Language Selection

English French German Italian Portuguese Spanish


How Three BSD Operating Systems Compare To Ten Linux Distributions

Filed under

Earlier this week I posted the results of a 10-way Linux distribution battle on the same Intel Xeon system and using all of the popular and latest Linux distribution releases. Taking things further, the article today has those results complemented by results on the Xeon system for several BSD operating systems. For seeing how the BSD performance stacks up to Linux, DragonFlyBSD, OpenBSD, and the FreeBSD-based PC-BSD were benchmarked.

Read more

Unscrewed; a Story About OpenBSD

Filed under

If you’re in the packet delivery business, and you’ve never tired OpenBSD, then you’re really missing out. Pretty much everything you care about as a network guy on production networks is configured via a virtual interface. This includes CARP, IPSEC, and all manner of encapsulation and tunneling protocols. This is awesome because all the tools designed to work on interfaces, like tcpdump, work on these virtual interfaces too. So if I want to get a look at my VPN traffic, I can tcpdump enc0.

Which brings up another great point, with OpenBSD, your packet inspection and general network troubleshooting toolbox is way better. Nmap, Argus, sflow, tcpdump, snort, daemonlogger, and etc.. all the best tools are right there on your router if you want them. No need to use a packet tap, because your router is the packet tap.

OpenBSD has myriad built-in daemons for OSPF, BGP, and every other router protocol, as well as application-layer protocol proxies. OpenBSD is by far the fastest, easiest way to setup an ftp proxy that I know of. It also has a kernel-space packet filter called PF, which is crazy feature-rich and and easy to use. If you can console configure an ASA, or are an iptables user, you’ll pick up PF’s syntax in about 15 minutes. All the normal stuff like NAT, redirection, and forwarding are there. Further, PF can do things like policy routing, where you tag packets based on criteria you choose, and then make routing decisions later based on those tags. PF has packet queuing and prioritization built-in, so you can make some classes of traffic more important than others.

Read more

BSD Is Ready for SCALE 14X

Filed under

First things first: Were I to give an award for Best Presentation Title for SCALE 14X, it would clearly go to iX Systems’ Community Manager (and all-around BSD documentation queen) Dru Lavigne for “Doc Like an Egyptian” — she wins hands down, without question. Dru speaks at SCALE on Saturday, Jan. 23, at 3 p.m.

Read more

Also: openbsd laptops


Filed under
  • The Radeon Machine Scheduler Will Soon Come To AMDGPU LLVM

    Months after Axel Davy originally posted his patch-set for the SI machine scheduler to enhance the performance of AMD GCN GPUs on the open-source driver, it looks like the code will soon land in the AMDGPU LLVM back-end.

    Axel posted his work on this Southern Islands machine scheduler months ago for AMD's LLVM GPU back-end. As tests showed back in August, this scheduler helps significantly boost the performance for certain workloads. One of the Phoronix readers that tested out this scheduler at the time exclaimed, "The si scheduler is such a huge performance boost! Not only it is faster, but now radeonsi is faster than Catalyst in *all* tests, sometimes by a wide margin!"

  • LLVM / Clang 3.9 Is Now Under Development

    LLVM Clang 3.8 has been branched from trunk, thus making LLVM Clang 3.9 the new version under development.

    LLVM developers were right on time for branching LLVM 3.8.0 and they are now preparing for the LLVM 3.8 release candidate. A LLVM 3.8 RC2 release is planned meanwhile for 27 January while the official release of LLVM 3.8.0 is expected around mid-February.

FreeBSD Foundation Takes Right Steps

Filed under

First things first: I’m the new kid on the BSD block. While in the process of still figuring things out on PC-BSD — dang that Synaptics! — and finding a place to contribute in the community, I have no real handle on the nuances of the inner workings of the wider BSD community. To my self-promoting credit, I am a quick study and the learning curve is not as difficult as I imagined. On the whole, I like what I see in those contributing to BSD, especially in the way of eagerness to help new users.

