Hi! On Fri, 14 Dec 2001 08:44:47 +0800 Ian Blackburn <iblackburn@gesb.wa.gov.au> wrote: > > If you want a (Unix-like) operating system that was designed > with security in mind, you should use OpenBSD (which can be > found at: http://www.openbsd.org). > > may be we can get too carried away everything to do with computer > programming rellies upon human work so is likely to have some whole in it > somewhere That is true. Still, it is possible to program in a very safe manner -- it requires more work than "normal" programming, but it is possible. The entire philosophy of OpenBSD is that security problems are "bugs", and that good software should not have bugs in it. The entire OpenBSD team therefore decided to make sure their OS had as little bugs as possible. They audited the entire source code for several *years* and keep on searching for possible security problems all the time. Once a problem has been found somewhere, they look for the same problem everywhere and correct it if it appears anywhere else. Finally, the OpenBSD team makes sure that very few services are activated by default, and try to offer secure alternative to unsecure programs. For instance, OpenSSH is designed to replace "insecure" protocols such as telnet, rcp, and FTP. This whole process results in a very secure OS. One which is *not* perfect, but very secure indeed. You can check the "Errata" page of the OpenBSD web site -- it's quite instructive to see there are about a dozen patches *per year* for each version of OpenBSD, while I constantly receive dozens of patches *per week* for Linux. And I am not even going to mention Windows, where a single application such as Outlook has to be corrected again and again to close basic security problems. So, is OpenBSD perfect? No. Is it better than most at security? Yes. _______________________________________________ Gil Andre -- Technical Writer -- Knox Software gandre@arkeia.com _______________________________________________