion ?
 * Sure, do it. The section on code auditing needs to be expanded. Remember though that this section is intended to be a summary with the bulk of the content in OpenBSD security features (which badly needs more on code auditing (yes, this is a security feature), IPsec, etc). NicM 16:10, 11 February 2006 (UTC).


 * Section "code auditing": It could (maybe) be the place to explain why OpenBSD often promote simplicity against feature completness (since this is related to auditability) ?
 * Hmm. I'm not sure how this can be put, but if you think you can explain it, go for it. NicM 16:10, 11 February 2006 (UTC).
 * Ok I'll write something (and for the point about quality auditing too). It will need peer review since I'm not an native english speaker, so I'll link here to the modifications proposals rather than modifying the page directly. 81.57.42.108 22:56, 11 February 2006 (UTC) (hu, btw I've only an account on fr.wikipedia)


 * Introduce high-Availability and redundancy features in section "Uses". The relativly recent redundancy features, both at L2 level (with trunk) and L3 level (with CARP), the firewall level (with pfsyncd) and the IPsec level (sasyncd) make OpenBSD a good candidate for high available, redundant security gateways (specially when we consider that not all other free OSes have such a complete feature set). Or maybe those may end up in a separate section "Specific features" (?) where we can brievly introduce pf, carp, sasyncd, pfsyncd, isakmpd, openbgpd, openospf, etc. (and by the way, provide a link to relevant articles for more details) ?
 * I really don't think we need a specific features section, this kind of detail bogs the reader down and is adequately explained on openbsd.org and other articles. I think mention the features where they add something to discussion of processes and principles behind or uses of OpenBSD, detail can go into specific articles, such as PF, CARP, OpenBGPD, etc—many of which are in desperate, desperate need of improvement (yet everyone thinks stuff should be added here! :-). A single paragraph summarising all the features you mention under Uses would probably be fine ("OpenBSD includes a number of features designed for firewalling and high-availability. The PF firewall was designed to have a simple, understandable syntax and is well-integrated into the operating system, including cooperating with kernel routing and bridging and the built-in ALTQ QoS system. For redundancy, CARP .... etc" If you don't do it, I'll do it when I get round to it.) Remember that we want to avoid the article getting too long again (I cut about 1/3 of its length, mostly this kind of detailed stuff, before it managed to get featured), so if things could go in another article, I think it is much better to summarise them in this one and point to the other article with more detail. NicM 16:10, 11 February 2006 (UTC).
 * You're right. In the meantime, it's hard to write full fledged articles on sasynd, pfsyncd etc. from scratch.
 * Create stubs and other people will hopefully expand them. NicM 23:24, 11 February 2006 (UTC).


 * Improve page layering / presentation ? I find that the page may gain to be a bit more aired, don't you ? I don't exactly know what could be done (that's why I call for discussion) but we have mostly sections composed of large blocks of text (not the ideal for readability, at least, not very 'catchy'). Maybe we can add some more schemas/graphics (but about what ?). Or subdivise largests sections with subsections ? (this would be excellent as it could improve content hierarchy and structuration, or, at least, force it to stay honored on futures edits).
 * The page used to be split into many more sections and shorter paragraphs and was roundly criticised for it during the peer review and featured article processes. This had good reasons behind it: generally, short paragraphs and subsections flow and read poorly, in a very choppy manner—they are okay if you are dipping into the article (as most editors or people using it for reference do) but for reading it, they are poor. I think the structure is pretty good at the moment, and am reluctant to see major flow changes without good reason. A few more diagrams or graphics would be very nice, if you or anyone can find (or produce) any suitably licensed ones. NicM 16:10, 11 February 2006 (UTC).
 * Ok, I understand better now. For diagrams, the main difficulty is to find what would benefits to be illustrated ; let me re-read with this question in mind... 81.57.42.108 22:56, 11 February 2006 (UTC)
 * Yeah, I can think of places in OpenBSD security features, W^X and CARP (which is a terrible article at the moment) could do with diagrams, but not much in this article. NicM 23:24, 11 February 2006 (UTC).

Archived
I just put the old discussions into the side there, it was starting to get really long in this page. Janizary 16:48, 29 January 2006 (UTC)

On Portal:Free software, OpenBSD is currently the featured article
Just to let you know. The purpose of featuring an article is both to point readers to the article and to highlight it to potential contributors. It will remain the feature for a week or so. Gronky 12:38, 3 February 2006 (UTC)
 * Nice, although I can't say the colour scheme is exactly my cup of tea :-P. NicM 15:22, 3 February 2006 (UTC).


 * Well, nobody has said the like the colours, so I guess no toes will be stepped on if you edit the colours here: http://en.wikipedia.org/wiki/Portal:Free_software/box-header


 * Other design help is needed too. There used to be a string of 10 or so logos across the page, which looked pretty good, but they were deleted for some procedural reason which I didn't have time to contest.  I liked that idea because it was widely inclusive.  The logos were GNU, Firefox, Tux, OpenBSD, GCC, FreeBSD, X.org, GNOME, OpenOffice.org, and KDE.  One thing I would like to avoid is copying the French or German designs (GNU + Tux). Gronky 15:38, 3 February 2006 (UTC)
 * I've altered them slightly to avoid light text on light backgrounds or dark on dark, which are hard to read. It may look better if the borders/titles were the same colour as the links, if that is possible. A very very pale text background may serve to add interest, but it'll look ugly where you have images (such as the OpenBSD logo) which are on white backgrounds. I would avoid scattering logos about just on principle: too many will look cluttered, and you can't add everything. I'd just keep an eye out for appropriate places to add images, for example the FSF logo would probably go well in the terminology box. NicM 15:56, 3 February 2006 (UTC).


