log☇︎
500+ entries in 0.237s
feedbot: http://qntra.net/2020/01/openbsd-mail-server-opensmtpd-allows-remote-exectution-of-arbitrary-shell-commands-as-root/ << Qntra -- OpenBSD Mail Server OpenSMTPD Allows Remote Exectution Of Arbitrary Shell Commands As Root
BingoBoingo: Worked on OpenBSD's weirdo GCC 2-ish thing back before OpenBSD got the bozo bit.
asciilifeform: BingoBoingo: to add extra lulz, without any 'kiss and tell' , i.e. per d00d's own www -- http://www.contravex.com/2017/08/10/unboxing-and-set-up-of-nosuchlabs-fuckgoats-on-macos-openbsd-linux/ -- seems like we sold him only 2... so he went and picked up 3 moar, so that he could this
asciilifeform: http://btcbase.org/log/2019-01-03#1884066 << aand to properly round off the thread, that box nao runs openbsd ( which worx 100% ) , for nao. ☝︎
trinque: I've noticed some problems with tls connections on openbsd using sbcl and cl+ssl, here and elsewhere actually.
mircea_popescu: so yeah, openbsd was kinda-maybe cool for even a few months, possibly. if they hadn't started taking http://btcbase.org/log/2018-11-27#1875466 BEFORE the thing was even born, and giving them policy positions too! and similarily lisp, before they all went http://btcbase.org/log/2018-08-18#1842812 / http://btcbase.org/log/2017-04-09#1641207 ☝︎☝︎☝︎
phf: recently carmack donated to openbsd, they made a very big deal out if it being "the first individual silver level donor"
mircea_popescu: but it's not exactly clear what relationship there is, between the 2015 died-anyway would-be openbsd continuator, and the 1990s "fuck windows" alf's-apple-notion competitor.
mircea_popescu: trinque in summary, the thing flew as such : 1. de raadt announced "openbsd dead as going concern without like 20k" ; 2. nobody cared ; 3. somebody brought it here ; 4. i paid his 20k ; 5. complex face-saving dance of usg commenced, very much blueprint for all later http://btcbase.org/log/2018-11-26#1874881 ; 6. i told them exactly how unimpressed i am. which i still am. ☝︎
trinque: the openbsd folks took openssl and forked it, does not need openbsd to build
a111: Logged on 2017-09-29 16:34 mircea_popescu: trinque except you gotta maintain openbsd now.
asciilifeform: mircea_popescu: there's an 'openbsd-branded' item, 'libressl', quite similar to the hairball carried along in trb but weighing slightly less
mircea_popescu: anyway, i suppose this is the issue, i had mental image similar to what asciilifeform discusses, "openbsd the ancient artefact" ; was discussion more about usg.openbsd replacement in recent years ?
a111: Logged on 2018-06-29 01:57 mircea_popescu: if anyone still cares, freebsd 6.82%, openbsd 93.17%
a111: 1079 results for "openbsd", http://btcbase.org/log-search?q=openbsd
mircea_popescu: !#s openbsd
trinque: much as the openbsd folks shoot themselves in the foot politically, I don't know that I trust them less than w/e derps contribute to openssl
trinque: libressl is being decrufted by the openbsd folks, result of which is that several pretty nasty bugs in openssl didn't affect libressl since they forked it. I can't vouch for the work, and it's certainly up for debate.
BingoBoingo: OpenBSD 3.?
asciilifeform: Mocky: https://www.openbsd.org/faq/pf/ << subj
BingoBoingo: It ran openbsd fine, runs a linux fine now, FreeBSD was flakey last time I tried it on this one
verisimilitude: There's bits of GNU, Linux, OpenBSD, Solaris, K&R C, and other nonsense strewn about; there's Perl programs generating MIPS assembler; C programs that clearly invoke undefined behavior and so only work by chance; and other such things.
verisimilitude: I mostly use it as an OpenBSD Emacs machine.
phf: theoretically, i think it was whatever gnat came with openbsd packages, since that was easiest thing to spin up on the machine in question.
mircea_popescu: "yes it's true telco gear is mostly openbsd box with nics glued on ; but it's also true that is mostly old ; replacing it, when it happens, is mostly with nobusisms baked by the chinese to order, and it's a tough racket."
