![[?]](https://media.exquisite.social/exquisite/accounts/avatars/112/405/940/164/045/336/original/6077cce05e1860af.jpg)
I am slowly coming to understand that the reason some applications crash often on OpenBSD is not the fault of OpenBSD, but the fault of poorly written applications that have tons of vulnerabilities. OpenBSD is designed to be a secure operating system as one of its main goals, and trying to circumvent these safety guardrails by "optimizing OpenBSD for desktop use" -- i.e. tweaking sysctl.conf to the max -- defeats the purpose of having the guardrails in the first place.
If you want an OS where applications are free to roam full of holes and exploits without crashing, use Linux I guess. It will happily continue to allow those poorly written programs to run, giving the user a false sense of stability. Meanwhile, I'm starting to prefer safety and security over "desktop performance at all costs". If a program misbehaves it should die, and OpenBSD will kill it before I even know it misbehaved.
...
![[?]](https://files.raphus.social/accounts/avatars/116/366/479/330/331/657/original/03ca16006c35ecbe.jpg)
@kaidenshi every day I inch closer to finally dual booting a BSD. And I thought I'd escaped the gravitational pull after that close call when I read the entire backlog of Lawrence Tratt.
...
@MaddieM4 I have OpenBSD running on a few devices, but my main desktop is Void Linux. When I finally move it to OpenBSD I won't even bother with a dual boot, I'll just go all the way. And I'm close. Really, really close! Honestly just waiting on the LibreWolf port being worked on by @libreleah to be accepted into ports and I'm there.
...
![[?]](https://media.mas.to/accounts/avatars/000/259/583/original/94ea92dec33a7f7b.jpg)
@kaidenshi @MaddieM4 for now, you can just compile my librewolf port from source. i've been told that it won't be merged for 7.9. therefore, it would be merged for 8.0, and in the mean time merged into just -current once openbsd has fully reviewed it.
they're not taking new ports in the tree at the moment, because it's locked for a few weeks. they will presumably unlock the tree after the release, which i'm informed will happen some time in the middle of May.
...
@libreleah @MaddieM4 May is great, happy birthday to me! I've been trying to get your port to compile on my secondary workstation here at the house but I'm still trying to figure out dependency stuff (I am in no way, shape, or form a developer). I think I've managed to tackle every dependency except icu-i18n. If I can't get it to build on my own I'll just use your -current port once it hits the tree since I tend to run -current anyway.
...
@kaidenshi @MaddieM4 no need to figure out dependencies. just make sure if using my master branch to be on openbsd -current. i onyl maintain that branch for current. i'll start maintaining it in tagged releases from openbsd 8.0 onward, once openbsd merges my port in -current
...
@libreleah @MaddieM4 Oh it's nothing wrong with your port, I just ran into issues building dependencies so I tried installing them as packages to both speed things up and avoid any compile issues, and that one package was being fiddly (the correct version from ports kept erroring out during compile, and (at the time I tried it the other day) the version in packages wasn't right).
Trying again right now with a fresh install of -current on my most powerful dedicated OpenBSD machine, hopefully this time it's all in place and it builds successfully.
...
@kaidenshi @MaddieM4 on my i7-4790k, the port takes about 12 hours to compile, which includes building dependencies. once dependencies are done though, building librewolf on its own takes maybe 2 hours?
...
@kaidenshi @MaddieM4 i'm contemplating whether to host a package repo for librewolf, for openbsd 7.9, since 8.0 is the first stable release that will receive my port. as i said before, they'll start merging new ports again in probably a few weeks. new ports are locked for now until the 7.9 release i think. that's the impression i got anyway. librewolf is the first openbsd port i ever did.
...
@libreleah @MaddieM4 That would be awesome and much appreciated! I still want to succeed at building it for my own personal achievement, but a pre-built package would be a boon to those of us who have been waiting years for a proper LibreWolf port. I feel like the intersection of OpenBSD enthusiasts and LibreWolf enthusiasts has to be wide and populous.
...
@libreleah @MaddieM4 In other news, all dependencies satisfied on my current iteration, and the librewolf package officially started building at 20:08 local time. It's an HP mini pc with the i5-6600T so probably similar compile time to yours, if not a little slower. Fingers crossed!
