Ahaha! It is already bad!

Wow. Understanding GNU’s man page?

BSD developers: who cares about that. And, it is already happen. Android libc use lots of code of OpenBSD libc. OpenSSH is used everywhere.

GNU’s ssh implementation seems to be some abandoned trash, even though it was started in 1998, before OpenSSH. If OpenSSH doesnt exist, we can hope that everyone will be using differently broken ssh implementations; I’d expect gnu ssh to be a buggy, unreliable implementation which support hundreds of thounsands of flags and configuration options. Workers everywhere will be punished because of their buggy implementation of ssh. Why workers in every companies have to make their own ssh implementation? They should be doing something else.

OpenBSD is the easiest to use.

supporting wine is a shame.

It can read every bit of that partition.

Why don’t more distro use LibreSSL? Why don’t more distro use mandoc? Why don’t more distro use clang?

Send diff to their lists.

The main argument is, the number of Debian’s Apparmor policies is not comparable to RHEL’s SELinux policies.

If anyone saw a guy named AnonymouseJoker posting on any thread about GrapheneOS and criticize it, please ignore. What he is doing is spreading misinformation about an operating system that take a true approach to security. So CIA agents aka “journalists” will not find out a secure operating system to use, and then their phone can explode whenever the Chinese government want.

10 years later: De-Proton your life.

You can’t blend in with a crowd of vanadium users with the amount of data points given away by the browser. Your fingerprint will be decernable from other users. Without actual anti-fingerprinting, which theoretical can allow for a crowd only when fingerprinting of user browsers results in the same fingerprint ID, the best you can hope to do is thwart naive fingerprinting. Vanadium doesn’t have any anti-fingerprint built in, so the slightest differences between user can be used to easily fingerprint. Vanadium

Anti-fingerprinting? By blocking javascript which the half-hearted privacy users can never afford? hahahahaha. Even privacy projects spread dirty javascripts.

The host access is not actually everything

Not as restrictive as chromium’s unveil.

For home it even restrict to the downloads folder, not accessing the whole home directory.

Could you explain “filesystem-unveiled”?

Means its filesystem access is restricted.

For example, chromium on OpenBSD use the unveil(2) system call to restrict itself to /tmp and $HOME/Downloads .

Many popular flatpak applications have filesystem=host. This is equal to restrict all filesystem access and then unveil the whole filesystem.

Apps are not updated to support portals for “compatibility” or just lack of maintenance. Flatpak needs to follow their approach if they want to have many apps being supported.

Desktop Linux doesnt have the marketshare to dictate that all apps need to adopt portals. In the meantime, flathub.org has a rating system and verified checks, this is simply not well shown in KDE Discover and not sure about GNOME software.

If they can’t even enforce portals, flatpak is a new level of complexity.

So I said it is trash.

Why it is unfounded?? The sandbox is still a lie (flatseal is impractical security since it makes you become a security researcher overnight), apps are not properly filesystem-unveiled. But a new level of complexity.

I personally think it is trash…

They are better than those who cannot manage their own people.

I appreciate that they are blobfree but “no copyleft” has nothing to do with that

Blobs that are redistributable is still included. The 0x things are redistributable under BSD 3 clause license, with an additional clause prohibiting reverse engineering

Which is much free than the gpl

Actually, I think Copyleft Linux could not include blobs?

What??

It is controversial for outsider

bringing it to developers is a way to waste their time

https://www.openbsd.org/lyrics.html#42

SEE THEIR POLICY, don’t complain with me

https://openbsd.org/policy.html

They distribute a Free operating system

The original Apache license was similar to the Berkeley license, but source code published under version 2 of the Apache license is subject to additional restrictions and cannot be included into OpenBSD. In particular, if you use code under the Apache 2 license, some of your rights will terminate if you claim in court that the code violates a patent.

A license can only be considered fully permissive if it allows use by anyone for all the future without giving up any of their rights. If there are conditions that might terminate any rights in the future, or if you have to give up a right that you would otherwise have, even if exercising that right could reasonably be regarded as morally objectionable, the code is not free.

In addition, the clause about the patent license is problematic because a patent license cannot be granted under Copyright law, but only under contract law, which drags the whole license into the domain of contract law. But while Copyright law is somewhat standardized by international agreements, contract law differs wildly among jurisdictions. So what the license means in different jurisdictions may vary and is hard to predict.

The GNU Public License and licenses modeled on it impose the restriction that source code must be distributed or made available for all works that are derivatives of the GNU copyrighted code.

While this may superficially look like a noble strategy, it is a condition that is typically unacceptable for commercial use of software. So in practice, it usually ends up hindering free sharing and reuse of code and ideas rather than encouraging it. As a consequence, no additional software bound by the GPL terms will be considered for inclusion into the OpenBSD base system.