 * Speaking of featured articles, may as well link the proposed frontpage summary, so others can tweak it. It's at Wikipedia_talk:Tomorrow's_featured_article, as the page says, there's no voting involved, but any constructive editing would be nice.  Janizary 20:01, 3 February 2006 (UTC)

Additional ideas
I think that it may be nice to add in a bit about how the project is structured, I'm not volunteering for it of course, just throwing the idea out, as I've not even finished my work on the OpenBSD history article. I don't think we can get away with the Theocracy pun, but talking about how de Raadt has the final say on anything done in the system, how contributors can get commit bits and eventually become central developers that make key contributions to various areas of the system may be nice for anyone reading. Janizary 08:51, 7 February 2006 (UTC)
 * I'm not opposed to having a paragraph about this, but are there any sources? Where would you see it fitting into the article? NicM 09:36, 7 February 2006 (UTC).

POV Issues
The Secuirity and Code Auditing section seems to have a POV, especially comments regarding attitudes of other developers. Arnob 17:32, February 10, 2006


 * Could you be more specific as to what is point of view? Janizary 21:41, 10 February 2006 (UTC)
 * If you don't come up with some specifics about what you consider POV, I will remove the tag. The only attitudes I can see of any developers is a quote from Marc Espie, who is an OpenBSD developer and is attributed in the article, and the quote is hardly controversial. NicM 23:50, 10 February 2006 (UTC).
 * I don't see the point either. What is POV or debatable in comments regarding attitudes of other developers ? Please, give details else it won't be fixed. 81.57.42.108 01:20, 11 February 2006 (UTC)
 * The article contends that OpenBSD developers go out of their way to ensure that their code is secure, while developers of other systems do not. Stating that one of OpenBSD's chief focus is secure code, and commenting in detail about the efforts undertaken by the OpenBSD communitty to ensure security, without alluding to the practices of other OS developers would be less POV. Arnob
 * And how many audits has the Linux kernel had? Or tcpdump?  Or Apache?  How many of those projects have created their own secure functions, which have propagated to other projects?  How many GNU daemons are privsepped or chrooted?  It's not point of view when it's verifiable, backed up fact.  It may just make everyone else look like slackers, but that doesn't negate it's validity.  Janizary 06:44, 11 February 2006 (UTC)
 * I've changed it and removed the tag. If you have any other other concerns, a note here would be more useful than declarding a dispute without any basis. If the issue does turn out to be disputed, adding the tag a day later when that becomes apparent will not do any harm. NicM 09:32, 11 February 2006 (UTC).
 * I've re-read the section about code auditing with your comment in mind, and didn't found any assertion (even implicite) about other system that wouldn't try to improve security. There are only two comments about other projects in this section: about tcpdump and apache being modified to integrate specific OpenBSD features, and about DragonflyBSD having a common policy with OpenBSD on K&R programing style. Neither underqualify other projects, but provides objective and verifiable statements about OpenBSD methodology. Nothing like (even implicits) "OpenBSD is the best for security" or "OpenBSD is better than XYZ" or "XYZ undertake security". Are you sure that your comment don't reffer to an old version of this section ? 81.57.42.108 13:42, 11 February 2006 (UTC)
 * It does now, since I changed the offending text this morning :-). NicM 16:12, 11 February 2006 (UTC).
 * I dunno, noone during the FAC run even blinked at that path of least resistance bit, Arnob1 is the only person that has complained. Janizary 19:03, 11 February 2006 (UTC)
 * True, but he is still right it can be expressed in a less POV way. There is no real need for a comparison to others here, however vague it may be. NicM 21:41, 11 February 2006 (UTC).
 * Sure, yet one of the points that kept coming up with the FAC and peer review was that there wasn't enough comparisons. Janizary 22:00, 11 February 2006 (UTC)

So...
How's this technical shit coming along? And your history page blows. Hell, I could do the two of them faster than you monkeys. What happen, relatives of both of you die? You die? There was a flurry of work on the article and then this sputtering death throw. Where's the passion? Where's the editors? 65.95.125.69 07:27, 15 March 2006 (UTC)


 * Oh, and nice work on the aricle, by the way, I just hate to see it go unfinished, it looked like the throng of people was going to really make something magic, then it got featured and died. 65.95.125.69 07:28, 15 March 2006 (UTC)


 * Feel free to do so if you think you can do it faster than them, it's not like they're being payed to do it or anything. And you're so going to hell if a relative of either really did die.  Nate 08:17, 17 March 2006 (UTC)

Openwall
Why not link Openwall in the See alsos? Tinfoil hat systems should be linking one another in the See alsos because of their relation to one another, like, PaX should link OpenBSD and OpenBSD should link PaX (and grsecurity, Adamantix, TrustedBSD extensions to FreeBSD). I think it makes sense because of the related goal of security with them all. 65.94.60.22 22:54, 16 March 2006 (UTC)


 * Why don't you make the edits yourself? This is a wiki, after all... Dysprosia 07:43, 17 March 2006 (UTC)
 * Because I reverted it. This is not the place for links to projects with only a tenuous connection or vaguely similar goals to OpenBSD. That is what pages like Security focused operating system and Category:Computer security are for. There are far too many security projects to link to each other directly unless there is a particular connection. Just having vaguely similar goals and/or implementing a few of OpenBSD's features is not enough.
 * I mean, where do you stop? If you're going to include all security projects, what about all operating systems? or all code auditing projects? all BSD license or open source proponents? The page is long enough without filling the see also section with loads of hardly relevent links.
 * In any case, Openwall is a terrible one to pick, since the Openwall Project article says almost nothing and certainly nothing related to OpenBSD. If it had a big "Comparison with OpenBSD's security features" section it might be les tenuous and more worth it. NicM 07:54, 17 March 2006 (UTC).


