| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by nickpsecurity 3492 days ago

There were numerous examples of MAC, esp SELinux, stopping vulnerabilities. There's also plenty of examples of bugs and vulnerabilities in software with OpenBSD even fixing bugs regularly. The claim that one should reduce bugs and have damage limitation to reduce overall risk is rock solid with proof in the field.

The refrain of OpenBSD supporters is, "It's not necessary and won't help..."

The reality in field deployments, "It was and did."

QED.

1 comments

wyager 3492 days ago

> There's also plenty of examples of bugs and vulnerabilities in software with OpenBSD even fixing bugs regularly.

As the OpenBSD devs will tell you, there have only been two known vulnerabilities in default OpenBSD installs in the history of OpenBSD. This strongly suggests that having decent software quality is an effective way to prevent vulnerabilities from existing in the first place.

> The refrain of OpenBSD supporters is, "It's not necessary and won't help..."

No, the refrain is "it's better to spend effort curing the disease than treating the symptoms". If we put half the effort we put into palliative defense measures into formal verification or doing things right the first time, I suspect it would be drastically more effective.

nickpsecurity 3492 days ago

"As the OpenBSD devs will tell you, there have only been two known vulnerabilities in default OpenBSD installs in the history of OpenBSD. This strongly suggests that having decent software quality is an effective way to prevent vulnerabilities from existing in the first place."

I addressed that myth in my main comment. See here:

http://pastebin.com/6cW3FyJE

They just assess and count differently than most folks. ;)

" If we put half the effort we put into palliative defense measures into formal verification or doing things right the first time, I suspect it would be drastically more effective."

I agree being on side of high-assurance security. OpenBSD doesn't so I don't know your statement supports what they do. They systematically avoid formal verification like what you described, safer languages, coding styles for static analysis, etc. It's people from my side of things promoting or building on those. They just hunt bugs in C code by eye and hope their probabilistic mitigations always work. Totally different.