However, when Randi Harper decided to bail on participation in FreeBSD as she outlined in her blog, it raises the question, “Where have we seen this before?” Taking a step back, it raises the question, “Why does this keep happening in FOSS communities?”

Before we begin to answer those questions — and answers to those questions extend far beyond this commentary — I’m less interested in the “he said, she said” of the past than in finding workable solutions to permanently removing the 500-pound gorilla in the room — the quarter-ton simian of harassment and lack of proper channels to adequately address it.

Read more

Also: LLVM 3.7.1 Released, Restores API/ABI Compatibility With LLVM 3.6/3.8

The Developer Formerly Known as FreeBSDGirl

Filed under
  • The Developer Formerly Known as FreeBSDGirl

    I’m still sad I had to leave. That is a heartbreak that will probably never go away. I’ll miss the conferences and hanging out with so many incredibly talented people to discuss an operating system and open source project that I loved. This project helped me get to where I am today. I’m not advocating that minorities don’t join FreeBSD, but I hope those in charge of the project read this and understand that they’ve got to do better. I hope someone else helps them find their way.

  • randi vs xmj

    If a volunteer project has a volunteer who is honestly so dysfunctional that he doesn’t understand why he is offensive, the project does not need him. And the volunteer needs to get help until he’s capable of behaving in a civilized manner.

  • The Empathy Gap, and Why Women are Treated Badly in Open Source Communities

    Some years ago, I contributed $1000 to be one of the seed funders of the Ada Initiative, which worked to assist women in participating in Open Source projects. That worked out for several years, and the organization had sort of an ugly meltdown in their last year that is best forgotten. There was something really admirable about the Ada Initiative in its good days, which is that it stuck to one message, stuck to the positive in helping women enter and continue in communities in which they were under-represented, and wasn’t anti-male. That’s the way we should do it.

  • Women, Let This Email Plugin Teach You to Be Confident Like A Man

    Sorry, I’m no expert, but have you ever, like, just noticed that women inject many kind of undermining phrases in their day-to-day speech?

BSD: A Brief Look Back at 2015

Filed under

This is the time of year when we look back and go, “Wow. How did this all ever happen?” Or something to that effect. And after about a month of PC-BSD daily use, the verdict so far (subject to appeal) is overwhelmingly positive with a couple of bumps (e.g., someday I will turn off tap-to-click on my touchpad).

Of course when I look back on the year, I can only look back as far as the time I have been using BSD. It wouldn’t be fair to go all the way back — one time back in the aughts, by some miracle, I got NetBSD to run on a PowerBook G3 until I updated the system and then poof — so this retrospective goes as far back as the month I’ve been using PC-BSD.

Read more

BSD Unix-like OS is Resurrected for Embedded IoT Market

Filed under

It took two decades, but BSD -- the operating system that dominated the Unix world during the 1980s and 1990s before being supplanted by the open source Linux kernel -- is now ready for embedded computing. That's according to the RetroBSD project, which has announced success running BSD on modern embedded hardware.

Read more

DragonFlyBSD Rebases Its Intel Kernel Graphics Driver Against Linux 4.0

Filed under

DragonFlyBSD's Francois Tigeot has done some more great work in allowing their open-source Intel graphics driver to be more featureful and comparable to the Linux i915 kernel DRM driver for which it is based.

While DragonFly's i915 DRM driver started out as woefully outdated compared to the upstream Linux kernel code, the work done by Tigeot and others is quite close to re-basing against the latest mainline code. With patches published recently, the DragonFlyBSD driver would now be comparable to what's in the Linux 4.0 kernel.

Read more

FreeBSD and Linux servers

Filed under

Linux server distributions get compared all the time. And in the end, the discussion typically ends up around CentOS (from RHEL) and Ubuntu (from Debian). Why is this? When Rackspace discusses Linux server options, many more distributions are mentioned: Gentoo, Arch, Fedora, etc. Let's focus on Gentoo and Arch.

