OpenBSD 5.5 is released

openBSDThe developers of OpenBSD have just released version 5.5. This release includes the feature time_t being made available for 64 bits on all platforms, improvements to the installer, improved hardware support, and various changes to the network stack. In addition, there were updates in several apps such as GNOME 3.10.2, KDE 3.5.10 / 4.11.5, Xfce 4.10, MySQL 5.1.73 and Postegre SQL 9.3.2, Postfix 2.11, etc.

The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Our efforts emphasize portability, standardization, correctness, proactive security and integrated cryptography. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. OpenBSD is freely available from our FTP sites, and also available in an inexpensive 3-CD set.

To read the full release notes, head on over to this link: http://www.openbsd.org/55.html

OpenBSD takes on OpenSSL project, implements changes

The OpenBSD team has started its own fork of OpenSSL, due to the backlash from the Heartbleed bug. The new project will be called LibreSSL, and is based on OpenSSL 1.0.1g. The team has already begun working on a major clean up of the code. The following list outlines the changes they have made so far:

  • Splitting up libcrypto and libssl build directories
  • Fixing a use-after-free bug
  • Removal of ancient MacOS, Netware, OS/2, VMS and Windows build junk
  • Removal of “bugs” directory, benchmarks, INSTALL files, and shared library goo for lame platforms
  • Removal of most (all?) backend engines, some of which didn’t even have appropriate licensing
  • Ripping out some windows-specific cruft
  • Removal of various wrappers for things like sockets, snprintf, opendir, etc. to actually expose real return values
  • KNF of most C files
  • Removal of weak entropy additions
  • Removal of all heartbeat functionality which resulted in Heartbleed

Check out the full notes / comments here: https://lobste.rs/s/3utipo/openbsd_has_started_a_massive_strip-down_and_cleanup_of_openssl/comments/fkwgqw

Update – you can find real time updates on this page here: http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/

FreeBSD news and links round-up – week 44

Welcome to the weekly (Free)BSD news round-up (week 44) where we have a mix of news snippets, links, howto’s and software/package updates for you all. These tid-bits are all very interesting and news worthy, yet too small to package as individual posts.

FreeBSD News

A FreeBSD Success Story

… Then, we switched the server to a new one, quad core, sixty gigabytes of ram and two terabytes of disk. This time, I chose FreeBSD because I knew that it would work greatly ! Linux could have worked too, maybe we could have more performance, but it would not be as easy to manage as our FreeBSD box… More

FreeBSD Ports

Bernhard Fröhlich joined the FreeBSD Ports Team in October.

Releases

1. FreeNAS 8.3 User Guide

The FreeNAS 8.3.0 Users Guide is available for download as EPUB, HTML and PDF.

2. M0n0wall 1.34b1 released

Manuel Kasper has announced Beta1 of M0n0wall 1.34.

“A maintenance version in the m0n0wall 1.3 branch has been released: 1.34b1 includes the CSRF-related fixes recently made to the beta branch, as well as a few others security-relevant things. Nothing is high priority, but once 1.34b1 has received some wider testing, it will be re-released as 1.34, and 1.33 users will be recommended to upgrade.”

Software/package updates

1. FreeBSD/Raspberry Pi

Gonzo has mentions that he has moved his FreeBSD/Raspberry Pi project into FreeBSD Head / Current.

2 KNemo 0.7.4 receives major improvements for FreeBSD

KNemo is a tool that monitors the network traffic and provides a tray widget for every network interface, support for network statistics, and different icon themes.

Highlights of the release are:

• Bugs in the BSD backend has been fixed;
• Wrong traffic bug reported on FreeBSD has been repaired;
• Wrong encryption state for mixed WEP connections on FreeBSD has been fixed;
• Default gateway previously undetected on FreeBSD is now working properly;
• A monochrome icon theme has been added;
• Support for the legacy system tray icon has been removed;
• Embedded plotter code has been dropped in favor of libksignalplotter.

Websites / Social Media

As some of you may have seen already RootBSD has a new website. It looks very clean and slick and looks more ‘web 2.0′ than the previous version.

RootBSD was established with one goal in mind: to provide reliable, flexible, and supported BSD-based hosting services to professionals and businesses. Our extensive selection of FreeBSD, OpenBSD, and Linux hosting packages means there is a right package for almost everyone.

(Free)BSD Events

1. PfSense Weekend (Brazil)

There will be a classroom pfSense weekend in Porto Alegre (Brazil) from 14-16 December. More details on http://www.cursopfsense.com.br/

New FreeBSD Committers

In October 2012 the following people became new committers or were given enhanced FreeBSD update rights: Simon J. Gerraty (src), Erwin Lansing (src, ports) and Eitan Adler (src, ports, doc).

BSD / Unix Family News

OpenBSD 5.2 arrives with improved multi-core support.

The OpenBSD project has released version 5.2 of its free BSD-based UNIX-like operating system. According to its developers, the most important change in the new release is the switch from user-level to kernel-level threads. This allows programs with multiple threads to use multiple CPU cores. (via)

FreeBSD SMP scalable PF coming to FreeBSD HEAD

Gleb Smirnoff writes on the FreeBSD PF Mailing List about a some improvements he has made to make Packet Filter (PF) SMP-scalable and faster:

“As you already may now, last half a year I’ve been working on making pf SMP-scalable and faster in general. More info can be found here:

Since that announce in June, I’ve been running experimental code for more than 2 months in production on several routers. Also, some brave people volunteered to be beta-testers and also run the experimental branch in last couple of months. Code proved to be stable enough.

