Hacker News new | ask | show | jobs
by the_trapper 3608 days ago
> Sure, and I do have to pay to get automated updates from them, but at least I know they are official. M:tier packages are not official but sort-of wink-wink-nudge-nudge. For a project living and dying on trust, it's a poor show.

Well that is because the official and ONLY supported way to patch an OpenBSD system is to compile from source. Like pretty much all of OpenBSD's documentation, the instructions to do so are very clear.

M:Tier provides a service that is merely a convenience. It is not essential and I would suspect that only a small fraction of OpenBSD users even make use of their openup script and binary package updates at all.

I suspect you are being purposely obtuse and cannot understand that the way in which your favorite $OS is not the only right way to do things.

The OpenBSD project has no obligation to provide binary updates. They provide source code patches and clear instructions of how to apply them. This is actually better for security because you can actually see what is being changed by the patch if you know a little bit about programming.
1 comments
toyg 3608 days ago
> I suspect you are being purposely obtuse and cannot understand that the way in which your favorite $OS is not the only right way to do things.

The OpenBSD project actively refuses to provide a service that pretty much any other OS project provides, so that a commercial entity can make a buck, and I am the one being purposely obtuse?

> only a small fraction of OpenBSD users even make use of their openup script

Until it relies on m:tier servers, of course. Why would I have to trust an unrelated company to update a security-conscious OS?

> This is actually better for security

This is actually worse for security because it relies on sysadmins being human robots that constantly check errata, or being faultless programmers who will never botch a hacked-together-enough-that-works custom script to get errata and apply patches. But hey, don't take it from me, hear it from m:tier themselves: "Keeping your installed OpenBSD packages up to date is hard and time-consuming. Nobody wants to read the mailing lists to spot security fixes and/or updates never mind wanting to build new packages from their ports tree and manually install them on each of their servers and/or desktops."

QED.

link