 * You've got a point, perhaps there could be a category for security operating systems, thus taking out the need to make a list of them all. Nate 08:16, 17 March 2006 (UTC)


 * So that's a no, huh? 65.94.59.17 04:14, 21 March 2006 (UTC)

well you can see the people in charge of this page want it to be openbsd centric...no mention of the disadvantages, such as a lack of mandatory access controls... —This unsigned comment was added by 131.181.251.66 (talk • contribs).


 * Ridiculous assertions. No one is "in charge of this page". If you want to add criticisms, you're welcome to do so, as long as it's sourced and clear. Dysprosia 10:32, 30 March 2006 (UTC)
 * Well, add it then. I'll even get you started: I suggest a few hundred words under "Security and code auditing" starting something like...
 * "Unlike other operating systems, including FreeBSD and Linux with the SELinux extensions, OpenBSD lacks any fine-grained security engineering mechanisms such as user-defined access control lists (ACLs) and a mandatory access control (MAC) framework. Bob Bobson of Bob's Security Co. has claimed that this makes OpenBSD "a useless piece of shit wot I wouldn't touch with a barge pole,(insert reference here)" and pointed out that "everyone and his dog requires ACLs nowadays;" OpenBSD developers have countered with assertions that ACLs and MAC are a load of crap, way too complicated and overengineered for the average case, useless for the majority of users and impossible to configure with sane defaults(insert more references here)."
 * You could even discuss systrace if you felt like it. Just note that references are not optional. NicM 11:17, 30 March 2006 (UTC).


 * MAC has nothing to do with security, it's more for administration. 65.95.124.5 22:16, 2 April 2006 (UTC)

Puffy
The images of the Puffy mascot were deleted, someone registered should reupload them. 65.95.124.5 22:16, 2 April 2006 (UTC)

Boxes
We have far too many yellow boxes at the top of this page, so I've compacted all the less useful ones into one single one. Having so many you can't even see the start of the real page is horribly ugly and intimidating for new users. It would be different if all of them were important or useful but most of these are just fluff. If compacting them isn't right, we need to select which ones are really important and list the rest as archived (like Talk:Hydrochloric_acid), remove them, or list them in a different way. I'd say list the todo list as a proper section at the top of the page rather than a box, list the peer review as archived, lose the userbox one or mention it in a section, and keep the FA and the main page one. Not sure about the crypto project at all, this article is mostly not about cryptography, OpenSSH perhaps, but I'm not convinced about OpenBSD. NicM 07:17, 3 April 2006 (UTC).

Footnotes swapped
In the article "OpenBSD security features", footnotes 11 and 13 appear to be swapped, as are footnotes 10 and 12.
 * This is why you should use the new form of referencing as described in Footnotes. It's much cleaner and prevents such problems from occurring. —Michiel Sikma, 12:36, 10 April 2006 (UTC)
 * I changed it to the new system.  jaco plane  20:10, 10 April 2006 (UTC)
 * How about changing OpenBSD security features too? NicM 08:12, 11 April 2006 (UTC).

Porcupinefish
At this moment the article says that Puffy is a pufferfish. However this is inaccurate, as pufferfish do not have spines. The image is a porcupinefish which does have spines.

As a result this statement is incorrect:
 * Puffy was selected because of the Blowfish encryption algorithm used in OpenSSH and the strongly defensive image associated with some species of pufferfish, such as the porcupinefish with its spikes to deter predators.

A porcupinefish is not a pufferfish or a species of pufferfish. They are related, but not the same species or even the same family. I understand that the OpenBSD community has decided to name their logo a pufferfish, but this being an encyclopedia there should probably some note that technically the image is a porcupinefish and not a pufferfish. Janderk 12:11, 10 April 2006 (UTC)
 * Sure, that is what I intended with that phrase, modifying it to be even more clear is fine by me. The only thing that is not okay is just changing all occurances of pufferfish to porcupinefish: the accuracy of the drawing is irrelevent, Puffy is supposed to be a pufferfish (hence the name Puffy) and is always referred to as such. NicM 12:38, 10 April 2006 (UTC).
 * How about "and the strongly defensive image most people associate with the pufferfish, and with similar species like the porcupinefish which have spikes to deter predators."? Or say "Although Puffy is usually said to be a pufferfish, in fact pufferfish do not possess spikes: images of Puffy are closer to a similar species, the porcupinefish." NicM 12:43, 10 April 2006 (UTC).


 * I changed it.--JK the unwise 09:17, 11 April 2006 (UTC)