Read more

Also: The Most Popular BSD Stories Of 2015

Syndicate content

More in Tux Machines

Linux 4.8.4

I'm announcing the release of the 4.8.4 kernel. And yeah, sorry about the quicker releases, I'll be away tomorrow and as they seem to have passed all of the normal testing, I figured it would be better to get them out earlier instead of later. And I like releasing stuff on this date every year... All users of the 4.8 kernel series must upgrade. The updated 4.8.y git tree can be found at: git:// linux-4.8.y and can be browsed at the normal git web browser: Read more Also: Linux 4.7.10 Linux 4.4.27

New Releases: Budgie, Solus, SalentOS, and Slackel

  • Open-Source Budgie Desktop Sees New Release
    The pet parakeet of the Linux world, Budgie has a new release available for download. in this post we lookout what's new and tell you how you can get it.
  • Solus Linux Making Performance Gains With Its BLAS Configuration
    - Those making use of the promising Solus Linux distribution will soon find their BLAS-based workloads are faster. Solus developer Peter O'Connor tweeted this week that he's found some issues with the BLAS linking on the distribution and he's made fixes for Solus. He also mentioned that he uncovered these BLAS issues by using our Phoronix Test Suite benchmarking software.
  • SalentOS “Luppìu” 1.0 released!
    With great pleasure the team announces the release of SalentOS “Luppìu” 1.0.
  • Slackel "Live kde" 4.14.21
    This release is available in both 32-bit and 64-bit architectures, while the 64-bit iso supports booting on UEFI systems. The 64-bit iso images support booting on UEFI systems. The 32-bit iso images support both i686 PAE SMP and i486, non-PAE capable systems. Iso images are isohybrid.

