med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

414
active users

#openbsd

58 posts51 participants7 posts today

I've been reading an interesting article by Liguo Yu et. al., "Maintainability of the kernels of open-source operating systems: A comparison of Linux with FreeBSD, NetBSD, and OpenBSD" (DOI: 10.1016/j.jss.2005.08.014). Keep in mind, the article is from 2005 (published in 2006), so it would be interesting to know how things have changed since then. We are talking here about #Linux 2,4,20, #FreeBSD 5.1, #NetBSD 1.6 and #OpenBSD 3.3.
The article basically explores maintainability of said OSes judging mainly by usage of global variables.
Here's some interesting takeouts.
"Unsafe definition" is in their terms a usage of global variables between kernel modules and non-kernel modules.

Replied in thread

Brave open sources Cookiecrumbler, an AI-powered tool to automatically detect and block cookie consent banners, currently running on Brave servers, with plans to move it to the browser:
betanews.com/2025/04/27/brave-

Kdenlive 25.04 released with AI-powered background removal plugin, OpenTimelineIO import/export, refactored audio thumbnail system, ability to change the duration of multiple adjacent clips in a single action and more:
alternativeto.net/news/2025/4/
(That background removal tool is actually a pretty good use of AI, and it runs locally, so no need to give Kdenlive Internet access.)
(The ability to change duration of multiple clips at once is also pretty useful, I might attempt to update Kdenlive to get that feature, and hope it doesn't break lol.)

Joplin 3.3 released with various accessibility improvements (keyboard navigation, screen reader support, higher contrast UI elements etc.), option to collapse or expand all notebook hierarchies with a single button, run multiple independent instances for better workspace management on desktop, new search dialog for quick linking of notes, Markdown auto-replacement in Rich Text Editor, improved focus handling in modals on mobile, support for attaching audio recordings to notes and enhanced voice typing on Android, redesigned "New Note" menu:
alternativeto.net/news/2025/4/

AdGuard's CLI adblocker for Linux reached version 1.0, includes app exclusion feature, differential filter updating, interactive setup wizard:
betanews.com/2025/04/29/how-to

OpenBSD 7.7 released with performance boosts, expanded hardware support, support for Scalable Vector Extension (SVE) and enabling PAC on hardware with the new QARMA3 cipher, improved support for running the system in QEMU, kernel improvements etc.:
alternativeto.net/news/2025/4/

(more FOSS news in comment)

BetaNews · Brave open sources Cookiecrumbler to make cookie consent blocking smarterBrave just made a move that should make privacy enthusiasts pretty happy. The company has officially open sourced Cookiecrumbler, a tool designed to automatically detect and help block those obnoxious cookie consent banners you see across the Web. These pop-ups are not only annoying but, according to research, often track users even when they click reject. Cookiecrumbler aims to stop that nonsense while avoiding the headaches that can come with sloppy blocking rules.
#WeeklyNews#News#FOSS

#FreeBSD - I had to use 15-CURRENT as the video card isn't supported. Even in 15-CURRENT, trackpad doesn't seem to be working and the video performance is poor. I'll have to investigate.

#OpenBSD - better video performance, the wifi card is recognised but it seems to have some performance issues (packets lost, etc). Trackpad is not working

#NetBSD - video card is not supported, trackpad isn't working

I'll test the whole system with a Fedora, just to be sure that the hardware is ok (but a small test, yesterday, was successful).

Replied in thread

@torproject @ZDNet TBH, I'd always recommend people to use @tails / @tails_live / #Tails if they want a secure and private OS.

  • Shure in theory one could do more #secure with #OpenBSD, but that's neither easy to use for non-#IT-folks nor easy to onboard people into.

Tails by contrast just comes with #TorBrowser, @thunderbird and other nifty tools preconfigured from the get go and allows people to get started, regardless if it's a #journalist or someones' grandma who may not have her own dedicaded machine but instead uses an external SSD/HDD to just boot into her desktop and not rely on the #malware-laced #Internetcafé's #Windows installation...

Not to mention it avoids a lot of #pitfalls that other distros like @kalilinux will deliberaltely keep open because their goals are diametral to that.

OpenBSD boots and works - but it seems the trackpad isn't moving. I'm sure I can fix it as it's correctly detecting it, but I'm now testing FreeBSD.
It immediately throws a kernel panic, but this seems to the the problem:
bugs.freebsd.org/bugzilla/show
So, 15-CURRENT boots and works. I'll probably burn a 14-STABLE usb pen and continue with that.

bugs.freebsd.org274014 – hmt.ko kernel panic - Asus Expertbook B5602

Let me introduce you to aceBSD! Yesterday, while I was out grocery shopping, I saw a special offer on a final unit, and I had already been thinking for a while about getting a mid-range laptop to take with me to conferences, on trips, etc. Something small, practical, with an HDMI port, and capable of running at least one of the BSDs decently. After some careful thought, I decided to go for it today.

