A Few Cheers For OpenBSDA Few Cheers For OpenBSD

With all of the hollering about Linux, Ubuntu or otherwise, there's another open-source operating system that just celebrated getting a new 4.2 release out the door.  It's one that hasn't been quite as widely-celebrated as Linux but is still deeply important in its own way: OpenBSD.

The quick primer, for those not in the know: OpenBSD is one of several common flavors of BSD, another Unix-derived OS.  Linux is of course the other big "Unix-like" OS out there right now, although you quickly find out Unix-derived and Unix-like aren't the same thing.

To wit: OpenBSD was written to be more of a descendant of the "classic" AT&T Unix (and Unix in general); Linux was built from the ground up with many Unix-like features.  As one other wag put it, BSD is what you get when Unix guys port Unix to the PC; Linux is what you get when PC guys write Unix for the PC.  And as knowledgeable Apple fans will be happy to tell you, Mac OS X is itself a derivative of BSD -- or, rather, derived from the NeXTSTEP / OPENSTEP project, in turn mined from BSD.

The differences in design philosophy between BSD and Linux make for markedly different products.  OpenBSD's two big emphases are a) availability of the source code, as the name implies, and b) an unashamed insistence on security, security, security, in a proactive fashion.  By default, out of the box, OpenBSD is heavily locked-down -- and while that means a little more work for the admin to get things opened up, it also means you're that much less likely to get rooted from the git-go.  The developers constantly audit the code for possible security issues as a matter of course and not simply as a response to bug reports phoned in from the outside.

OpenBSD doesn't have the glamour of the major Linux distros.  It's not what you could call a desktop-user-friendly OS, and it works on a smaller subset of supported hardware than Linux.  That said, the 4.2 version adds support for many new devices -- and if you're running OpenBSD for the sake of stability and security, you're probably also going to use hardware that's been in the wild for a while and has proven itself (and most likely has OpenBSD support to begin with).  And most importantly, it's is deeply solid and dependable, and well-suited to tasks that need to be secure from the inside out -- perimeter security, for instance.  Calyptix's Access Enforcer, a firewall/anti-spam/-virus/-spyware/ appliance (one of many such devices) was built using OpenBSD.

So here's a few cheers for OpenBSD's new revision to the right of the decimal point.  With all the noise about Linux, it seems like a good idea to remind folks that it's not the only open-source, Unix-like game in town.  There are always alternatives, even to the alternatives themselves.