The world doesn't live off jam and fancy perfumes - it lives off bread and meat and potatoes. Nothing changes. All the big fancy stuff is sloppy stuff that crashes. I don't need dancing baloney - I need stuff that works. That's not as pretty, and just as hard.
I actually am fairly uncomfortable about it, even if our firm stipulation was that they cannot tell us what to do. We are simply doing what we do anyways — securing software — and they have no say in the matter. I try to convince myself that our grant means a half of a cruise missile doesn't get built.
Hardware donations do not come from vendors who use OpenSSH on parts of their stuff. They come from individuals. The hardware vendors who use OpenSSH on all of their products have given us a total of one laptop since we developed OpenSSH five years ago. And asking them for that laptop took a year. That was IBM.
So the HP guy comes up to me (at the Melbourne conference) and he says, 'If you say nasty things like that to vendors you're not going to get anything'. I said 'no, in eight years of saying nothing, we've got nothing, and I'm going to start saying nasty things, in the hope that some of these vendors will start giving me money so I'll shut up'.
It's terrible, everyone is using it, and they don't realize how bad it is. And the Linux people will just stick with it and add to it rather than stepping back and saying, 'This is garbage and we should fix it.'
I think it is astounding that people could argue for "you just must trust someone else to fix it" instead of "you could fix it yourself, or hire someone to fix it." There is a contractor base out there that can solve these problems as well as or better than the major vendors could. But I think the major vendors are still having more luck at getting the ear of the press.
Well, we do not do this so that other players can make profit. We've actually been doing this for a long time and I do not know of anyone who specifically makes money off OpenBSD. They may, at best, save some money by not having to re-engineer the same software that we have already written. It is not exactly that we are letting them make a profit, but that we are doing a proper job and saving someone else from having to do the same job in a corporate setting. In our eyes, that is perhaps a waste of planet-wide engineer talents, rewriting the same thing over and over. Why can’t we just get it right once?
The only way to make it clear to him that he should not come here to our lists in the future, is to teach him a hard lesson, and that is done by continually re-adding cc's back to him -- because the mails talk about him -- even when his friends come our mailing lists and delete the his address from the cc list. Like this message, which adds him back in. Richard, you are a lying cheating hypocrite.
You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.
on the statement "Virtualization seems to have a lot of security benefits"
On December 20 , Theo de Raadt was asked to resign from the NetBSD Project by the remaining members of 'core'. This was a very difficult decision to make, and resulted from Theo's long history of rudeness towards and abuse of users and developers of NetBSD.
Adam Glass, NetBSD mailing list, December 23, 1994 .
Admittedly, I was apprehensive about interviewing Theo de Raadt.
Julie Bresnick, Newsforge, January 30, 2001.
Linus Torvalds, Forbes, June 16, 2005.
What I do know is Theo is the kind of security genius that various state secret-service organizations would love to have on their side. If he were to waltz into the Department of Defense and promise to be a good boy, I think Director of Central Intelligence George Tenet would probably jizz all over himself.
It's widely claimed that I'm "the one" who ejected Theo from the NetBSD community. That is false. At that time in NetBSD's history, Chris G. Demetriou was playing the role of alpha male, and I wasn't even given a choice. I was certain it was going to bite us in the ass. I think the question for historians is not whether it did bite us in the ass, but how many times and how hard.
Charles M. Hannum, ONLamp.com, September 14, 2006.