...
@kaidenshi @MaddieM4 Please do share a screenshot once you have it running!
...
@libreleah @MaddieM4 Success! Damn it feels good to run this browser on this OS. Thank you so much Leah!!
Alt...
Screenshot of my OpenBSD test machine's desktop showing LibreWolf running on the left, and a Terminator terminal window on the right. Terminal window shows the results of a fastfetch run with all system info to show that it is indeed OpenBSD.
...
@kaidenshi @MaddieM4 fun fact: you might sometimes have to compile it again, when updating snapshots. unless you idk stick to 7.9 (like, update to 7.9 from pre-7.9 -current before release). because openbsd doesn't do ABI-safety like on linux, so userland stuff will have to be recompiled when enough things change in kernelspace.
but enoughh of me being a debbie downer. congratulations!
...
@kaidenshi @MaddieM4 but lw doesn't change much. unless firefox does a new release. so i'd probably not worry about it, plus 7.9 is out soon. and also i assume they'll merge my port in -current at some point over the next few weeks. then you'll be able to just use the binary packages, so no worries.
...
@libreleah @MaddieM4 I backed up the package I built for safekeeping since it runs perfectly (actually a little faster than Firefox on the same machine). I tend to run -current so I'll just use your binary once it's merged.
...
@kaidenshi @MaddieM4 now u must re-compile. https://mas.to/@libreleah/116456565479340855
LibreWolf 150.0-1 is out (upgrading from LibreWolf 149.0.2-2).
I've updated my LibreWolf OpenBSD port to v150.0-1 in this patch: https://codeberg.org/vimuser/librewolf-openbsd-port/commit/13592d957af620f8c9ebcdb7f463b8bcb48f123e
Eventually, my port will be merged in -current, but for now, updating means re-building from source. Remember you must ensure you're on the latest snapshot and packages, and latest ports from -current. My port is for -current only (for now).
If you previously installed my port, please make sure you update/recompile :D
EDIT: It compiled! See:
Alt...
librewolf 150.0-1 running on openbsd
...
@libreleah @MaddieM4 Hell yes I'm about to chuck an SSD I found in my desk into my main workstation and start grinding away at it.
...
Alt...
librewolf v150.0-1 running on openbsd
...
@libreleah @MaddieM4 Just under an hour on the main workstation. I think I'm ready to go all in on OpenBSD now. Thank you so much!
Alt...
Screenshot of Librewolf 150 running on OpenBSD, with two terminal windows showing the build result and a fastfetch, respectively
...
@kaidenshi @MaddieM4 i also hardened some of the options at build time. you can see it in the git repository for my port. it's much closer to the hardening openbsd applies for firefox now, but with librewolf's additional hardening.
...
![[?]](https://todon.nl/system/accounts/avatars/113/499/847/545/064/465/original/7df3fc1255cf4c0d.jpg)
@libreleah @kaidenshi @MaddieM4
Logged in after more than a year just to comment. THANK YOU SO MUCH for this. I very recently moved from linux to openbsd. Always used librewolf, and missed it on obsd. I am using -current branch, hopefully binaries are available soon! I have a thinkpad with i3, but runs a little hotter than on linux. On linux it uses like 7.5W and and on obsd it uses around 10-12 (even after experimenting with apmd -L and obsdfreqd). Not that bad though.
Greatful to you and everyone at Openbsd!! ❤️
...
@Hello @kaidenshi @MaddieM4 You can control CPU frequency, check apmd manual. Or use obsdfreqd (i think it's called that). Probably still not as efficient as Linux, but you can get pretty close. I use the latter on laptops, when I'm out and about. obsdfreqd is in ports. You have to reconfigure apmd to disable some of its automation; check both manuals. Or just disable apmd when using obsdfreqd.
Also, I'll update librewolf soon. Got other work on at the moment. But will update the port after 7.9
...