FreeBSD?
It's curious to me that not much mention is made of FreeBSD. NetBSD is mentioned in the intro, but when you stumble across FreeBSD later in the article, the first thing you wonder is, "well, if FreeBSD is free, and OpenBSD is open, then what's the difference?" A quick sentence contrasting the two, early in the article (even in the lead?) would help a great deal. Are the two ever confused? Are they in competition? Are they both free (beer? speech?)? Are they both open? Are they compatible? etc. Stevage 12:52, 10 April 2006 (UTC)
 * I've tried quite hard to avoid getting into compare-and-contrast. It isn't really what the article is for, it is hard to end (if we compare to FreeBSD, what about Linux? Solaris? Windows?), there are plenty of comparisons out there already and it is really hard to do neutrally. In my opinion it is best if people read the two articles, the project's websites, and other people's comparisons, and then make up their own mind. NetBSD is specifically mentioned because it is OpenBSD's parent and the reasons Theo broke from it need to be mentioned.
 * To answer your questions: yes, they are confused by people who do not know better; they are no more in competition than any OS with any other OS; they are both free but FreeBSD's stance is different (some would say selling out, some would say flexibility) than OpenBSD's, particularly regarding binary blobs; they are both open source; there is a high level of source compatibility (they are both originally BSD-based and both POSIX), but not binary compatible. NicM 13:00, 10 April 2006 (UTC).
 * Hmm, "people who do not know better" are the ones reading the article, aren't they?
 * No. Most people would either assume that different names means different things, or the difference would in fact be irrelevent to them. The people who should know better are the people who care that they are different, and they would be better served by reading both articles and comparing for themselves. NicM 17:05, 10 April 2006 (UTC).
 * I also really don't think there is any point in covering stuff about FreeBSD that is (or should be) mentioned in its own article. One of the major concerns with this article during the peer review and FA processes was its length, so I feel it is important to think carefully before adding content that doesn't directly inform the reader about OpenBSD. You may find Comparison of operating systems (linked to from the article's See Also) useful to get a quick overview of some of the differences and similarities. If you think there is plenty of scope for a comparison and it is appropriate for Wikipedia, how about researching and creating a Comparison of OpenBSD and FreeBSD article? NicM 13:05, 10 April 2006 (UTC).
 * Eep. I was only proposing a simple sentence to clarify any potential confusion that might arise between FreeBSD and OpenBSD, because on the face of it, they are the same thing: free, open variants of BSD. That comparison is obviously a lot more apt than Linux, Solaris or Windows. I don't want to write a comparison article - I don't know anything about either operating system, which was the entire reason for my suggestion. I'm sorry that you found it unreasonable. Stevage 16:39, 10 April 2006 (UTC)
 * I understand what you are trying to suggest but I just do not agree it is a good idea and am merely trying to explain why not. I don't really think it is possible to adequately summarise the differences between OpenBSD and FreeBSD in a few sentences without misleading generalisations or oversimplifications, and most of the similarities (such as the fact they are both derived from BSD) can be discovered by reading the first paragraph of the articles about both operating systems. There just isn't room in the article to do a comparison justice. OpenBSD and FreeBSD and NetBSD have some broad similarites (same original codebase (15 years ago, mind you), preference for BSD license, broadly similar abilities) and many many subtle and non-subtle differences in functionality, philosophy and the way the projects are organised. This kind of thing is better either with each OS's article covering it and allowing the reader to compare, or a specific comparison article. If you are not interested in doing it, that is fine, perhaps someone else will read this and think it is an interesting idea (perhaps it will grow on me and I will have time :-). NicM 17:05, 10 April 2006 (UTC).
 * I have however moved the first reference to FreeBSD up to the lead-in to the article so that it is easier to spot and click on :-). NicM 17:17, 10 April 2006 (UTC).
 * I have started a Comparison of BSD Operating Systems article. Help? Armedblowfish 11 April 2006

Theo de Raadt's dispute w/ NetBSD
Theo has thoroughly documented this on his website at http://zeus.theos.com/deraadt/coremail.html. It is basically a mail archive, and is a lot of information to sift through, but is certainly not "unknown". —The preceding unsigned comment was added by 24.250.100.34 (talk • contribs). .
 * Yes, we are not completely ignorant and have seen this. However, this mail archive is incomplete and one-sided, so there are strong doubts over whether it is a suitable source for Wikipedia. Some of the comments in it also appear to be defamatory. See the talk page archives and the FA debates for more discussion of this. NicM 14:34, 10 April 2006 (UTC).
 * I assume there has to be a counterpoint source for it though and one can be found they can both probably be included assuming that something can be found to back up their credibility as sources. Pegasus1138 Talk 20:06, 10 April 2006 (UTC)


 * No counter-point exists anywhere online. The NetBSD core at the time have never really said shit all about the situation, it's pretty much a big one sided situation, since one of the NetBSD developers at the time is suspect for the removal of a big chunk of that e-mail archive, the whole hacking Theo's server situation helped make OpenBSD a security-focused system.  65.95.124.63 20:13, 10 April 2006 (UTC)
 * What few sources there are are referenced in the article already. What do you feel the article leaves out that the coremail archive contains? NicM 07:49, 11 April 2006 (UTC).
 * While the introduction is certainly biased, there is also a large, overwhelming amount of raw email. To me, it seems to boil down to this:
 * Theo was rude on a number of occasions, and for about a year the rest NetBSD core team asked him to be be more polite. They then asked him to either resign or be removed, so that he would no longer represent NetBSD in an official capacity. This also meant that he would no longer be able to directly access the source tree. Theo was a brilliant coder, and especially contributed the the SPARC port, and was offended that his source-access priveleges were revoked because of politics. The NetBSD team thinks that he can contribute just like anyone else without source tree access, if he wants to. Eventually, there was a compromise nearly reached regarding cvs-log and cvs-diff permissions, but Theo wanted cvs-commit as well. At one point Theo sends a large amount of code that includes changes he has made, but because he doesn't have access to the source tree, he doesn't know if it will fit in. There was an offer that Theo could have an account with cvs source access again if he agreed to be more polite and communicate better, but Theo did not agree and considered it more of an ultimatum. Theo and a couple other people begin work on sparc by themselves. The new NetBSD sparc maintainer would like access to it, but Theo is upset that a previous contribution from him was added without credit to himself. The argument heats up, and there's something about mailbombing and publicizing the argument. They get mad at Theo for not publicizing his code, and he gets mad at them for expecting him to do so when, as he puts it, they have stolen his baby. The argument stays heated, with people strongly supporting both sides, and Theo founds OpenBSD after he gets a new and better internet connection.
 * I know that's jumbled, and may have slight POV problems, but I thinks it's a fairly good summary of what the emails say. Armedblowfish
 * Yes, and it is plausible and approximately what many people believe happened, but it is not backed up by any more sources. If we can find other sources for the detail in your summary, then we can include the detail. The coremail archive is certainly incomplete, and Theo has made allegations that it was modified by someone who broke into his system. It doesn't help that the NetBSD folks are not talking. The strongest source on the fork is Peter Wayner's book and even it is fairly one-sided, and he skims over the coremail file as "a seven-month-long flame war". It may be possible to include more information from it, but basically any theory boils down to Theo's renowned abrasiveness, and personality conflicts caused by this. NicM 07:44, 12 April 2006 (UTC).
 * We have been through this before, the article has been through several revisions with other material both from coremail and from Peter Wayner's book, but they have all been changed, either because they were too POV one way or the other, or because they were defamatory against Theo or against NetBSD core, with only an email archive on Theo's site as evidence. NicM 07:48, 12 April 2006 (UTC).
 * If something that were "Theo's perspective" was to be included, perhaps it would make more sense to put it in the article on Theo de Raadt, with appropriate disclaimers. Also, it may have been modified. I remember seeing emails regarding some sort of "save all mail" policy when I looked at the archive a long time ago, but I can't find it now. But I have no evidence for that. 24.250.100.34 12 April 2006 That was me (forgot to sign in). Armedblowfish

