[redacted] is a user on octodon.social. You can follow them or interact with them if you have an account anywhere in the fediverse. If you don't, you can sign up here.
[redacted] @redacted

is moving to commercial-only, which is a heavy loss for Linux security and probably the end for :(
grsecurity.net/passing_the_bat

PaX team and spender are the two people with the greatest positive impact on Linux security of all time. In the past decade, around 9/10 Linux vulnerabilities simply had no effect on grsec kernels.

For me, this probably means switching to on all my remaining machines.

· Tusky · 6 · 5
Shawn Webb @lattera@mastodon.social

@redacted why not #HardenedBSD, which is porting grsec?

[redacted] @redacted

@lattera Because I'm used to OpenBSD on my servers and I like the philosophy better. But yeah, HardenedBSD would be the other viable choice.

Shawn Webb @lattera@mastodon.social

@redacted I'm curious what you view as differences in philosophy between HardenedBSD and OpenBSD.

[redacted] @redacted

@lattera Mostly the minimalism in OpenBSD, i.e. disable everything not strictly needed by default. But I've only played around with *BSD for a year or so (compared to 10+ with Linux), so I'm not that familiar with the ecosystem.

[redacted] @redacted

@lattera But I could try HardenedBSD on my desktop, it has enough space and I gotta get rid of the awful systemd-infected Arch on it anyway.

Shawn Webb @lattera@mastodon.social

@redacted Cool! Let me know if you have any issues.

octodon.social powered by Mastodon