a111: Logged on 2017-06-05 16:13 mircea_popescu: http://btcbase.org/log/2017-06-05#1666045 << the way the lizards expect the shit to work is exactly in the way mp -saves-openbsd worked : as seen moneyz. recall the story of the us embassy spending a whooping 50k to start an "empire" of fake news tv stations etc ?
a111: Logged on 2017-06-05 16:13 mircea_popescu: http://btcbase.org/log/2017-06-05#1666045 << the way the lizards expect the shit to work is exactly in the way mp -saves-openbsd worked : as seen moneyz. recall the story of the us embassy spending a whooping 50k to start an "empire" of fake news tv stations etc ?
mats: https://marc.info/?l=openbsd-tech&m=153504937925732&w=2
asciilifeform: same as openbsd.
mod6: i about spit out my mineral water when I saw the wired/openbsd link
mircea_popescu: if anyone still cares, freebsd 6.82%, openbsd 93.17% ☟︎
danielpbarron: i was wearing my openbsd shirt that read "Keep calm and abandon OpenSSL"
phf: http://btcbase.org/log/2018-04-19#1803375 << i have ipsec subnets to essentially identical openbsd installs, but egress is to wan. i use pf to route specific things through the ipsec subnets. i've never benchmarked it though. it's good enough to watch an occasional regioned youtube, or pull a torrent at 5mbit saturation ☝︎
phf: ckang: so i had a lot of throughput problems when i started doing this, back when budged option was to flush consumer router firmware with a linux, but when i built this router i was already tmsring, so it's running openbsd and is more sekuriti oriented
mircea_popescu: ckang you know the ancient story of how openbsd got saved from death ? it was eerily similar.
trinque: phf: openbsd version? better fan control got merged in recent versions.
phf: i can probably put that machine on ssh, but it's been sitting in a closet and wildly spinning the fans, so i wonder if there's something i need to tweak in openbsd to keep it from doing that..
phf: diana_coman: output from powerpc g4, openbsd, identical to what x86 machine produces http://p.bvulpes.com/pastes/nLkau/?raw=true
a111: Logged on 2018-02-05 15:20 phf: asciilifeform: by the way, freebsd's ports system (i tried it on a machine that can actually compile things, unlike x60) is a little bit more configurable than pkgsrc/openbsd, so you can actually disable dbus in emacs or firefox! but the lulz of lulz, firefox depends on gtk3, where you can't configure out dbus, so presumably it gets pulled anyway.
phf: asciilifeform: by the way, freebsd's ports system (i tried it on a machine that can actually compile things, unlike x60) is a little bit more configurable than pkgsrc/openbsd, so you can actually disable dbus in emacs or firefox! but the lulz of lulz, firefox depends on gtk3, where you can't configure out dbus, so presumably it gets pulled anyway. ☟︎
BingoBoingo: <mircea_popescu> everyone else : he leaves on the 13th, deadline to send gear his way say 5 days prior or something like that << I would like to add to the wishlist a small box capable of being a router. 2+ CPU cores, 3+ NICs, and 4-8 GB of RAM. Throw a pre clang Openbsd on there and appliancicize it.
a111: Logged on 2018-01-31 19:58 asciilifeform: http://www.openbsdfoundation.org/contributors.html << aaaaand openbsd ~immediately~ listed 'pineapple fund'. and guess who not listed at all, to this day.
a111: Logged on 2018-01-31 19:58 asciilifeform: http://www.openbsdfoundation.org/contributors.html << aaaaand openbsd ~immediately~ listed 'pineapple fund'. and guess who not listed at all, to this day.
asciilifeform: http://www.openbsdfoundation.org/contributors.html << aaaaand openbsd ~immediately~ listed 'pineapple fund'. and guess who not listed at all, to this day. ☟︎☟︎
asciilifeform: ( notably this proved impossible , without complete manual control over ~everything~, under openbsd. as per old thread. )
shinohai: !~later tell mats can report that https://wiki.gentoo.org/wiki/MIPS/ERLite-3 works flawless, no luck on openbsd
phf: mircea_popescu: our current strategy with architecture support has been "it works on my machine, but if you want it to work on your machine submit a vpatch", and it's been pretty consistently applied (e.g. my openbsd patch that's been floating independently, despite never getting vpatched).
