[jayofdoom]

Probably worth noting as well how many software products OpenBSD has contributed back to the overall free software world; things like OpenSSH, (edit: NOT OpenSSL), a more secure ntpd and inetd.

Even if you don't run OpenBSD, you benefit from it.

[madars]

> how many software products OpenBSD has contributed back to the overall free software world; things like OpenSSH, OpenSSL, a more secure ntpd and inetd

One of them is not like the others -- OpenSSL is not an OpenBSD project and the code quality is markedly different :-)

[protomyth]

perhaps jayofdoom meant LibreSSL.

and yes, OpenSSL is a bit of a code quality difference than the OpenBSD norm.

[nickpsecurity]

Yall don't be too nice to them. The code quality is shit. My favorite quip of all came from Ted Unagnst noticing they did endian-checks in one code that ran very often during use of protocol. He said something along the lines that they hadn't applied any sense to (important issue) but they had you covered if your CPU's endianness changed in mid-operation. No words. :)

[protomyth]

I meant my comment in the same spirit as a Southerner means "Bless your heart".

I do believe Ted Unagnt's comment is included in the https://www.youtube.com/watch?v=GnBbhXBDmwU LibrSSL first 30 days along with quite a lot of other oddities.

[nickpsecurity]

Alright lol. I lost the video but it was definitely a LibreSSL presentation at a conference. Thanks for the link in case it has it.

[notaplumber]

As others have said, OpenBSD is not guilty of creating OpenSSL.. but here are a few of their other crimes.

http://www.openbsd.org/innovations.html

^_^

[masklinn]

OpenSSL does not come from OpenBSD (the LibreSSL fork does).

[gh02t]

They didn't do OpenSSL, though I believe they started the LibreSSL fork. Still, your point is a good one.