Proper spelling
Before I get reverted again: may I offer that Dutch spelling conventions say that the first article or adposition in a Dutch name should be capitalised when the first name is omitted? One would write either "Theo de Raadt" or "De Raadt". Will apply changes later today. Will wait. Olav L 14:06, 11 April 2006 (UTC)
 * No. This article is in English. De Raadt is capitalised only at the start of the sentence. NicM 14:23, 11 April 2006 (UTC).
 * Please don't turn this into another silly revert war a la license/licence. The current form is acceptable and Wikipedia policy is to not make unnecessary changes of style. NicM 14:27, 11 April 2006 (UTC).
 * This article is in English, but English does not have spelling rules for Dutch names as far as I am aware. I was certainly not planning to get into a revert war, that's why I am coming to this talk page. The current form however, is wrong and just looks silly to any Dutch person who has learned to write properly. Have a look at Capitalization, as well (the rule does not apply only to "van"). Olav L 14:45, 11 April 2006 (UTC)
 * Your way looks silly to many native English speakers. Either is perfectly correct in English, so there is no reason to change. NicM 14:53, 11 April 2006 (UTC).
 * I'm not sure how correctly spelled names could look silly to anyone. But I do not care enough about this article to make this into an issue. Have it your way, then. Bye. Olav L 16:03, 11 April 2006 (UTC)
 * You are missing the point. They are correctly capitalised in English, as either form is acceptable. Only in Dutch would this be incorrect. NicM 16:23, 11 April 2006 (UTC).
 * Well, since both are acceptable, why not go to the Dutch form? Or ask Theo de Raadt which he does?  65.95.127.109 23:06, 12 April 2006 (UTC)
 * Because Wikipedia policy is to not make unnecessary changes of style. Ask Theo if you like, but if he even cares I would be surprised. Anyway, we do not necessarily follow what Theo does; there is considerable evidence the OpenBSD project prefers to use the American spelling of licence, but we still use licence despite either being acceptable. NicM 07:21, 13 April 2006 (UTC).

Criticisms
A section which is missing is the criticisms, so for the aid of anyone with the balls to write one, I am plopping out the ones I can think of:


 * command line installer, I prefer it since it's so clean and fast, but some people want pretty graphical ones and is therefore a criticism
 * lack of a unified buffer cache, slows some stuff down
 * limited scope of the ports tree, more the fault of lazy users than of the operating system, but sure
 * cost of CDs, rather than downloadable ISOs
 * Theo de Raadt's leadership of the project
 * OpenBSD's control over OpenSSH development (yes, I've seen people complain about it not having it's own foundation)
 * the use of the BSD licence rather than the GPL
 * limited platform support on the CDs and too much platform support on the CDs (I have seen both being a point of whining)

I think since many sections are two parters, this stuff could be set up with the todo list's technical overview. Anyone else got some? 65.94.57.226 22:25, 13 April 2006 (UTC)
 * I suggest expanding the existing paragraph on criticism in the Uses section to cover these issues (the ones that aren't mentioned already anyway), but sources and rebuttals are needed. A few points:
 * The last point is silly minor bickering and not worth mentioning (Most people wish they would support their favourite things and delete things they don't use, but that doesn't mean we should discuss it).
 * The ISOs is answered in the FAQ so it should be easy to cover although I think that should go in the Distribution section where ISOs are already mentioned.
 * I think the BSDL thing should be answered in the Licensing section if what is there now is not adequate.
 * The OpenSSH thing should be fairly easy to find evidence of, I have seen discussion of it recently. Not sure where that should go though.
 * Limited ports tree is perhaps worth mentioning, but how about discussing the relative sizes of each BSD's ports tree in ports collection instead of cluttering up this article?
 * UBC is a good point, but finding a source for the lack of it may be hard: perhaps try looking for discussions around the time the UBC branch was abandoned. I also wouldn't approach it as being a criticism in and of itself but rather as being part of the reason behind a criticism (ie "OpenBSD is slow"). IIRC Henning recently had a brief rant on misc@ about how OpenBSD is not slow for everything, that may be worth quoting.
 * Theo is a hard one to address: everyone "knows" that Theo is a bad bad nasty person and drives off all the lovely fluffy inoffensive potential contributors and donators, but there isn't really much actual, usable discussion of it beyond the odd anecdote and mailing list posts of him being short with people (I looked for some for the History section and came up not much more than Linus calling him "difficult" and a journalist being "apprehensive").
 * The installer is already mentioned in the Uses section, there may be more discussion of it out there I didn't find.
 * NicM 23:59, 13 April 2006 (UTC).

