Articles about openbsd

Someone threading the needle

OpenBSD disables Intel’s hyper-threading over CPU data leak fears

OpenBSD has disabled Intel’s hyper-threading technology, citing security concerns – seemingly, Spectre-style concerns. As detailed in this mailing list post, OpenBSD maintainer Mark Kettenis wrote that “SMT (Simultaneous Multi Threading) implementations typically share TLBs and L1 caches between threads. “This can make cache …
Simon Sharwood, 20 Jun 2018
Meltdown bug

OpenBSD releases Meltdown patch

OpenBSD's Meltdown patch has landed, in the form of a Version 11 code update that separates user memory pages from the kernel's – pretty much the same approach as was taken in the Linux kernel. A few days after the Meltdown/Spectre bugs emerged in January, OpenBSD's Phillip Guenther responded to user concerns with a post …
Random numbers

NetBSD, OpenBSD improve kernel security, randomly

The folks at NetBSD have released their first cut of code to implement kernel ASLR – Address Space Layout Randomisation – for 64-bit AMD processors. The KASLR release randomises where the NetBSD kernel loads in memory, giving the kernel the same security protections that ASLR gives applications. Randomising code's memory …
OpenBSD logo

That's random: OpenBSD adds more kernel security

OpenBSD has a new security feature designed to harden it against kernel-level buffer overruns, the "KARL" (kernel address randomised link). The changes are described in this note to an OpenBSD developer list penned by founder and lead developer Theo de Raadt. The idea is to randomise how the kernel loads, so that kernel …
OpenBSD logo

Microsoft Azure adds OpenBSD support. Repeat. Azure adds OpenBSD support.

Microsoft has extended BSD support in Azure. The company added a FreeBSD 10.3 VM to the Azure marketplace last year, after building and testing an image so that users could feel confident the OS would be officially welcomed and run well in the Redmondian cloud. Now it's added support for OpenBSD 6.1 after collaborating with …
plasters cover arm. photo by shutterstock

Got an OpenBSD Web server? Better patch it

OpenBSD and two of its SSL libraries need patches against a pair of denial-of-service bugs that can crash Web-facing servers. The first is in the operating system's SSL implementation, specifically in the HTTP daemon. An advisory says that daemon can be crashed with repeated SSL renegotiation. A single renegotiation thread, …
 French bulldog puppy wears plastic devil horns and cute expression. Photo by Shutterstock

OpenBSD 6.0 lands

OpenBSD developers might be keen on the 1980s in their artwork, but not in their operating system: Version 6.0 has just landed, and the maintainers have killed off VAX support. Apart from a logo that pays homage to the cover art for the iconic album The Wall, there's a fair amount of new stuff landing in OpenBSD 6.0. W^X – …

OpenBSD website operators urged to fix mind-alteringly bad bug

Someone has offered* OpenBSD's maintainers an important peace-of-mind patch for the operating system's HTTP daemon. It's not a security exposure they've fixed, but something vastly worse: the daemon defaulted to Comic Sans for its 404 “page not found” messages. You think that's not bad? Here's how Peter Krantz, who fixed the …
Mambo Unlimited's gold bug. Pic: Steve Caplin

LibreSSL emits new versions, says not vulnerable to OpenSSL bug

LibreSSL sysadmins should keep an eye on their mirrors for a soon-to-land update. Announced on Friday, the bug-fix release covers a couple of important vulnerabilities. The big vuln it plugs is to remove the SSL_OP_SINGLE_DH_USE flag (which meant the operator could be left off), to get rid of a possible man-in-the-middle …
OpenBSD 5.7 logo

OpenBSD's native hypervisor emerges

The native OpenBSD hypervisor promised in September has emerged. Kernel dev Mike Larking has posted news of the hypervisor, but hosed down expectations along the way. “An early rough cut of the vmm subsystem is now in the tree,” he wrote. “This includes both the kernel parts and userland parts.” “I'm not going to explain all …
Simon Sharwood, 23 Nov 2015

Untamed pledge() aims to improve OpenBSD security

Linus Torvalds may have used the Washington Post to drop a bucket on the “masturbating monkeys” of OpenBSD, but they seem insular enough not to care overmuch. In a set of slides posted at, one of the project's founders, Theo de Raadt, has set down the principles behind one of the projects that Torvalds dislikes – …

OpenBSD source tree turns 20 – version 5.8 of project preps for show time

OpenBSD's source tree just turned 20 years old. Today the project has 322,000 commits and contributions from more than 350 hackers since 1995. Its founder, Theo de Raadt, may be known for his cantankerous outbursts, but he's currently in a reflective and even – dare we say it – celebratory mood. de Raadt gave us a flavour of …
Team Register, 18 Oct 2015
OpenBSD 5.7 logo

Native hypervisor coming to OpenBSD

OpenBSD kernel developer Mike Larkin has let it be known he's working on a native hypervisor for the operating system, with the OpenBSD Foundation's support. Larkin's posted news of the effort, writing that it's needed because “choosing to port an existing vmm just didn't make a whole lot of sense.” “For example, I've been …

Microsoft rains cash on OpenBSD Foundation, becomes top 2015 donor

Microsoft has handed a pile of money to the OpenBSD Foundation, becoming its first-ever Gold level contributor in the process. "This donation is in recognition of the role of the Foundation in supporting the OpenSSH project," the Foundation said via a post to the OpenBSD Journal website on Tuesday. The exact amount of the …

LibreSSL crypto library leaps from OpenBSD to Linux, OS X, more

The OpenBSD project has released the first portable version of LibreSSL, the team's OpenSSL fork – meaning it can be built for operating systems other than OpenBSD. The LibreSSL project, which aims to clean up the buggy and inscrutable OpenSSL code, was founded about two months ago by a group of OpenBSD developers, so it only …
Neil McAllister, 12 Jul 2014
Left out.

Thanks for nothing, OpenSSL, grumbles stonewalled De Raadt

OpenBSD founder Theo De Raadt said OpenSSL maintainers appeared to have intentionally not informed it about dangerous vulnerabilities found in the platform and patched today. The apparent feud stems from the April break away LibreSSL which was forked after developers found the OpenSSL code base to be unacceptably insecure in …
Darren Pauli, 6 Jun 2014
OpenBSD logo

OpenBSD founder wants to bin buggy OpenSSL library, launches fork

In the wake of the Heartbleed bug fiasco, members of the OpenBSD project have forked the popular OpenSSL library with the aim of creating a new version that they say will be more trustworthy. Even though OpenSSL is open source software, for a full two years its entire development community managed to overlook the crucial bug …
Neil McAllister, 22 Apr 2014

Gnome Foundation runs out of cash

The Gnome Foundation, overseer of the Gnome user interface, has run out of cash. The news isn't entirely bad: the Foundation says one of the programs it runs, the “Outreach Program for Women (OPW) … has proven to be extremely popular”. OPW engages interns who Gnome must pay on a regular schedule. But “incoming payments from …
Simon Sharwood, 13 Apr 2014

Create a news alert about openbsd, or find more stories about openbsd.

Biting the hand that feeds IT © 1998–2018