Originally posted by kpedersen
View Post
OpenBSD is an OS that takes itself very seriously in terms of security (just go read their website) but seems to be fundementally missing the point (in my humble opinion).
While their libc is pretty nice, it doesn't really compare to a heap allocator like Scudo. While pledge is cute, it doesn't compare to fully enforced MAC. While their kernel has outsanding readability, it's not resilient to a compromised driver like newer OS are (heck even Windows has been pursuing a hybrid kernel approach). The OS doesn't enforce application specific trusted computing base like so many academics projects these days.
So In my mind, it was never a security OS but always the new technology adopter. It's gotten RISC-V support when there's not even a usable dev environment. It's gotten a quality wireguard implementation very quickly. It adopted LLVM before many projects for the supported architectures. You can imagine my disapointment (after 9 years!) when there's no frame perfect display protocol when Linux has been moving towards it slowly but surely.
If for you OpenBSD is a "solid gimick free workhorse" then all the power to you, but it doesn't fulfill my technology or security scratch and it is too inconvenient for my everyday usecase.
Leave a comment: