Forgot your password?
typodupeerror
BSD

Interview: Ask Theo de Raadt What You Will 290

Posted by samzenpus
from the go-ahead-and-ask dept.
Theo de Raadt was a founding member of NetBSD, and is the founder and leader of the OpenSSH and OpenBSD projects. He is currently working on OpenBSD 5.5 which would be the projects 35th release on CDROM. Even though he'd rather be hiking in the mountains or climbing rocks in his free time, Theo has agreed to answer any question you may have. As usual, ask as many as you'd like, but please, one question per post.
This discussion has been archived. No new comments can be posted.

Interview: Ask Theo de Raadt What You Will

Comments Filter:
  • NSA (Score:3, Interesting)

    by Anonymous Coward on Wednesday March 05, 2014 @12:24PM (#46409079)

    Has the NSA scandal changed the status of the OpenBSD project?

  • NSA Involvement (Score:5, Interesting)

    by jazman_777 (44742) on Wednesday March 05, 2014 @12:25PM (#46409105) Homepage
    Given the pervasive nature of NSA compromising, do you know of any attempts by the NSA to put in backdoors or otherwise compromise OpenBSD--either by approaching you directly, or by infiltration?
  • Sparc64 and Oracle (Score:5, Interesting)

    by kthreadd (1558445) on Wednesday March 05, 2014 @12:38PM (#46409273)

    I recently needed a free software operating system that could replace Solaris on a couple of Sun UltraSparc machines. After testing out the relatively small number of alternatives I found that OpenBSD had by far much better hardware support than the others. I know that a lot of this is the result from the effort your group spent a couple of years ago to get docoumentation from what used to be Sun. How would you describe collaboration with Oracle now when they run the remains of Sun, in particular around supporting modern Sparc64 based systems?

  • by See Attached (1269764) on Wednesday March 05, 2014 @12:40PM (#46409303)
    Very often we admins have to make all kinds of hacks to get OpenSSH to support Chroot and ScpOnly. Would it be possible to make it simpler for these features to be added/configured without third party tools? OpenSSH is a foundational package, and making it easier to add these features would make it all that much better. Would be great to stick to your source 100%!! Thanks for your many contributions!
  • by emil (695) on Wednesday March 05, 2014 @12:43PM (#46409335) Homepage

    I would like to run OpenBSD on the Raspberry Pi.

    I understand, sympathize, and accept your decision to avoid that platform, but what would you recommend as a stable substitute?

    The BeagleBone Black seems like the endorsed alternative, although there were stability warnings until recently. The current status reads: "There are generally still a fair number of things to do on each of these boards, however OpenBSD is generally considered to be usuable on them. The platform is now self hosting, however there is no SMP support."

    Would you point OpenBSD users interested in this hardware class at the BeagleBone Black? Any other advice? SLC media preference?

    TI has announced that it is discontinuing the OMAP line. Will Beagle move to another ARM licensee, and does that matter much for OpenBSD?

  • by smash (1351) on Wednesday March 05, 2014 @12:44PM (#46409349) Homepage Journal

    Pretty much that. My observations with FreeBSD at least have been that whilst Linux might get something FIRST, it will typically go through 3-4 (more?) iterations before the actual long term supported version emerges. Until someone decides to rewrite it anyway.

    The FreeBSD (and likely other BSD) way seems to be to design things properly first (which takes some time that Linux skips), implement and then the user-facing interface stays the same for a long period of time.

    Sometimes however, it does mean BSD gets features first. E.g., multichannel audio. Mixing has transparently happened via the FreeBSD audio driver for about 10 years now. Linux has gone through a bunch of different audio subsystems in that time.

  • by Noryungi (70322) on Wednesday March 05, 2014 @12:46PM (#46409387) Homepage Journal

    OK, tongue-in-cheek question: did you cash in all those bitcoins before Mt Gox imploded?

    More seriously: what are your thoughts on the future of ZFS, BHyve, non big-lock SMP, SMP-enabled pf (see NetBSD npf) on OpenBSD?

    Related question: what is the future of OpenSSH-based VPN functions?

