Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Comment: Re:Time To Give It a Try (Score 2) 80

by Noryungi (#49596081) Attached to: OpenBSD 5.7 Released

[...] Maybe OpenBSD could create a section on their web site that provides documentation on the advantages of BSD over Linux as well as some advice on how to avoid common pitfalls that Linux users typically make in BSD. [...] In any event, I'm curious to see what I'll miss coming from the Linux world after spending some time in OpenBSD.
On a semi-related note: what's with replacing nginx with their own http daemon? Is the NIH syndrome spreading to OpenBSD as well?

Nope, they have explained at legnth that nginx was getting too big, and its developpers too unresponsive, for it to be a part of base anymore. That was also the case with the previous web server, which was an old version of Apache with a lot of patches.You can still install nginx from ports though and Apache is in there somewhere as well.

As far as documentation is concerned, please refer to the OpenBSD FAQ:




What will you miss? Probably not much, except for the eye candy. OpenBSD is a really good and complete OS, and its quality is excellent.

Comment: Re:New HTTP daemon (Score 4, Insightful) 80

by Noryungi (#49596025) Attached to: OpenBSD 5.7 Released

No, most people want to run a simple PHP website (Wordpress, Drupal, etc). But since almost every modern CMS and framework require at least a simple form of URL rewriting (rewrite every request for a non-existig file to /index.php), OpenBSD's httpd is a no-go.

Err... If you are running PHP on OpenBSD, you have COMPLETELY missed the point of OpenBSD in the first place.

Seriously, though. PHP?

Comment: Re:Russians still have access? (Score 2) 167

by Noryungi (#49510571) Attached to: ISS Could Be Fitted With Lasers To Shoot Down Space Junk

Oh boy, that was such a flame-bait post.

Just cool down, man, the ISS is still up there and still useful -- this (shooting space junk) is just a good example of it.

Besides, if the US Governement had invested in space research and (cheap, reliable) space access, you guys would not be at the tender mercies of the naughty naughty Russian bear. So you only have yourselves to blame here...

+ - French hosting providers stand against Intelligence Law Black Box project->

Submitted by nbs-system
nbs-system writes: French hosting providers stand united against the Black Box project. That is why we wrote an open letter to the French government asking its members to reconsider.

The “Black Box” project proposed by the French government goes, by some aspects, further than what was reproached to the US with the Patriot Act. This measure allowing the tapping, at any moment, of all the traffic of a hosting provider or an Internet service provider in the purpose of looking for potential terrorists seems relatively vain, very poorly targeted and economically counter-productive.

All this, beyond being useless in terms of results, seems to be a very bad direction to move in, regarding the confidentiality to which no one will ever be entitled to again, as well as for the fact that it will kill a part of French economy, one of the only ones still growing.

That is why we ask the French government to reconsider.

Link to Original Source

Comment: Re:Going after hosting providers is kinda dumb (Score 1) 105

Most people are against that kind of intrusion, especially if they are correctly informed about it. A lot of major newspapers in France have suddenly woken up and taken notice, as they are very much concerned they won't be able to protect their sources in the future.

Ditto for lawyers and many other institutions.

So there is hope after all...

Comment: Re:you can use that letter as weapon (Score 1) 105

These companies already have a sgnificant presence (data centers) in other european countries.

There are countries, in Europe, that protect their citizen's privacy a lot better than France. Germany comes to mind, for instance.

Plus, apart from the existing infrastructure, nothing is going to prevent these companies from moving -- a data center is a data center, anywhere in the world.

Comment: Re:Figures (Score 2) 105

run WHERE? To Russia? Or China? Yeah, no monitoring going on there.

OVH is based in the North of France and has mentioned they would move to Belgium. This is one of the biggest hoster in Europe, so it could be a big deal.

Gandi, which is one of the biggest Registrar in Europe, has said it would move to Switzerland.

I don't know about the others.

Comment: Re:Just another reminder to use LibreSSL (Score 1) 64

by Noryungi (#49293403) Attached to: OpenSSL Security Update Less Critical Than Expected, Still Recommended

AFAIK, OpenSSL is Apache Licensed and LibreSSL is, well... BSD-Licensed.