Licensing
What is this sentence supposed to mean? Does it make any sense to anyone else? I can't figure it out.
 * "Also worth mentioning is the development, after licence restrictions were imposed on IPFilter, of the PF packet filter, which first appeared[20] in OpenBSD 3.0 and is now available in DragonFly BSD, NetBSD and FreeBSD; more recently, OpenBSD releases have seen the GPL licensed tools diff, grep, gzip, bc, dc, nm and size replaced with BSD licensed equivalents."

—The preceding unsigned comment was added by 68.235.168.183 (talk • contribs).
 * I don't really understand what you find unclear here, but basically the sentence means that in addition to the other licence efforts, the replacement of IPFilter with PF is worth mentioning. This happened because IPFilter's licence was changed to be more restrictive. Also, it covers the fact that GPL licensed versions of the tools listed were removed from the source tree and BSD licensed versions were imported. NicM 21:47, 30 May 2006 (UTC).

"External links" and "Books" vs. "Notes and references"
So apparently, according to WP:EL, external link (and books too, presumably) belong in the references section if they are used in the creation/editing/verification of the article, even if they are not inline (though they can be in subsections, of course). Anyways, were the items in the "External links" and "Books" sections used in the creation/editing/verification of the article? If so, I think they should be moved to subsections of the "Notes and references" section. Armedblowfish (talk|mail|contribs) 19:50, 13 June 2006 (UTC)
 * No. It is fine as it is. NicM 20:28, 13 June 2006 (UTC).
 * To expand on this, as it is we have three clear, distinct sections without ugly subsections. Merging them even partially will make a mess. If there is something in books or external links you think deserves to be in the references, cite it explicitly with a proper reference number by including a quote or using it to back up an existing point in the article. We worked hard to get rid of all the subsections for a clear, simple ToC during the FA process, and adding them back now would be a bad idea, particularly for no real purpose. It isn't as if we have a lack of references and need to pad the section out... NicM 20:33, 13 June 2006 (UTC).
 * I see. Armedblowfish (talk|mail|contribs) 21:35, 13 June 2006 (UTC)

Excellent
Oooh, excellent work guys. Can I get some of you to work on the unix and operating system articles? Ideogram 02:52, 22 June 2006 (UTC)


 * It's so excellent, I am nominating it for the print version of Wikipedia. 65.95.127.68 14:58, 27 June 2006 (UTC)

OpenSSH
It might be nice to cover the connection between OpenBSD and OpenSSH in more detail. Maybe in its own separate section. —The preceding unsigned comment was added by 204.244.71.19 (talk • contribs).
 * Is there really more to say that wouldn't be better covered in OpenSSH? OpenBSD has a few subprojects, IMO they are better covered in detail in their own articles. NicM 16:58, 10 October 2006 (UTC).

-> I thought it was quite remarkable that the two are related; especially since openssh is widely used. So, I think more emphasis is called for. But I don't know how to bring it out in the article itself though. —The preceding unsigned comment was added by 64.114.83.92 (talk • contribs) 2006-10-11T06:18:21.
 * The facts that they are related, that this is notable and that OpenSSH is popular are already mentioned in the article. What more should it say? NicM 08:35, 11 October 2006 (UTC).

-> OpenSSH is mentioned under "Licensing", and under "Security and code auditing" and in a discussion related to the puffy fish. So that is more as in by-the-by, and not as a notable point of interest. —The preceding unsigned comment was added by 204.244.71.19 (talk • contribs).
 * The article is intentionally structured around themes rather than a lot of detail which is better covered in more specific articles. About OpenSSH, in the licensing section it says:
 * "of particular note is the development of OpenSSH, based on the original SSH suite and developed further by the OpenBSD team. It first appeared in OpenBSD 2.6 and is now the single most popular SSH implementation, available as standard or as a package on many operating systems."
 * That makes it pretty clear it is developed by OpenBSD and is notable. It's then mentioned in the other section where it is relevent, security. What else would you like the article to say about it? The key is to avoid filling the article up with guff that is better covered elsewhere, that is why we have OpenBSD security features, List of OpenBSD developers, OpenSSH, OpenNTPD, etc. NicM 18:17, 11 October 2006 (UTC).


 * Please sign your comments using the four tildes, it makes a discussion far easier to read. Also, when indenting something use a colon.  I thought the linking to OpenSSH was good enough considering how the OpenBSD article is about OpenBSD, not OpenSSH and the OpenSSH article covers it's releation to OpenBSD, and lack of relation to OpenBSM and OpenSSL pretty well, but if you have a suggestion for how to improve this, give it a shot.  Janizary 18:20, 11 October 2006 (UTC)
 * I object to a new section solely about OpenSSH—in order to make it long enough it would just be a copy of OpenSSH—but maybe enough material can be gathered for a section on "OpenBSD subprojects." Even then, wouldn't that be redundant with all the subproject articles? It'd also be pretty hard to avoid ending up with an overload of boring facts ("OpenSSH was founded by X in 199Y based on Z; OpenNTPD was written by Z in 200A based on B, etc"). NicM 18:34, 11 October 2006 (UTC).

Old stuff
I've moved the old stuff on in to archive 3, feel free to start those discussion up again here, just don't reply to them in the archive. Janizary 23:30, 2 July 2006 (UTC)

Removed bit...

 * " originally developed by former OpenBSD developer Ejovi Nuwere."