    Even more seriously: in light of the recent Snowden revelations on NSA spying, can you tell us more about the audits realized after a few (past) developers were accused of creating backdoors in OpenBSD for the FBI?

    Finally, and this is not a question: all my thanks for a great OS. I use it daily and truly appreciate all the hard work.

  • by ModernGeek (601932) on Wednesday March 05, 2014 @12:46PM (#46409389) Homepage
    Last time I saw pictures, you and others were working from a home. How is everything structured now? Are you living alone and working from your house, or are there others there, too? How has this affected you long term with your personal life and relationships? What type of job did you have before OpenBSD? Assuming you did before, do you ever miss working in an office?
  • signed code (Score:4, Interesting)

    by smash (1351) on Wednesday March 05, 2014 @12:49PM (#46409437) Homepage Journal

    What are your thoughts on code signing, and do how do you see the development of such proceeding in the free unix world. In Powershell for example, i can set a system-wide policy to only run scripts if they are signed with a trusted certificate.

    This means I can, for example, delegate script development to an underling, review the script and then sign and push into production, knowing that the script will not run if it has been modified in the field without authorization - enabling proper change management process to be enforced.

    Other platforms require all code to be signed before it will run.

    Do you foresee anything like this (obviously with the master signing authority being the local site admin) for OpenBSD?

  • by geekmux (1040042) on Wednesday March 05, 2014 @12:58PM (#46409559)

    Do you realize your project would be more successful and provide more value to the community if you weren't such an asshole?

    How screwed up would the project be had he not been such an "asshole" as you describe?

    The truth hurts. Just because people can't handle it and get butthurt doesn't make the person an asshole for pointing out the truth.

    I'd also like to know how you feel about other CEO's out there that have proven far more of an asshole than Theo could do in 20 lifetimes. He's a nice guy by comparison. Trust me.

  • by unixisc (2429386) on Wednesday March 05, 2014 @01:02PM (#46409611)
    Given that a lot of the platforms that OpenBSD was ported to are now dead - such as PowerMacs, Alphas, PA-RISC and so on, are there any efforts on to port OpenBSD to non-x64 platforms that exist today?
  • by tlhIngan (30335) <slashdot AT worf DOT net> on Wednesday March 05, 2014 @01:15PM (#46409785)

    How screwed up would the project be had he not been such an "asshole" as you describe?

    The truth hurts. Just because people can't handle it and get butthurt doesn't make the person an asshole for pointing out the truth.

    I'd also like to know how you feel about other CEO's out there that have proven far more of an asshole than Theo could do in 20 lifetimes. He's a nice guy by comparison. Trust me.

    It takes a very special person to be able to be an asshole and not alienate people. Steve Jobs is a famous example, but there's also Linux Torvalds, and Theo.

    The asshole-ish nature of those people generally turns people off. However, they also have the rare ability to motivate people to doing the right thing. Jobs is an asshole, but he also managed to bring out people to do better work - he didn't accept crap if he knew it could be done better. Likewise, Linus and others are the same - they aren't afraid to call it crap.

    The problem is, a lot of people don't realize that and try to emulate them by being assholes and making life miserable for everyone without any redeeming qualities. It's those qualities that allowed them to be assholes and still get stuff done, not the other way around.

  • by tearmeapart (674637) on Wednesday March 05, 2014 @01:23PM (#46409899) Homepage Journal

    In your opinion, what does OpenBSD/OpenSSL/etc. need from the community?
    Now that you received a large donation to keep the lights on, what is next on the list of things that would help move things forward?

  • by bmajik (96670) <matt@mattevans.org> on Wednesday March 05, 2014 @05:08PM (#46412667) Homepage Journal

    Ok, so your premise, from one email altercation, is that Theo's attitude is so intense, so "he can never be wrong", that openbsd has no security advantages. Never mind that the premise is ridiculous.

    But the actual evidence suggests that internet arguing aside, openbsd eventually adopts valuable security practices and technologies that Theo initially disagrees with.

    So, what was the point of your first post, exactly?

    Are you going to modify your position on openBSD, now that you know the project incorporates outside feedback, even when they publicly disavow it at first? I mean, you're a rational guy, right?

Imitation is the sincerest form of plagarism.

Working...