puffy!
long overdue, I've finally made the switch (at least on my laptop) to OpenBSD. the security perspective was really my biggest concern, and there is large quantities of evidence suggesting OpenBSD has a huge number of advantagesin the area. I intend to evaluate as many of them as I can.I had run OpenBSD 4 or 5 years ago - it made a pretty effective firewall system (to my knowledge, at least). the os as a whole is relatively lightweight, and I was using it on some older hardware. it never seemed to struggle in any way (think the only reason I got rid of it was due to giving that computer away...)
from a philosophical perspective, the emphasis placed upon secure coding is the biggest motivator. the frequent code-reviews don't hurt any, either.
other security things I like:
* pf - a bunch of good design decisions seem to have gone in to this. writing rules for it is about the same (in terms of difficulty) as iptables
* securelevels - a bit like init levels, these are used for making various files (like the kernel) immutable at normal runtime. in theory.
* secure-by-default - policy of having everything pretty much locked down upon install. I immediately found myself wanting to tweak quite a few things as soon as I had a prompt (X has a listener up, I don't have a need for daytime/chargen, etc...), but I like the idea that if I have yet to learn about something with the system, someone else has put some effort in to minimizing my exposure.
* tools - quite a few interesting tools have already been written for OpenBSD, that I hadn't already come across in the Linux world. looking forward to porting my own code in that direction (should be fairly easy).
* community - abusive to newbies. this tends to be a quick indicator to me of something I'll come to enjoy being a part of (expect a follow-up on this, later).
I will be keeping a Linux install around on the laptop, as well. I'm not yet confident in my abilities to make OpenBSD run Linux software, and having some decent photo-editing capabilities (read: bibble) is a necessity. otherwise, it's going to be pretty stripped-down.
happily OpenBSD seems to love Thinkpads - my T43 seems very well-supported. Out of the box, it has working drivers for the Broadcom gigE and ipw2200 cards. there is a package for tpb, which works fine. no acpi support, but apm seems to work, and no configuration at all was required to make sleep (to ram) available. hibernate to the harddisk appears possible, but requires an ms-dos partition (which I haven't gotten around to building). if I happen to get bored, I might try to get the fingerprint scanner working (but porting bioapi might be painful). haven't looked in to hdaps stuff, yet, but there are rumors about it being possible as well.
there's definitely a learning curve, but it's far from insurmountable. hopefully some of you other 50 people who have acquired Thinkpads in the last year or two will consider it :)
posted by toasty @ 1/10/2007 10:48:00 PM
2 Comments:
Already tried OpenBSD on it, but It had some problem with the old Thinkpad hardware. Ill have to try again though. Literally the only thing besides Debian that would work on it was Win95. Sigh.
on the 560?? i'm fairly surprised to hear that. it's a touch older than what my first system was, though. i wanted to put netbsd on it, once upon a time - might consider that, if you're bored and have time :)
http://www.openbsd.org/i386-laptop.html might be useful
Post a Comment
Links to this post:
Create a Link
<< Home