How can anything be `actively unsupported'?

ERRATA NOTICE

Good morning,

Your shill welcome pack contained a misprint on page 49, section 3, the term 'C+' should be 'C++'.

Best regards,

Apple

FTFY

This sounds a lot like what securelevel(7) already does.

There is absolutely no reason to put up walls so the sysadmin can't do anything, rather than fix the bugs that let an attacker gain root in the first place.

OpenBSD doesn't want to take over the world, see the project goals. This doesn't stop their work becoming used on a large scale, but this happens because of the software's features and technical superiority.

On the other hand, many Linux advocates seem to be obsessed with the idea of world domination. I've seen these people choose Ubuntu for reinstall/upgrade jobs when their friends and family would genuinely be more comfortable, and better off, with Windows or OS X.

Decide for yourself which is the more noble goal.

Maybe I'm wrong, but if the mail server isn't crap it should give up root privileges as soon as possible. So, to get root you need to do two things.

1) Exploit a bug in the mail server
2) Exploit a bug in the operating system to gain root privileges

If MAC is part of the operating system, and can therefore contain operating system bugs, how does it mitigate step 2? How does it mitigate it any more than an operating system without MAC?

Are you serious? The root user has ultimate power by definition. That's been the case with *NIX for decades.

It's entirely possible that a piece of hardware you buy contains portions of *BSD code.

So maybe at some point you will use it, if you don't already, just not how you'd expect.

I'm surprised you have time to investigate other operating systems if you're thinking in MMORPG analogies. :)

When operating system code is security audited, what needs can the *NIX security model not meet?

No, Ubuntu isn't unusable because of omitting features. It's unusable because what they start with is unusable, and they have nowhere to go from there.

Much like security. You can't bolt on features after the fact and suddenly have a secure product.

That MAC is anything but bloated a waste of time.

The notion that adding security as an afterthought is a good idea.

Maybe if the article had any real merit, instead of making stupid statements that aren't true.

It's a shame the author's love affair with MAC can't help him write a decent article.

I wonder how many installations of Linux have SELinux disabled because it broke something.

I've observed the OpenBSD attitude as being anything but religious in most cases, at least compared to FSF/GNU folk, and far closer to the laudable `shut up and hack'. The community may appear hostile, but successful users need to have initiative rather than being spoon fed. `RTFM', or a milder equivalent, is often the best way to encourage that.

That article has been posted several times on *BSD mailing lists and is hardly relevant to the release of a new version.

I wonder if an article criticizing the security of Slashdot's darling OS, Linux, would receive such positive moderation on a release story.

Even with the new CD protection, it is still trivial to copy the contents of CDs.

One simply needs to connect the "analog" output of their CD player to a recording device (PC w/soundcard) and the protection can be circumvented.

As long as we are allowed to hear the music, it will always be copied.

There is no way of preventing music piracy short of bolting headphones to peoples heads!