The new code performs better in production: less CPU load, less jitter, more responsive system under high load. It performs better under synthetic benchmarks like random generated UDP flood. It performs much better when DoS comes in.”

SSH Mastery: An Addition to Any Unix User’s Bookshelf

The first paragraph of this book’s afterword reads:

“You now know more about SSH, OpenSSH and Putty than the vast majority of IT professionals! Congratulations”.

That claim will be true for any reader of SSH Mastery who has read the book up to that point and has incorporated at least some of the elements of the configurations it describes into their own environments.

“But why a book dedicated to a single command?”, you might ask. Almost all Unixes and Unix-likes have incorporated OpenSSH, the free SSH that is developed as part of the OpenBSD project, and OpenSSH comes with excellent documentation in the form of several extensive man pages.

More

(Free)BSD quick news ‘n links (week 17)

Below some links to some FreeBSD resourses that you guys may be interested in, and other BSD related items I’ve come across.

FreeBSD

  • Chromium 10, Google’s blazingly fast internet browser, is now available in the FreeBSD Ports directory (www/chromium).
  • New FreeBSD Installer test and walkthrough. Michael W. Lucas tests the new FreeBSD installer (bsd install) and gives his feedback (incl screenshots). He likes most of the changes and improvements, but is not altogether happy yet.
  • FreeBSD 8.2-RELEASE Custom XFCE builds available. Download from freebsd-custom.wikidot.com/

DragonFlyBSD

  • DragonFlyBSD 2.10 Released. DFBSD devs have released version 2.10 with better hardware and multiple processor support. The HAMMER file system now supports deduplication.
  • DragonFlyBSD devs are looking for testers to try out the internet browser on DragonFlyBSD (Chromium for DragonFly)

OpenBSD

  • A Puffy in the corporate aquarium. There’s an interesting article on the Undeadly OpenBSD blog of m:tier, a London consultancy that works with Fortune 500 companies to equip them with OpenBSD firewalls, servers and desktops. OpenBSD has a reputation for high security and being a difficult operating system to use for new user, but m:tier helps companies to use for everything:

As a company we are very dedicated to what we do because we are “forced” to use our operating system of choice and we want our customers to be as happy as we are at using it :-)

So our paid job is hacking on and deploying, maintaining, supporting… OpenBSD installations. We are also required to hack on things that can be merged back into OpenBSD itself and when it’s not possible, then we change what we did so that it can be. Of course some developments are very specific to what we do and have no place in the project’s CVS tree.

So, amongst other services, we set up and maintain several 100% OpenBSD-based infrastructures (going from the entry site firewall to the secretary’s workstation) and this is what I’m going to talk about here.  Continues

  • MarBSD-X is a OpenBSD based Live CD with support for X (via)

BSD Certification

The BSD Certification Group (BSDCG) announced today that it has partnered with Schroeder Measurement Technologies (SMT) to increase the geographic availability of BSD certification exams. Through its sister company, Iso-Quality Testing (IQT), SMT maintains a testing center network of carefully selected partners, including college/university testing centers and computer-related businesses to provide testing services in a secure, proctored environment. Testing centers are available in over 300 cities in 19 countries. (full press release)

 

FreeBSD quick news: Amazon EC2, OpenBSD and FBI

Some exciting and eyebrow raising news items:

FreeBSD on Amazon EC2

FreeBSD developer Colin Percival announced on his blog that FreeBSD 9-CURRENT now runs on Amazon EC2:

One of my largest complaints about Amazon EC2 ever since it launched has been my inability to run FreeBSD on it. Judging from the feedback I received to two earlier blog posts, I haven’t been alone. The problems keeping FreeBSD out of EC2 have always been more FreeBSD-related than Amazon-related, however, and over the past month I’ve been hacking away at FreeBSD’s Xen code, to the point where I can say something I’ve been waiting to say for a long time: FreeBSD now runs on Amazon EC2.

There are some caveats to this. First, at the moment only FreeBSD 9.0-CURRENT can run under EC2; I haven’t merged bug fixes back to the stable branches. Second, at the moment FreeBSD only runs on t1.micro instances, for reasons I can’t discuss (NDA) but hope will be resolved soon. Third, this code hasn’t received very much testing and is almost certain to have more serious bugs, so it should be approached as an experimental, not-ready-for-production-use system for now. Full post

OpenBSD & the FBI

Theo de Raadt, project leader of the OpenBSD project, has made an email public that reveals that the FBI built a backdoor into OpenBSD’s ipsec about a decade ago.

As of yet it’s not known if any of the revelations/allegations are true and if any other operating systems are affected. We will have to wait until developers have reviewed the code. What do you think about all this? Please drop a comment at the bottom.

This subject has been picked up by many websites and blogs. Here’s a selection:

  • FBI Poked Spy Hole in OpenBSD, Says Former Contractor – technewsworld.com
  • FBI ‘planted backdoor’ in OpenBSD – theregister.com
  • FBI Accused Of Decade-Old Cryptography Code Conspiracy – forbes.com
  • Developer claims FBI implemented backdoors in OpenBSD – itwire.com