If you accept an Apache-style license, I really don't see why LibreSSL's BSD is a problem.

You had a better argument when it came to the fact that OpenSSL is still active. Or, at least, that there is activity in the project, including some projects to audit the whole thing.

Comment: NUKE IT FROM ORBIT (Score 5, Funny) 170

by Noryungi (#49282429) Attached to: Not Quite Dead: SCO Linux Suit Against IBM Stirs In Utah

It's the only way to be sure.

OK, that was easy, but, seriously? SCO is still... acting up? Moving? I thought that thing (and the other... er... thing) and the one before that were settled?

Like, drive a wooden stake through its heart? Bury the head and body separately? What is wrong with the world when fsck SCO is still at large?

Come on, IBM, do everyone a favor: crush them like a bug. Please. I don't know, open a Kickstarter or something, I'll send you money and you a send me a Big Blue T-Shirt with little penguins on it. Please, make it stop. Please, I beg you. Pleeeeeeaaaaaaseeeee, I can't take it anymore! It's not the suspense, it's just the sheer idiocy of it all.

Comment: Gandi (Score 1) 295

by Noryungi (#49281737) Attached to: Ask Slashdot: Advice For Domain Name Registration?

'nuff said. Gandi is easy, fast, reliable, and above all honest: no hidden fees, no surprises, and all the functions you need.

I use it for all my domain registration, and I have never ever had a complaint with them. I have no idea if their hosting offers are as good as the DNS registration, though, and I have heard some bad things on their VPS. Make of that what you will.

I have been trolling Slashdot for about 15 years and respect the views of the users here more than anywhere else. I would love to hear your advice and/or warnings in this matter.

Flattery will get you nowhere.

Comment: Re:Not the time... (Score 3, Interesting) 69

by Noryungi (#49244995) Attached to: OpenSSL To Undergo Massive Security Audit

LibreSSL is a great project, but they ripped out portability along the way.

Excuse me??!! Just like OpenSSH, they release a portable version, and the official release note says:

This release also includes a binary package for convenience integrating LibreSSL on Windows platforms, and the latest source tarball is signed with GPG and signify for easier integration into existing build systems.

We are talking about Windows, here... Sure, if you are into Windows 3.11 and VMS, LibreSSL is less portable than OpenSSL. But seriously, who even uses these two anymore??!!

OK, I'll grant you that LibreSSL is not a complete replacement for OpenSSL just yet. OpenBSD devs prefer working on their favourite OS, and I can't blame them. This being said, I would not be surprised if, in a couple of years, the rest of the world has switched to LibreSSL and forgotten the older version -- just take a look at OpenSSH... ;-)

Comment: Re:I'm gonna FREAK! (Score 5, Informative) 69

by Noryungi (#49244943) Attached to: OpenSSL To Undergo Massive Security Audit

Oh, really? A trainwreck?

Explain this, then: [Source is here]

The following CVEs were fixed in earlier LibreSSL releases:
              CVE-2015-0206 - Memory leak handling repeated DLTS records
              CVE-2014-3510 - Flaw handling DTLS anonymous EC(DH) ciphersuites.

            The following CVEs did not apply to LibreSSL:
              CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record
              CVE-2014-3569 - no-ssl3 configuration sets method to NULL
              CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA

Let's see... 5 CVE were either fixed in LibreSSL or did not apply to it. That's not too bad for a "trainwreck".

And what about that little dig at NetBSD? Hmmmm... You mean some people take stuff from OpenBSD and make it less secure? The plot thickens.

Oh, and by the way, that OpenSSH thingie? Yup, it came from the last "open source" version of SSH, the commercial software. In other words, OpenBSD devs took something already existing and made it better. Hmmm... I think you just don't know what you are talking about...

Listen, you can find OpenBSD programmers annoying and even call them "masturbating monkeys", but they know their stuff. Period. Calling what they do a "trainwreck" is hyperbole at best and just plain untrue at worst.

This being said, to get back on topic, auditing OpenSSL is not a bad idea. Far from it.

Lavish spending can be disastrous. Don't buy any lavishes for a while.