WOW! This was the best presentation I ever seen about OpenBSD. I allways was wondering, what's so special. Now I know. Thanks for your time and keep up your great work.
6:58 PIEs aren't especially tied to OBSD. The guys over at Alpine Linux have also had implemented this feature years ago making their kernel safe and secure.
Hi :) Thanks for creating this content. Liked and subscribed. I currently have a server running CentOS and pi-hole and thinking about going OpenBSD and this video just gave me another nudge. Edit: Yeah.. a day later and I have a laptop and a server running OpenBSD and want to migrate the rest of my machines. OBSD is _so_ slick :D
Good video and you didn't said otherwise but a lot of those mitigations are standard in all operating systems like alsr, pie, non executable bit, kaslr, stack canaries... I just hope people will not trick themselfs into beliving those things are bsd only
ALSR, PIE, stack protectors yes, but W^X and kaslr are not standard on most Linux distros (yes some are implementing these features). FreeBSD is just barely starting to implement these things, Theo has praised Windows for implementing these thing earlier that FBSD or Linux but OpenBSD spearheaded a lot of this research. Also pledge and unveil (or something similar) and are not present in any OS as far as I know. I want to make a updated version of the video where I will address the impact of OpenBSD research and implementation of these techniques on other systems, either directly or indirectly. Thanks for watching!
@@root_dnb I think you're right about kaslr, it seems like the patch was introduced to linux in 2020 (Articles/824307 on lwn). I assumed it was standard because I saw it on a babykernel ctf challenge last year xd, but W^X is with us for over 15 years right now, otherwise we would still have simple shellcode payloads on the stack and we are past that.
OpenBSD is more secure by a long shot. HardenedBSD is more of an experimental patchset for FreeBSD. It's not very stable, and only works well on the server, not the desktop.
Sorry spambots deleted your comment, just test out both and see which works best for you. The technical side of things is always debatable, but I know both can withstand Kali Linux pen-testing.
Thank you for watching! Yeah I working on a better audio solution. I had to guerilla record this in my bathroom with a fan on because there was no quiet place in my apartment lol
You are doing God's work with these videos brother. Really appreciate all the bsd content 🙏🤙🤙🤙🤙🤙🤙🤙🤙🤙🤙🤙🤙🤙🤙🙏🙏🙏🙏🙏
Thank you so much! Your encouragement means a lot! 🙏
WOW!
This was the best presentation I ever seen about OpenBSD.
I allways was wondering, what's so special. Now I know. Thanks for your time and keep up your great work.
I am in love with FreeBSD and will be trying out OpenBSD in the near future.
You have DT's seal of approval now.. lol
What a killer intro haha, love it. As always great video.
6:58 PIEs aren't especially tied to OBSD. The guys over at Alpine Linux have also had implemented this feature years ago making their kernel safe and secure.
That's starry night by van gogh
Had to go through all them Linux including Gentoo and Funtoo to move to OpenBSD and it's amazing-ness lol
Hi :) Thanks for creating this content. Liked and subscribed. I currently have a server running CentOS and pi-hole and thinking about going OpenBSD and this video just gave me another nudge.
Edit: Yeah.. a day later and I have a laptop and a server running OpenBSD and want to migrate the rest of my machines. OBSD is _so_ slick :D
🤣 I have been watching through all of your videos and am in love with your content.. aaand just now noticed I wasn't subbed 🤦 wow.
Очень интересно. Большое спасибо. Подписался .
Derek sent me here :D
Damn. Hit that space bar harder!
Could you please make an openBSD firmware (wifi) guide for us beginners?
Good video and you didn't said otherwise but a lot of those mitigations are standard in all operating systems like alsr, pie, non executable bit, kaslr, stack canaries... I just hope people will not trick themselfs into beliving those things are bsd only
ALSR, PIE, stack protectors yes, but W^X and kaslr are not standard on most Linux distros (yes some are implementing these features). FreeBSD is just barely starting to implement these things, Theo has praised Windows for implementing these thing earlier that FBSD or Linux but OpenBSD spearheaded a lot of this research. Also pledge and unveil (or something similar) and are not present in any OS as far as I know.
I want to make a updated version of the video where I will address the impact of OpenBSD research and implementation of these techniques on other systems, either directly or indirectly. Thanks for watching!
@@root_dnb I think you're right about kaslr, it seems like the patch was introduced to linux in 2020 (Articles/824307 on lwn). I assumed it was standard because I saw it on a babykernel ctf challenge last year xd, but W^X is with us for over 15 years right now, otherwise we would still have simple shellcode payloads on the stack and we are past that.
I used OpenBSD 2.9 to 3.4 as Daily Os when Debian was 3.1 many years. If Openbsd possible work as virtualbox\vmware host, i use will be Today.
OpenBSD have virtual machines, you can even rent a OpenBSD VPS that run on OpenBSD host.
What's the difference between OpenBSD and HardenedBSD and in your opinion which is more secure?
OpenBSD is more secure by a long shot. HardenedBSD is more of an experimental patchset for FreeBSD. It's not very stable, and only works well on the server, not the desktop.
Sorry spambots deleted your comment, just test out both and see which works best for you. The technical side of things is always debatable, but I know both can withstand Kali Linux pen-testing.
@@root_dnb sounds good, thanks.
Mac OS uses LibreSSL too
a+++
first time viewer. this is great. (but please fix the audio)
Thank you for watching! Yeah I working on a better audio solution. I had to guerilla record this in my bathroom with a fan on because there was no quiet place in my apartment lol
Great video but in 0:50 it isn't picasso,it's van gogh
Why does every *Nix youtuber have to copy luke smith's terrible thumbnails
We do it just to make you mad :^)