--- begin forwarded text Resent-Date: Tue, 29 Dec 1998 11:43:47 -0500 To: 0xdeadbeef@substance.abuse.blackdown.org Subject: OpenBSD vs FreeBSD Date: Tue, 29 Dec 1998 11:47:08 -0500 From: glen mccready <glen@qnx.com> Resent-From: 0xdeadbeef@substance.abuse.blackdown.org Resent-Sender: 0xdeadbeef-request@substance.abuse.blackdown.org Forwarded-by: Nev Dull <nev@bostic.com> Forwarded-by: Satya Palani <satya@gho.st> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Date: Sun, 6 Dec 1998 20:44:53 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> Subject: Re: OpenBSD vs FreeBSD On 5 Dec 1998, Julian Assange wrote:

...

Do you really expect people here, on this list to say "Use OpenBSD" or "Use Linux" or etc?

`Use NetBSD'

Use a toaster oven. Toaster ovens have excellent network security characteristics. For example, they are not susceptible to any IMAP-based buffer overflow attacks; additionally, current toaster ovens are not known to have any bugs in their TCP/IP stacks, nor have been vulnerable to any in the recent past (according to CERT advisories, anyway). Toaster ovens require console access to perform administrative functions (such as modification of temperature settings), but this will not impede deployment in a number of environment. Toaster ovens may be vulnerable to a remote denial of service attack involving manipulation of power lines -- however, most operating systems running on standard hardware are also vulnerable to this attack. I have found that my toaster oven has served me well for a number of years, and produces excellent grilled cheese sandwiches, which is far better than my pentium running FreeBSD, largely because the cooling fan on the pentium does too good a job. Go figure. Maybe if I get a pentium pro? Neither my FreeBSD box nor my toaster oven has suffered from a security problem in a while. Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Date: Sun, 6 Dec 1998 21:44:36 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> Subject: Re: OpenBSD vs FreeBSD On Sun, 6 Dec 1998, Robert Watson wrote:

Use a toaster oven. Toaster ovens have excellent network security characteristics. For example, they are not susceptible to any IMAP-based buffer overflow attacks; additionally, current toaster ovens are not known

A friend of mine points out that toaster ovens are susceptible to a buffer overflow involving pieces of bread exceeding the safe bread limit in the oven, which can result in a fire, or at the very least, a lot of burnt bread. As such, I am no longer planning to deploy toaster ovens as web servers on our network. Apologies for any misleading details concerning the reliability of toaster ovens in hostile environments -- I hope no one has made purchasing decisions based on this misinformation! Robert N Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C Carnegie Mellon University http://www.cmu.edu/ TIS Labs at Network Associates, Inc. http://www.tis.com/ SafePort Network Services http://www.safeport.com/ --- end forwarded text ----------------- Robert A. Hettinga <mailto: rah@philodox.com> Philodox Financial Technology Evangelism <http://www.philodox.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'