Security News

  • Free tool protects PCs from master boot record attacks [Ed: UEFI has repeatedly been found to be both a detriment to security and enabler of Microsoft lock-in]
    Cisco's Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks. The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub. The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems. Since the MBR code is executed before the OS itself, it can be abused by malware programs to increase their persistence and gain a head start before antivirus programs. Malware programs that infect the MBR to hide from antivirus programs have historically been known as bootkits -- boot-level rootkits. Microsoft attempted to solve the bootkit problem by implementing cryptographic verification of the bootloader in Windows 8 and later. This feature is known as Secure Boot and is based on the Unified Extensible Firmware Interface (UEFI) -- the modern BIOS.
  • DDOS Attack On Internet Infrastructure
    I hope somebody's paying attention. There's been another big DDOS attack, this time against the infrastructure of the Internet. It began at 7:10 a.m. EDT today against Dyn, a major DNS host, and was brought under control at 9:36 a.m. According to Gizmodo, which was the first to report the story, at least 40 sites were made unreachable to users on the US East Coast. Many of the sites affected are among the most trafficed on the web, and included CNN, Twitter, PayPal, Pinterest and Reddit to name a few. The developer community was also touched, as GitHub was also made unreachable. This event comes on the heels of a record breaking 620 Gbps DDOS attack about a month ago that brought down security expert Brian Krebs' website, KrebsonSecurity. In that attack, Krebs determined the attack had been launched by botnets that primarily utilized compromised IoT devices, and was seen by some as ushering in a new era of Internet security woes.
  • This Is Why Half the Internet Shut Down Today [Update: It’s Getting Worse]
    Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
  • Major DNS provider Dyn hit with DDoS attack
    Attacks against DNS provider Dyn continued into Friday afternoon. Shortly before noon, the company said it began "monitoring and mitigating a DDoS attack" against its Dyn Managed DNS infrastructure. The attack may also have impacted Managed DNS advanced service "with possible delays in monitoring."
  • What We Know About Friday’s Massive East Coast Internet Outage
    Friday morning is prime time for some casual news reading, tweeting, and general Internet browsing, but you may have had some trouble accessing your usual sites and services this morning and throughout the day, from Spotify and Reddit to the New York Times and even good ol’ For that, you can thank a distributed denial of service attack (DDoS) that took down a big chunk of the Internet for most of the Eastern seaboard. This morning’s attack started around 7 am ET and was aimed at Dyn, an Internet infrastructure company headquartered in New Hampshire. That first bout was resolved after about two hours; a second attack began just before noon. Dyn reported a third wave of attacks a little after 4 pm ET. In all cases, traffic to Dyn’s Internet directory servers throughout the US—primarily on the East Coast but later on the opposite end of the country as well—was stopped by a flood of malicious requests from tens of millions of IP addresses disrupting the system. Late in the day, Dyn described the events as a “very sophisticated and complex attack.” Still ongoing, the situation is a definite reminder of the fragility of the web, and the power of the forces that aim to disrupt it.
  • Either IoT will be secure or the internet will be crippled forever
    First things first a disclaimer. I neither like nor trust the National Security Agency (NSA). I believe them to be mainly engaged in economic spying for the corporate American empire. Glenn Greenwald has clearly proven that in his book No Place to Hide. At the NSA, profit and power come first and I have no fucking clue as to how high they prioritize national security. Having said that, the NSA should hack the Internet of (insecure) Things (IoT) to death. I know Homeland Security and the FBI are investigating where the DDoS of doomsday proportions is coming from and the commentariat is already screaming RUSSIA! But it is really no secret what is enabling this clusterfuck. It’s the Mirai botnet. If you buy a “smart camera” from the Chinese company Hangzhou XiongMai Technologies and do not change the default password, it will be part of a botnet five minutes after you connect it to the internet. We were promised a future where we would have flying cars but we’re living in a future where camera’s, light-bulbs, doorbells and fridges can get you in serious trouble because your home appliances are breaking the law.
  • IoT at the Network Edge
    Fog computing, also known as fog networking, is a decentralized computing infrastructure. Computing resources and application services are distributed in logical, efficient places at any points along the connection from the data source (endpoint) to the cloud. The concept is to process data locally and then use the network for communicating with other resources for further processing and analysis. Data could be sent to a data center or a cloud service. A worthwhile reference published by Cisco is the white paper, "Fog Computing and the Internet of Things: Extend the Cloud to Where the Things Are."
  • Canonical now offers live kernel patching for Ubuntu 16.04 LTS users
    Canonical has announced its ‘Livepatch Service’ which any user can enable on their current installations to eliminate the need for rebooting their machine after installing an update for the Linux kernel. With the release of Linux 4.0, users have been able to update their kernel packages without rebooting, however, Ubuntu will be the first distribution to offer this feature for free.
  • ​The Dirty Cow Linux bug: A silly name for a serious problem
    Dirty Cow is a silly name, but it's a serious Linux kernel problem. According to the Red Hat bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
  • Ancient Privilege Escalation Bug Haunts Linux
  • October 21, 2016 Is Dirty COW a serious concern for Linux?
  • There is a Dirty Cow in Linux
  • Red Hat Discovers Dirty COW Archaic Linux Kernel Flaw Exploited In The Wild
  • Linux kernel bug being exploited in the wild
  • Update Linux now: Critical privilege escalation security flaw gives hackers full root access
  • Linux kernel bug: DirtyCOW “easyroot” hole and what you need to know
  • 'Most serious' Linux privilege-escalation bug ever discovered
  • New 'Dirty Cow' vulnerability threatens Linux systems
  • Serious Dirty Cow Linux Vulnerability Under Attack
  • Easy-to-exploit rooting flaw puts Linux PCs at risk
  • Linux just patched a vulnerability it's had for 9 years
  • Dirty COW Linux vulnerability has existed for nine years
  • 'Dirty Cow' Linux Vulnerability Found
  • 'Dirty Cow' Linux Vulnerability Found After Nine Years
  • FakeFile Trojan Opens Backdoors on Linux Computers, Except openSUSE
    Malware authors are taking aim at Linux computers, more precisely desktops and not servers, with a new trojan named FakeFile, currently distributed in live attacks. Russian antivirus vendor Dr.Web discovered this new trojan in October. The company's malware analysts say the trojan is spread in the form of an archived PDF, Microsoft Office, or OpenOffice file.

today's howtos