@Hello @kaidenshi @MaddieM4 seems i'm dehydrated. i neglected to realise you already mentioned tweaking apmd/obsdfreqd
yeah, openbsd runs hot. just something you have to accept. it's not as power-efficient as linux. but it is better in lots of other ways :)
![[?]](https://voidq.xyz/snac/hey/s/avatar-c591f6179f4d4978a33137b2bbe7b04a.jpg){kind=avatar}
@kaidenshi@exquisite.social I see you moving too fast already running 7.9 ;) beautiful : - )
![[?]](https://files.mastodon.social/accounts/avatars/114/522/970/102/831/443/original/918b2c1360acf1af.png)
so i have been learning #sam and #acme properly and oh my god. acme is the best editor i have ever used. i love the fact that it really is an os interface in its own right. i have been completely underutilising it. i now have a setup on my second desktop at all times.
sam just seems like ed on steroids with a lot of the acme benefits of the mouse interface.
i am using acme for actual work or writing and i use sam for quick edits or config files.
Alt...
the acme text editor with one large window on the left and two smaller ones stacked on top of each other on the right. the left window is the sam-fans mailing list archive, the top right is my home directory, and the bottom left is a win terminal showing "uname -a" which shows darwin.
Great to see this also in vim:) github.com/vim/vim/pull... #vim #neovim
Alt...
vim9 with semi-transparent popups
![[?]](https://files.mastodon.bot/accounts/avatars/110/224/621/131/830/869/original/8d04290e7dfdcb63.png)
OpenBSD 7.8 // IKED // ERRATA 036
Date: May 8, 2026
Name: 036_iked.patch
Description: In iked(8), address sizes were not checked.
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.8/common/036_iked.patch.sig
OpenBSD 7.8 // NFS // ERRATA 035
Date: May 8, 2026
Name: 035_nfs.patch
Description: Due to insufficient checks in NFS server, the kernel could crash.
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.8/common/035_nfs.patch.sig
OpenBSD 7.8 // EXPAT // ERRATA 034
Date: May 8, 2026
Name: 034_expat.patch
Description: libexpat uses more entropy to protect against hash flooding. CVE-2026-41080
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.8/common/034_expat.patch.sig
OpenBSD 7.7 // IKED // ERRATA 042
Date: May 8, 2026
Name: 042_iked.patch
Description: In iked(8), address sizes were not checked.
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.7/common/042_iked.patch.sig
OpenBSD 7.8 // RPKI // ERRATA 030
Date: April 14, 2026
Name: 030_rpki.patch
Description: A malicious RPKI Publication Server can cause an incorrect error exit. A malicious RRDP Publication Server can cause a NULL dereference.
Link: https://cdn.openbsd.org/pub/OpenBSD/patches/7.8/common/030_rpki.patch.sig
![[?]](https://static.piaille.fr/accounts/avatars/116/466/111/769/788/233/original/311ff953fba2f7ed.jpg)
Here my version of it
Gmail -> @Tutanota
Youtube -> @peertube
Liar Signal -> @delta
Chrome -> #Helium
NordVPN -> @mullvadnet
PS: Signal IS big tech, they run on their server, they pay them, they are part of the problem not a solution to it.
#privacy #sovereinty #notogafam #google #signal #youtube #chrome #chromium #nordvpn #gmail #mullvad #deltachat #peertube #tutanota #tuta #decentralisation #europe #canada
Alt...
Show change of services
Gmail to Tuta,
Youtube to Peertube,
Signal Logo (called Liar Signal) to Delta Chat,
Chrome to Helium,
NordVPN to Mullvad.
...
Hosting a small vps, buying a domain, running Linux/BSD
Gmail -> run own email server
messenger -> run own #xmpp server
VPN -> run own #wireguard/#openVPN
Youtube -> piped instances/ #LibreTube
Chrome -> #LibreWolf
It is my setup :)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/000/000/003/original/719bf8cdbd4558d6.png)
Lots of Linux vulnerabilities lately. Time to move the instance to Windows.
...
Older...
![[?]](https://files.mastodon.social/accounts/avatars/000/040/532/original/90be4e241af818df.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/246/939/701/403/102/original/3f07a6bbac0ac7c4.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/113/175/749/365/842/491/original/9af9880e121de0e6.png)
Alt...
A meme of Red Forman from That 70's Show, in which he is responding to Kitty by saying "Oh, is that what we're gonna do today? We're gonna fight?"