BingoBoingo: https://marc.info/?l=openbsd-tech&m=151521435721902 y https://marc.info/?l=openbsd-tech&m=151521473321941&w=2
trinque: in this, I have (and it's trivial to) maintain own package makefiles which depend on other openbsd ports.
trinque: asciilifeform: openbsd is a tree of makefiles
asciilifeform: danielpbarron: do you have a depoetteringization recipe for openbsd ?
danielpbarron: oh, i assumed openbsd
BingoBoingo: Well, when discussing trb on Openbsd we are talking something that spans 5.5-ish and ends no later than 6.1
trinque: differently wrong on openbsd patch
BingoBoingo: Other turds from the punchbowl https://man.openbsd.org/urng.4
a111: Logged on 2017-06-05 16:13 mircea_popescu: http://btcbase.org/log/2017-06-05#1666045 << the way the lizards expect the shit to work is exactly in the way mp -saves-openbsd worked : as seen moneyz. recall the story of the us embassy spending a whooping 50k to start an "empire" of fake news tv stations etc ?
asciilifeform: losure deadline was around the end of August. As a compromise, I allowed them to silently patch the vulnerability. In hindsight this was a bad decision, since others might rediscover the vulnerability by inspecting their silent patch. To avoid this problem in the future, OpenBSD will now receive vulnerability notifications closer to the end of an embargo.'
asciilifeform: in other lulz, 'OpenBSD was notified of the vulnerability on 15 July 2017, before CERT/CC was involved in the coordination. Quite quickly, Theo de Raadt replied and critiqued the tentative disclosure deadline: “In the open source world, if a person writes a diff and has to sit on it for a month, that is very discouraging”. Note that I wrote and included a suggested diff for OpenBSD already, and that at the time the tentative disc
BingoBoingo: Well, was whining in an OpenBSd list about why OpenBSD doesn't have MORE unicode and MORE NSA SEL turds, this is their statement on paranoia
ben_vulpes: my trinqulator sez "mac mini with openbsd"
trinque: I'm still of the mind that I'd rather eat openbsd than linux
mircea_popescu: that at any future point you must be able to produce a package you're willing to label "openbsd"
mircea_popescu: trinque except you gotta maintain openbsd now. ☟︎
trinque doesn't have GB internet connection, so old G4 + openbsd works great
mircea_popescu: not even that expensive. one openbsd.
asciilifeform: !~later tell pete_dushenski http://www.contravex.com/2017/08/10/unboxing-and-set-up-of-nosuchlabs-fuckgoats-on-macos-openbsd-linux/#comment-58669
deedbot: http://www.contravex.com/2017/08/10/unboxing-and-set-up-of-nosuchlabs-fuckgoats-on-macos-openbsd-linux/ << » Contravex: A blog by Pete Dushenski - Unboxing and set-up of NoSuchlAbs FUCKGOATS on MacOS? OpenBSD? LINUX!!
mod6: <+trinque> http://btcbase.org/log/2017-08-06#1694394 << portage will sit down on BSD. I plopped it onto openbsd sometime earlier this year. << interesting. ☝︎
trinque: http://btcbase.org/log/2017-08-06#1694394 << portage will sit down on BSD. I plopped it onto openbsd sometime earlier this year. ☝︎
a111: Logged on 2015-07-08 16:36 mod6: <+gernika> mod6 I've attempted syncing on OpenBSD again and am now past block 168000 and have reached 185126. It's going very very slowly though. << good to hear though
asciilifeform: went away on linux ( and apparently openbsd ) from locks patch, and that was the end of the thread
mod6: <+asciilifeform> mod6, phf didja see 168kisms on openbsd? << not me, but others did, see: <+BingoBoingo> http://btcbase.org/log-search?q=168000
asciilifeform: mod6, phf didja see 168kisms on openbsd?
