Wednesday 31 December 2014

And to conclude this 2014 year ...

Hi folks,

In right time, the new BSDMag issue arrived. It contains many well written and interesting topics ... Dtrace, Python tips and my article about HardenedBSD, focused this time on my contributions mainly. Even if I am less "stunned" than with the first article, it is still amazing to me to appear in this excellent magazine. As always, was a great pleasure to write it.

So, I wish you the best for the following 2015 year ;-)

Labels: , , , , ,

View David Carlier's profile on LinkedIn

Thursday 25 December 2014

2014 retrospective

Hi folks,

Almost the end of 2014 ... When I recall what happens this year, I feel pretty good. Since I decided to contribute to Open Source projects, I put my small mark in operating systems used by many, increased my operating systems knowledge (obviously the BSD ones mainly, a bit Linux too), made valuable contacts like HardenedBSD guys (especially Shawn Webb and Oliver Pinter), some core FreeBSD committers like Baptiste Daroussin, some BSD Mag folks ... Wrote some articles for BSD Mag (since the last time I wrote another one which will be published in January).

To summarize :

- Kea project merged my PostgreSQL support + my fixes.
- Slighty later, DragonflyBSD merged upstream my spinlock patch.
- HardenedBSD folks decided to get me involved on their project.
- EuroBSD Con 2014, especially the Shawn Webb's conference. Although a bit disappointed that Vitosha room's videos are not available yet.
- Since then I ported some OpenBSD libc functions, updated arc4random (both kernel and userland ones). First work of Ptrace hardening support.
- Got interested on Stack Smashing Protection and studied BSD and Linux choices.
- I started to port LibreSSL (the real version, not the portable one ...), which led me to get interested in assembly (x86-64 mainly). That compiles already, still need refinement later.
- Some security fixes/patches for FreeBSD were merged upstream.
- One fix for OpenBSD is merged upstream.

Since then,  FreeBSD/HardenedBSD and OpenBSD are my main operating systems and now I know them much better, I had reconsidered a bit my opinion about the whole BSD thing.

1/ I consider OpenBSD better now, the whole source code has very good quality, clear, less "patchwork" than some other operating systems. Of course, the security focus attracts me pretty much. In base, I particularly like relayd and httpd (both from reyk@), it took me few hours to update the yacc parsing part (config) + the code update to make a custom version which use both Device Atlas API.

What blocks me to use OpenBSD more :
- Lack of real modern filesystem (like ZFS/Hammer 2).
- Cannot do serious virtualisation, nothing comparable to bhyve, no Virtualbox (I do not think it ll happen anytime soon) ; it is a feature I use very often (if not daily), uses lot of different operating systems more or less "exotic" ... cannot live without ...

The fact that OpenBSD is slower than FreeBSD does not bother me too much though.

2/ FreeBSD is still my preferred BSD among all (I run only HardenedBSD flavour now). I appreciate a lot ZFS, Dtrace, bhyve ... Even just the latter is amazing by itself ... The fact that clang is in base too (I hope OpenBSD will do the step one day) ... Not to mention the specific HardenedBSD features like ASLR, segvguard and so on ... Few things bother me a bit (like cddl code but it is understandable for realistic reasons ... I can imagine the big amount of work required to make a full BSD comparable version from scratch).

3/ DragonflyBSD ... I still like this one, regarding the (much) smaller community they represent, they make great work (great Haswell support for example).

4/ NetBSD, I have good respect for this project and runs it time in time in my VirtualBox. I do not dislike, it just does not fit totally my needs/expectations. Although I admire the fact that it can be ran as rump kernel ... Just awesome.

The fact that BSD provides both the kernel and the userland in a whole consistent part is what I like the most in a pure developer point of view. In the opposite, we have the Linux kernel then the whole "dispatched" GNU userland. Linux is not a bad operating system at all, just I like less the way it is.

So, for 2015, some new other things await me, hopefully. Great wishes to all.

Labels: , , , , , , , ,

View David Carlier's profile on LinkedIn