![[?]](https://social.undrground.org/system/accounts/avatars/109/287/468/418/120/577/original/98bcf9eb49f6ef5b.jpeg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/296/631/948/148/154/original/549171ee06c2568b.jpg)
r00t f0lds Team# 258829 ![[?]](https://files.defcon.social/dcsocial-s3/accounts/avatars/109/462/100/060/920/982/original/cf6f0e7f7bffd54a.png)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/243/960/066/796/011/original/02f79bbfd41de9d4.png)
![[?]](https://files.mastodon.social/accounts/avatars/000/139/880/original/4d781700a4b2967f.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/168/773/501/958/656/original/c1b190f3744c1555.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/378/225/747/210/859/original/1de4e149be30f246.png)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/114/614/907/486/620/795/original/f2706694126a7cd8.png)
![[?]](https://cdn.masto.host/spaceyspace/accounts/avatars/112/166/719/263/656/926/original/636ecacb57c053fc.png)
@jerry No, CP/M. I saw on The Computer Chronicles that CP/M is the premier operating system, and I'm sure The Computer Chronicles is a completely unbiased source on the matter.
![[?]](https://mastodon.well.com/system/accounts/avatars/112/576/890/080/816/603/original/0f84c73e63efb281.jpeg)
![[?]](https://chaosfemtw.files.fedi.monster/accounts/avatars/109/592/674/606/584/563/original/a4136de1a1f68011.jpeg)
![[?]](https://tldr.nettime.org/system_nettime/accounts/avatars/114/358/425/045/386/311/original/cc55f6dbcd93523d.png)
![[?]](https://fidelis.social/system/accounts/avatars/109/580/529/262/149/106/original/118b6663ef5f41b6.jpg)
![[?]](https://mastodon.acc.sunet.se/system/accounts/avatars/000/000/001/original/d9d80a0c5f502f5c.jpg)
@jerry
Didn't you use to work for IBM? AIX is right there. Lets just get you some cosy POWER hardware for it. I'm already looking forward to the smitty modules for mastodon server mamagement.
![[?]](https://noc.social/system/accounts/avatars/109/529/228/726/509/672/original/b1d614b6b511176d.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/000/020/184/original/4c4773130b446062.jpg)
![[?]](https://media.norden.social/accounts/avatars/114/751/242/691/244/837/original/e26d3a703115faaf.jpg)
🏴☠️🏳️🌈![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/000/025/465/original/5caf003a55922ad9.jpg)
[![[?]](https://hostux.social/system/accounts/avatars/109/343/252/232/346/141/original/cce8808724ae57dd.jpeg)
![[?]](https://files.mastodon.social/accounts/avatars/112/321/949/822/571/894/original/00f584f5bf7ad42c.png)
![[?]](https://retro-pizza.s3.de.io.cloud.ovh.net/accounts/avatars/109/293/537/638/448/933/original/aa2d406ccc35901a.jpg)
@jerry The windows vuls are still pouring out but it's easier to hunt on linux because the source is available
![[?]](https://files.mastodon.social/accounts/avatars/109/247/381/362/454/523/original/88a10ec2f48d80b4.jpeg)
@jerry Someone, somewhere in a ‘C’ suite, who thinks they have their finger on the pulse, is asking a tired Tech Director that question.
Betcha.
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/293/394/064/770/043/original/65eb55d89c94ab29.jpg)
might have to get a few costco sized bags of popcorn to last it out while i watch this... and something to read. maybe "war and peace".
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/112/728/702/128/601/674/original/65f78330ab078532.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/111/867/038/214/333/074/original/948015da7238758d.jpg)
At MS, there was a big project to unify all of the Windows-derived things. Apparently some folks had a build working that booted to WSL, with no Win32k. I did wonder how secure that would be: at the very least, I doubt there are many people who know how to attack the NT kernel via the Linux syscall interface.
![[?]](https://media.sakurajima.moe/accounts/avatars/116/486/676/177/727/711/original/6cd34fc9b9e65145.png)
@jerry Its better to get hacked by some guy sitting in his parents garage than getting our data stolen by corporations to feed the AI.
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/303/390/173/440/234/original/be5531331590b65b.jpg)
@jerry Also, pwn2own with zero findings in Microsoft Internet Explorer for several years meanwhile (!).
Time for our blue friend to take back the web, not sure why we even abandoned the king of browsers.
