freebsd = utility

openbsd = security

netbsd = portability

freebsd: performance, features, drivers, software compat - closest to linux in utility & usability though unlike linux in execution

openbsd: safety for exposed services

netbsd: portable across many cpu & hardware platforms - big-endian powerpc sun, hitachi sh3 jornada, etc, easiest to port to a new arch

▲

Melatonic 21 days ago | parent | next [-]

Can FreeBSD be stripped down to be more like OpenBSD security wise while still keeping the performance benefits ?

	▲	Brian_K_White 21 days ago \| parent [-]
		It can be customized just like linux where you can compile a custom kernel omitting unneeded features and then also ship a small userspace around it, and the core userspace tools are generally a little less feature rich than linux's already. But it's not a matter of surface area that makes openbsd solid, it's the priorities while writing that affects how every little thing has been written over time. You can write 10 different versions of a function that all work and are all nominally perfectly free of security gaps. Yet they will all still be 10 different levels of robust. Some versions will fail as soon as some assumption is violated, and some make fewer assumptions and remain safe even when varying amounts and forms of "that can't happen" happens. It's not just cosmic ray bit flips either, or a hacker trying to do power glitch attacks or rowhammer etc, stuff that makes the hardware violate it's promises. But stuff like a different developer updating something 15 years later who is not the original and does not realize every single facet of how it works and just how the current implimentation covers all possible edge cases, and so doesn't realize how their change opened up an edge case that was covered before. With fragile code, the new code simply has the new security gap until someone discovers it the hard way. With robust code, it's more likely to still be safe. The edge case maybe makes it fail to function, but not in a way that anyone can use productively. Not that freebsd is exactly swiss cheese. These are all relative. I would and do rely on freebsd any day.

▲

mxuribe 21 days ago | parent | prev [-]

Oh this is a wonderful and succinct summary; thanks!

▲

JdeBP 21 days ago | parent [-]

It's also superficial and wrong, and as bad as dividing people up by hair colour into blondes, brunettes, and redheads.

The way that the BSDs differentiate cannot be reduced in this way, not least because there is a lot of what Justin C. Sherrill (of the DragonFly Digest) calls 'cross-pollination' amongst the BSDs.

A case in point:

Superficially, and erroneously, one might observe that OpenBSD, NetBSD, and FreeBSD have nvi, and only DragonFlyBSD has nvi2. In fact there was a three-way fork of actual Bostic nvi, all of them making revisions and leaving the original behind, and then things got really complex with nvi2 taking from OpenBSD's nvi, and FreeBSD's nvi taking from nvi2; not even getting into the existence of nvi-m17n along the way and how there are nvis in base and nvis in ports. (https://news.ycombinator.com/item?id=48132452) One cannot divide the BSDs up into those that have nvi2 versus those that have nvi.

The split is complex in other areas, too.

	▲	mxuribe 20 days ago \| parent \| next [-]
		Yes, you're not at all wrong! However my goal is not to definitively 100% know the exact differences between the BSDs...i merely wanted to seek out a quick/easy starting point (the very high level diffs)...so that i can start somewhere and hopefully avoid my paralysis by analysis. :-)
	▲	Brian_K_White 20 days ago \| parent \| prev [-]
		It is a generalization of the essentials, and not wrong. You know even though I said the execution is unlike linux, in fact, there are many many details that are just like linux! What a freaking ignorant liar eh? There's like 100 things like that you could say. No wait, no way it's exactly 100. There's obviously some other number like 105 or 612 things like that. So superficial and wrong!