BingoBoingo: But yes, phf makefile mod powers my OpenBSD builds.
mod6: <+phf> that's because you didn't try to simply use the patch to makefile that i posted on the list << i've had a trb openbsd since you posted this yes.
asciilifeform: i had a year+ of unsuccess with openbsd
BingoBoingo: RIPBSD https://marc.info/?l=openbsd-cvs&m=150109829003860
asciilifeform sets the final bozo bit on openbsd and everyone involved
mod6: <+asciilifeform> i'm about to attempt openbsd gnat << sweet, let me know how it goes, i've got a obsd box.
asciilifeform: i'm about to attempt openbsd gnat
asciilifeform: http://btcbase.org/log/2017-07-18#1686184 << there were experiments with openbsd, but iirc it is not a currently supported os. so answer is linux unless you're willing to port. ☝︎
asciilifeform: 'To maintain transparency, I am not a OpenBSD Foundation director, so you'd have to ask them... Encouragingly, I have heard discussion about some policy for public recognition of large donations, and I suspect that would handily cross the threshold' << lol!!
a111: Logged on 2017-07-13 14:33 andreicon: openbsd led to mircea popescu donation 20k
a111: Logged on 2017-07-13 14:29 andreicon: i was looking up openbsd
andreicon: openbsd led to mircea popescu donation 20k ☟︎
diana_coman: what were you after re openbsd?
andreicon: i was looking up openbsd ☟︎
asciilifeform: even claims to work in openbsd.
a111: Logged on 2017-06-18 19:25 pete_dushenski: asciilifeform: not yet. pretty much struck out on heathen osen (osx and openbsd) and my linuxbox is mid-rebuild. replacing fans and having a hell of a time finding screws that fit the deeper "noctua" units. it's still on the list but not there yet.
asciilifeform: http://btcbase.org/log/2017-06-18#1671888 << oughta ask phf, perhaps he has this pill ( iirc has both openbsd and crapple in active use ) ☝︎
pete_dushenski: asciilifeform: not yet. pretty much struck out on heathen osen (osx and openbsd) and my linuxbox is mid-rebuild. replacing fans and having a hell of a time finding screws that fit the deeper "noctua" units. it's still on the list but not there yet. ☟︎
asciilifeform: 'Uninitialized memory has been used as a source of entropy to seed random number generators in OpenSSL, DragonFly BSD, OpenBSD, and elsewhere.10 If accessing an indeterminate value is undefined behavior, however, compilers may optimize out these expressions, resulting in predictable values.' << bonus lol
mod6: <+asciilifeform> ^ d00d pushing 'onerng' over FUCKGOATS, with argument that the former 'is open source, mathematically verifiable, ...drivers for all current os, even openbsd...' while the latter 'no drivers, connection using obsolete medium - serial port, limited entropy' << limited entropy?! herp.
asciilifeform: ^ d00d pushing 'onerng' over FUCKGOATS, with argument that the former 'is open source, mathematically verifiable, ...drivers for all current os, even openbsd...' while the latter 'no drivers, connection using obsolete medium - serial port, limited entropy'
asciilifeform: meanwhile, in other excavations, https://www.security.nl/posting/505769/Random+Bit+Generator+voor+zelfbouw >> 'Het ontwerp is volledig open source, het geleverde product is te verifiëren zodat je kunt zien dat er niets is toegevoegd of weggelaten, de randomization is wiskundig verifieerbaar. Er zijn drivers voor eigenlijk alle gangbare operating systems, zelfs voor OpenBSD, en dat voor een prijs van USD 40. Die onderbouwing zie ik n
mod6: my openbsd lappy is fvwm, i love it.
asciilifeform: in other noose, nobody on planet3 seems to know how to disable serialport flowcontrol on openbsd.
mircea_popescu: http://btcbase.org/log/2017-06-05#1666045 << the way the lizards expect the shit to work is exactly in the way mp -saves-openbsd worked : as seen moneyz. recall the story of the us embassy spending a whooping 50k to start an "empire" of fake news tv stations etc ? ☝︎☟︎☟︎☟︎
sina: mircea_popescu: something dumb like "what's openbsd"
sina: mircea_popescu: do you knnow why I am here today? because earlier this week I was telling a friend about this time a crazy Romanian saved OpenBSD with a bitcoin donation