[sumanthvepa]

Well. Given the smaller user base the *BDSs are good candidates for a very low footprint secure OS installation. In our org we use an openbsd instance to run our low traffic but extremely secure master database. The system really spartan and has a very low footprint. It is sufficiently different from Linux that the casual automated attack wont work. Things like NetBSD are a useful starting point to getting an OS up and running on a new architecture. This happens quite frequently in research settings.

[crispyporkbites]

This smells of security through obscurity to me.

Unless you’re defending against zero days (unlikely) an up to date Linux box must surely be more secure?

[mmcgaha]

I don't now what goes into the day-to-day maintenance at sdf.org, but they are able to provide public access to a NetBSD system without any major security breaches. The lore there is that before the switch from Linux to NetBSD security was a mess. Of course they made the change almost 20 years ago, so things probably are different today.

[tal8d]

sdf.org is interesting because it is one of the few services running a multi-user capable OS - and using it that way. I donated to them years ago, primarily for the complementary email address, and in setting that up I was poking around in the shell - that was the first I'd seen 'who' return a list active sessions that weren't me.