...
@hey @jerry the issue lie in "feel" safe, when massive AI assisted code exploration will hit BSD i also expect a bunch of critical vulnerability.
Because the AI find thing human brain is not wired to see.
It's not a proof something is not secure tough, pretty sure BSD, Window, Mac, ETC are also full of those issue.
...
@hidikem@piaille.fr of cours in any system have issues, even very minimalist systems written only in C lang have some issues with security.
But we also can use A.i to find these holes in System;)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/320/354/152/578/407/original/91405a1eda486054.gif)
:EA DATA. SF: [![[?]](https://s3.eu-central-2.wasabisys.com/mastodonworld/accounts/avatars/110/722/631/832/796/298/original/6796ad26f838b92c.jpeg)
![[?]](https://1040ste.net/system/accounts/avatars/111/976/699/929/968/478/original/76977c43bab6b688.png)
![[?]](https://mstdn.fname.ca/system/accounts/avatars/116/427/924/379/067/962/original/7e350f94aa7b2198.jpeg)
![[?]](https://media.mstdn.social/accounts/avatars/109/565/531/261/159/277/original/7730593f0b7678ff.jpg)
![[?]](https://cdn.masto.host/mastodongamedevplace/accounts/avatars/109/430/030/135/705/706/original/66f39c691865bb53.png)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/112/388/769/664/465/292/original/a963a93f5d1bdbe5.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/000/135/131/original/f5f48aadca0272f4.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/116/093/572/746/253/175/original/10c19f01070a3c44.png)
YOU WOULDN'T!?
![[?]](https://hub.azkware.net/photo/profile/csolisr.jpeg?ts=1754582308)
...
![[?]](https://p.antsu.net/system/accounts/avatars/110/720/809/092/091/335/original/5f3cd3a9d9dd111e.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/300/077/565/466/493/original/5dd52e84e7fa29d4.jpg)
@jerry ikyk, but just for lolz sharing anyway
(img src and more 🤔😎 - https://www.dwarmstrong.org/freebsd-install/ )
![[?]](https://s3.eu-central-2.wasabisys.com/mastodonworld/accounts/avatars/115/086/157/598/619/206/original/825f38a464ff9f5f.png)
so, i'm trying to shed myself of all the tech oligarchies #BreakTheOligarchy
so i'm migrating everything. & it's not about Windows' or Google's vulnerabilities
& from what i've learned about the mastodon & fediverse community is, this is the place to be if you support Linux💙
so i assume you're being sarcastic? i don't understand a lot of the discussion below but, you are either hated or hilarious😁
but i have a question. would the counter-argument to that statement be...
...
@WorldTravelerAll7 I was being sarcastic. It’s a problem I have.
The counter argument is that windows has a similar number of vulnerabilities to what Linux has been experiencing, but Windows experiences that every single month for the past 25 years
...
@jerry not a problem, i💙sarcasm😂 it's just hard to discern when one doesn't know the subject or speaker😁
i try to get word to the supposed "good billionaires" that if they want to prove they are good, fund FOSS projects around Linux & the fediverse
they could turn PeerTube into a YT competitor. they could build an amazon competitor built around the vendors & customers if they wanted
so i assume, whenever Linux or FOSS projects are attacked, they're doing something right😁
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/361/006/156/396/201/original/5ddf6e284092c783.gif)
![[?]](https://files.mastodon.social/accounts/avatars/108/280/721/088/070/026/original/a8c2600501b92fa0.jpg)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/116/423/637/213/802/817/original/fb70325d7b1b21ff.png)
![[?]](https://media.infosec.exchange/infosec.exchange/accounts/avatars/109/308/892/209/312/026/original/937c59c05482bbef.png)
![[?]](https://files.ioc.exchange/iocexchange/accounts/avatars/116/596/538/263/481/113/original/42da667052540a40.jpg)
My apologies for interrupting, I got some trouble on notification via telegram bot, I input everything as required, but some reason I'm not getting notification at all, I checked logs:
snac[90250]: 03:22:32 telegram post 400
And I tried curl post on my server it was working perfect, maybe telegram refusing html or makrdown format? smthing else? before going to check source code, I would like to ask you about it:)
Thank you for your time
Best regards.
