On Sun, Jan 06, 2008 at 12:52:04PM +0530, Karthik Kumar wrote:
quoted text
> On Jan 6, 2008 1:22 AM, Jacob Grydholt Jensen <grydholt@gmail.com> wrote:
> > On 05/01/2008, Karthik Kumar <karthikkumar@gmail.com> wrote:
> >
> > > I use ports. I am not dumb. :P The goals do not specify "to encourage
> > > people to use
> > > non-free software", but I see that happening anyway.
> >
> > And so what? I think you were trying to prove that OpenBSD were not
> > living up to their goals. Instead you are repeating what RMS started
> > out with. Try actually showing us one of OpenBSD's goals that the
> > project is not following.
> >
> > > Your own claims?
> > >
> > > 1. (Try to be the #1 most secure operating system). Google for adobe
> > > flash player vulnerabilities.
> >
> > What are you on about? As people have tried to explain again and
> > again, OpenBSD does not ship with adobe flash player. Did you
> > understand the "Secure by Default" mode?
> >
> 
> Secure by default. Ship with nothing and call it secure. Wow! Maybe it
> shouldn't start the network by default, huh? Then that's secure, isn't
> it? Start no daemons, start no shells: ZOMG!!! it's secure :P
> 

Unfortunately for you, OpenBSD ships with a lot of things that you don't
even have in a Linux minimal install, including a compiler and software
that runs the most common services such as ssh, http, smtp, pop3, ...

It does not start the daemons because it makes *NO SENSE* starting tons
of services just to have users figure out how to disable them. Let's
apply your reasonning to real life: when you go shopping at OpenBSD
Mall, you take a cart and chose what you put in it from what's in the
store. When you go to your own store, someone hands you a cart that's
already filled up with everything, and you need to put things you don't
want back to the storages.

Your reasonning is twisted, not to say idiotic.


quoted text
> OpenBSD got pwned a year ago with another remote hole. I hope they
> find enough so they can stop bragging about 'Secure by default'.
>

This has been argued already hundreds of time...

quoted text
> Do you realize that many people just can not live with 'default'?
> Look: people do "use" OpenBSD for things other than plain old fvwm
> with xterm. And keeping security as a goal is not just for a stupid
> dubious marketing campaign.
> 

So ?
Because people install different things we should have all of it installed
and enabled by default ? You live in wonderland. 

OpenBSD is secure by default, people who run it and install applications
that come from elsewhere need to only worry about the security of these
applications because we take care of worrying for our own. If we hit a
bug, they are made aware of it and it is likely that we will find a bug
in OpenBSD before they do as we actively search them.

Security may be a final goal, but the immediate goal is to fix things to
improve quality of the code. The side effect of this is less bugs and a
better quality. You obviously know nothing about programming.

-- 
Gilles Chehade