While this little factoid is true it has no place in the lead of the OpenBSD article, if anything it belongs in some of the notes in the ports collection article. Janizary 01:06, 21 September 2006 (UTC)

Potential information
Well, this year's Ruxcon is about to gear up and if the presentation, "Exploiting OpenBSD," has anything worth noting it may be good to add some stuff from or about it. This is kinda a notice to anyone who reads this and actually sees the presentation, since there has been no information on it and seems to be pretty smoke and mirrors at the moment, something vaguely about getting through all the security messures in OpenBSD, but they're not letting anything out until the presentation it seems. Janizary 14:37, 28 September 2006 (UTC)

Request for BSD/OpenBSD artwork (for Portal:Free software)
Hi. Wikipedia rules do not allow "fair use" images on non-article pages, so this means that Portal:Free software cannot use logos, mascots, etc. without explicit permission. I have some usable GNU art, and some usable Tux, but I don't want to add those until I have something else to balance out the GNU+Linux tilt that that art would give to the portal. Portal:Free_software will be applying for Featured portal status soon, and one thing is lacks is art.

I saw this page: http://openbsd.org/art4.html but the actual licence/permission terms aren't specified, and looking at Image:Paintedpuffy1000X907px.gif, it seems that commercial use is not allowed, which is an unacceptable restriction for use in non-articles on Wikipedia.

AFAICT, the only acceptable terms are:
 * public domain
 * revised-BSD-style permissive licence
 * GNU FDL

So, can anyone point me to some BSD or OpenBSD pictures which are under one of those licences? Thanks. Gronky 00:45, 10 March 2007 (UTC)


 * You can use this image:


 * It isn't an official picture of Puffy, but it has a sufficiently acceptable license for Commons. : )
 * — Armed Blowfish (talk|mail) 01:28, 10 March 2007 (UTC)
 * The above picture is from http://art.gnux.info/, which has unofficial pictures of both Puffy and Beastie. —  Armed Blowfish (talk|mail) 01:50, 10 March 2007 (UTC)


 * Great, thanks. Creative Commons by 1.0 is indeed acceptable IIRC. Gronky 02:24, 10 March 2007 (UTC)

Market share percentages add to over 100%
Article says: "The nascent BSD Certification project performed a usage survey which revealed that 32.8% of BSD users (1420 of 4330 respondents) were using OpenBSD,[10] placing it second of the four major BSD variants, behind FreeBSD with 77.0% and ahead of NetBSD with 16.3%.[11]"

32.8 + 77 + 16.3 > 100 —The preceding unsigned comment was added by 67.101.68.207 (talk • contribs).
 * People were allowed to pick multiple options. NicM 19:56, 24 March 2007 (UTC).


 * You can read a more detailed explanation at Image:Bsdusage.gif. : )  Armed Blowfish (talk|mail) 20:35, 24 March 2007 (UTC)

Is this right
NetBSD (the oldest of the three most popular BSD-based operating systems still active today, with FreeBSD being the third)

I thought FreeBSD was the oldest and then NetBSD and then OpenBSD —The preceding unsigned comment was added by 72.135.112.43 (talk) 03:05, 27 March 2007 (UTC).
 * NetBSD's first release in April 93 was a few months before FreeBSD's in December. NicM 08:46, 27 March 2007 (UTC).


 * FreeBSD started out as a bunch of patches, if I remember correctly, which makes this a bit more complex. — Armed Blowfish (talk|mail) 11:40, 27 March 2007 (UTC)
 * Both of them came from patchsets to 386BSD. NetBSD was the first to make a formal release, which is good enough for me, but it may be best just to strip out "oldest," this article isn't the place for that kind of fact. Nor is it really the place for lists of the most popular BSDs (people occasionally try to add DFLY), although its nice to mention FreeBSD and NetBSD in the first paragraph. Maybe we should just get rid of the whole section in parentheses. NicM 15:58, 27 March 2007 (UTC).
 * Sounds good to me. History and popularity can be discussed in more detail elsewhere.  For readers, the parenthetical version of the lead can be found here.  —  Armed Blowfish (mail) 01:58, 10 April 2007 (UTC)

A lot of crap
Just sorta added to it, but I think perhaps there should be a sub-page made, like the archives and todo which holds the assessment stuff, just having a link to it instead of the many templates repeating the same thing. All the stuff that mentions FA should probably be put there if it were to be done, but that ould probably mess up those templates' inner workings, how they add to various lists and whatnot, so I won't do any such thing myself. But I will leave this comment here, to fester in the minds of any who read it. 74.13.60.113 07:08, 23 April 2007 (UTC)
 * At least the small ones are now out of the way a bit, and if we do something special we have extra maintenance and people adding them back in the wrong place. NicM 08:05, 23 April 2007 (UTC).

"At present"
It's probably best not to use phrases like that, in case there isn't someone maintaining the page, if it does fall out of step with what presently is happening, would it not be best to have it state a date? Not that the people working on the article will disappear, but if they did, it would probably be for the best if everything was linked to a time, no? 74.13.57.76 23:23, 1 September 2007 (UTC)
 * Absolutely right. The preferred form is "As of (year)". I've fixed this here. Feezo (Talk) 00:27, 2 September 2007 (UTC)
 * I disagree, it just invites people to change it every year rather than just fixing it when something actually changes. But since it is policy, who am I to argue ;-). NicM 11:25, 2 September 2007 (UTC).
 * I think the idea behind the guideline is that, if left unchanged, (if people forget, or if it's printed out, or republished) the text will continue to be correct in years to come, even if it starts to sound a bit dated. The ideal solution IMHO would be to find a reference (posting by Theo or someone) that would confirm the date. We could then use "as of 20XX" with less risk of people robotically incrementing the year.  Feezo (Talk) 20:04, 2 September 2007 (UTC)
 * How about just removing the sentence entirely? Even without it it is pretty clear the removal hasn't been undone. NicM 11:29, 3 September 2007 (UTC).