It's an Acer Swift Go 14 - with an Intel i5, 16 GB of RAM, and a 512 GB NVMe SSD. What I really like is that it’s compact and has a high-definition OLED screen, a good keyboard, and for the rest... we’ll see. I just used Clonezilla to make a backup of the preinstalled Windows (I didn’t even boot into it...) and I’m now installing OpenBSD. I had to disable VMD (from a hidden BIOS menu) because otherwise the installer wouldn’t detect the NVMe. It also seems to detect the Wi-Fi, but I’m proceeding with a USB-C Ethernet adapter just to be safe.

I got it at a good price, so this could be the ideal solution. Fingers crossed, and… we’ll see!

I'll keep posting about this adventure, with the hashtag #aceBSD

#OpenBSD -current has replaced its own aging (freedesktop.org compatible) pkg-config(1), originally written in Perl by ckuethe@, espie@ & jasper@, with the more modern and actively maintained pkgconf implementation.

tb@ modified src/usr.bin/pkgconf/*: import pkgconf 2.4.3

Our homegrown Perl-based pkg-config cannot cope with the giant DAGs [Directed Acyclic Dependency Graphs] arising in modern software, especially from the abseil-cpp and protobuf family. Waiting minutes for configure to complete in some ports is just awful.

Thus we're switching to the sanely-licenced, widely used pkgconf, which is actively maintained, written in a sensible dialect of C, and does not suffer from these performance issues.

Work that should happen in tree during this cycle:

  • see what we want to do with our old manual and pkgconf's
  • add pledge and unveil.

Initial work done by espie during or right after p2k23, support from many.
ok semarie

The old pkg-config implementation has now been unlinked from the build, but not yet removed from the tree.

tb@ modified src/usr.bin/Makefile: switch from pkg-config to pkgconf

leave the old pkg-config in the tree for now.

"I have yet to meet an admin who plausibly claims to never have been tripped up by their overload rules at some point."

More, and a walk down memory lane, in "The Hail Mary Cloud And The Lessons Learned" nxdomain.no/~peter/hailmary_le
#ssh #passwords #bruteforce #passwordgroping #cybercrime #openbsd #pf #packetfilter #security #guessablepasswords #hailmary #hailmarycloud

nxdomain.noThe Hail Mary Cloud And The Lessons Learned
Continued thread

In addition, a new lldp(8) companion command line utility for interacting with the new #OpenBSD lldpd(8) daemon has been added.

dlg@ modified src/usr.sbin/lldp/*: add lldp(8), a command line tool for interacting with lldpd(8).

lldp can fetch LLDP packets from lldpd and then pulls them apart and displays them.

by default it shows a brief summary of the lldp neighbor ports and systems on all interfaces, but you can request verbose info and/or info only from specific local interfaces.

now that i've done the easy part (implementing AF_FRAME and lldpd) it would be nice to get some help with the hard stuff (pretty printing strings in c).

ok djm@ deraadt@
general enthusiasm from many

Continued thread

David Gwynne (dlg@) has imported a new daemon to #OpenBSD -current, not yet linked to the build.

lldpd(8), a new LLDP (Link Layer Discovery Protocol) agent daemon.

This daemon uses the newly added AF_FRAME socket protocol type.

dlg@ modified src/usr.sbin/lldpd/*: lldpd(8): a daemon that acts as an LLDP agent on Ethernet interfaces.

lldpd uses the recently added AF_FRAME Ethernet sockets to listen for LLDP packets on all Ethernet interfaces in the system, and stores them so a lldp(8) client connecting to the control socket can fetch and display the packets.

AF_FRAME means we can avoid BPF for receiving LLDP packets, which has a couple of benefits.

firstly, BPF needs to look at all packets entering an interface so it can filter for the ones you're interested in, which is annoying for low packet/data rate protocols like LLDP. AF_FRAME is handled late in ether_input, and only after other protocols (like ip) are handled, so it's lower overhad compared to BPF listeners.

secondly, attaching a BPF filter to new interfaces relies on having access to and the privileges to open /dev/bpf, while AF_FRAME provides a wildcard listener that is able to receive LLDP from all interfaces on a single socket, like how binding to on 0.0.0.0 with an AF_INET socket let's you receive packets for all the IPs on your system from a single socket. lldp can create and configure this socket when it starts up just use it from then on. this means lldpd is simpler and needs fewer privileges to operate than if it went the BPF route.

at the moment lldpd only handles LLDP packet reception on all interfaces, you can't disable reception on interfaces yet. it also doesn't transmit LLDP packets (yet).

there is no intention of implementing any protocol other than LLDP in this daemon either.

ok djm@ deraadt@ general enthusiasm from many

There is no official OpenBSD Handbook.

The site claiming to be so is not from the project, and on top of just copy and pasting a lot of FAQ content (at one point) without credit, it has lots of things that are incorrect.

The amount of times I see "Well, that's what the handbook says" on reddit. :flan_rage: