why BSDs got no love (and why security gets no love)

Charlie Kester corky1951 at comcast.net
Tue Dec 29 23:17:09 UTC 2009

On Tue 29 Dec 2009 at 14:51:23 PST Chad Perrin wrote:
>On Tue, Dec 29, 2009 at 12:39:01PM -0800, Charlie Kester wrote:
>> One question, however.  Are we prepared to back up the claim that the
>> "sexy" bits of PC-BSD are the least secure?  Your argument depends on
>> that claim, since it's also implied in your description of development
>> team's priorities.
>Define "we".  As I'm not a core developer for FreeBSD, nor anyone in a
>position of official representation of either the OS development project
>or the Foundation, my statements in the article should not be taken as
>necessarily indicative of anyone's opinions but my own.

I said "we" rather than "you" because I agree with your argument. :)

>The claim about the "sexy" bits of PC-BSD is based on my experience with
>tarted-up GUIs and "feature-rich" software.  It is intended as a
>generalization rather than a categorical statement of absolute truth.
>All stuffy pedantry of mine aside, though, if you want to expand on
>your concerns, I'd be happy to read about them.

I was wondering if anyone has done a study of reported security holes
and if that data supports the assertion that the "sexy" GUI stuff PC-BSD
adds was more likely to be involved than the base OS.

But even if there hasn't been any such study, I think it would be
worthwhile to flesh out your assertion with a few examples of the kind
of security problems that arise when the "sexy" stuff is used.

As I said above, I think the argument stands or falls on our ability to
defend this point.

More information about the freebsd-advocacy mailing list