UNIX versus Unix-like
Technically OpenBSD is not a UNIX, it's a BSD, and while BSDs and UNIXes share code, they are not the same. In both conventions and in the actual implementation of many tools and systems, the UNIXes are different from OpenBSD. While OpenBSD has imported a UNIX compiler, awk and many other tools, that doesn't make them a UNIX. To do that at this point would require a big pile of money, as Apple has thrown around in order to get Mac OS X's most recent release certified. I have because of this reasoning, reverted the change from Unix-like to Unix. 74.13.43.249 00:52, 2 November 2007 (UTC)


 * Agreed. That's how the article stated the situation until just a few hours before your edit. An anonymous user made this change without explaining why it should be so. (A similar change was made to the FreeBSD article.) There's also the small matter of the court battle in the 1990s, which settlement resulted in the BSDs not being able to claim to be UNIX, and which is how UNIX-like came about. Mind  matrix  14:12, 2 November 2007 (UTC)

Timeline/releases for OpenBSD
Think we can compile a list of OpenBSD releases similar to this table?

Altonbr (talk) 03:31, 25 February 2008 (UTC)


 * There is an entire article of that, along with other historical notes regarding OpenBSD. I don't see what this idea has which shows superiority over the already existing article.  74.13.29.9 (talk) 17:19, 25 February 2008 (UTC)
 * If you want to improve the existing OpenBSD timeline article, that would be really great, but including such a table in the main article would be a mistake. NicM (talk) 07:20, 27 February 2008 (UTC).

Which bootloader ?
Hi. In the page Comparison of boot loaders, the column for OpenBSD (the only BSD of the table) is nearly empty. Could some people fill it with bootloaders able to boot OpenBSD ? JeromeJerome (talk) 13:51, 13 June 2008 (UTC)

Perfection
While I'll not agree with the subject's title, it seems pretty stable. I am just sort of wondering, "out loud," I think, but the article here seems to tinge a little too close to OpenBSD's perspective to be the top of the line, doesn't it? Could this not be made a little more distanced from the project's perspective? Are there no other information sources which can be used? Hell, I am not saying that the article needs a review, but after reading it, it seemed to be something that would be in an OpenBSD book or the official website. 74.13.48.202 (talk) 11:45, 12 July 2008 (UTC)
 * Please be more specific, the article is about OpenBSD so it cannot cover viewpoints which are not connected with the project, but I don't see any areas where other viewpoints are connected but are ignored. We could perhaps include a paragraph on Linus' views (and the OpenBSD responses) in the security section, but as the article was written before his comments, it is unfair to criticise it for not including them. I'm not sure exactly where to fit this. Perhaps something like (in the last paragraph of the security section):
 * The project has a policy of continually auditing code for problems, work developer Marc Espie has described as "never finished ... more a question of process than of a specific bug being hunted." Linux kernel creator Linux Torvalds has expressed the view that a security problem is no more or less important than any bug and criticised the OpenBSD community's policy: "[T]hey make such a big deal about concentrating on security that they pretty much admit that nothing else matters to them." OpenBSD developers dismissed these comments as the words of a "troll"(Marco Peereboom msg-id <20080716190300.GK5324@peereboom.us>) with Marc Espie commenting: "It's a totally misinformed opinion ... [Fix normal bugs is] exactly what the OpenBSD project do, all the time." (Marc Espie <20080716231959.GB6918@lain.home>).
 * Thoughts? Obviously cites are to be added. NicM (talk) 18:06, 20 July 2008 (UTC).
 * I'm going to add this anyway and we'll go from there. NicM (talk) 18:30, 20 July 2008 (UTC).
 * Alright, done, with some modifications (better quotes mainly), not sure about the positioning. It might be better a bit higher in the section, but maybe better to get the discussion of the actual attitude to security and the features done before mentioning criticism of it. Hmm. NicM (talk) 19:12, 20 July 2008 (UTC).
 * Agree. The section "Open Source and Open Documentation" sounds like a teenager's account of the early history of BSD designed to sexually gratify those involved with the project. This article needs to be more subjective.


 * Suggestion for removing the "biased" words/phrases like "chastised" and "castigated" and "pointed out". The first two hint that the actions taken were unfair (with no backing), while the last one suggests that the subject of the statement is in fact correct in their argumentation (when they may not be). --198.151.13.8 (talk) 19:32, 14 July 2008 (UTC)
 * I don't agree, I think you are seeing bias where none exists. These words are neutral and used neutrally - castigated and chastised merely mean criticized, there is no overtone of correctness or incorrectness that I am aware of and the dictionary confirms this. The section carefully includes the opposing view (describing it as "disagreements", with no judgement) and I do not see where it implies the OpenBSD viewpoint on binary drivers is more correct. Making crude sexual references is not helpful. NicM (talk) 18:06, 20 July 2008 (UTC).
 * CORRECTION: "Chastised" does not appear in that section. I had a mental misfire there. —Preceding unsigned comment added by 198.151.13.8 (talk) 19:36, 14 July 2008 (UTC)

Hang on a tick, isn't the masterbating monkeys comment exactly what this article needs, in order to balance the perspective more? 74.13.28.55 (talk) 17:49, 19 July 2008 (UTC)
 * No, that comment is not criticism it is just abuse; however, some mention of Linus' view may be worth making. NicM (talk) 18:12, 20 July 2008 (UTC).