Skip to main content.

Episode 047: DES Challenge IV


Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


g2k14 hackathon reports

  • Nearly 50 OpenBSD developers gathered in Ljubljana, Slovenia from July 8-14 for a hackathon
  • Lots of work got done - in just the first two weeks of July, there were over 1000 commits to their CVS tree
  • Some of the developers wrote in to document what they were up to at the event
  • Bob Beck planned to work on kernel stuff, but then "LibreSSL happened" and he spent most of his time working on that
  • Miod Vallat also tells about his LibreSSL experiences
  • Brent Cook, a new developer, worked mainly on the portable version of LibreSSL (and we'll be interviewing him next week!)
  • Henning Brauer worked on VLAN bpf and various things related to IPv6 and network interfaces (and he still hates IPv6)
  • Martin Pieuchot fixed some bugs in the USB stack, softraid and misc other things
  • Marc Espie improved the package code, enabling some speed ups, fixed some ports that broke with LibreSSL and some of the new changes and also did some work on ensuring snapshot consistency
  • Martin Pelikan integrated read-only ext4 support
  • Vadim Zhukov did lots of ports work, including working on KDE4
  • Theo de Raadt created a new, more secure system call, "sendsyslog" and did a lot of work with /etc, sysmerge and the rc scripts
  • Paul Irofti worked on the USB stack, specifically for the Octeon platform
  • Sebastian Benoit worked on relayd filters and IPv6 code
  • Jasper Lievisse Adriaanse did work with puppet, packages and the bootloader
  • Jonathan Gray imported newer Mesa libraries and did a lot with Xenocara, including work in the installer for autodetection
  • Stefan Sperling fixed a lot of issues with wireless drivers
  • Florian Obser did many things related to IPv6
  • Ingo Schwarze worked on mandoc, as usual, and also rewrote the man.cgi interface
  • Ken Westerback hacked on dhclient and dhcpd, and also got dump working on 4k sector drives
  • Matthieu Herrb worked on updating and modernizing parts of xenocara

FreeBSD pf discussion takes off

  • Concerns from last week, about FreeBSD's packet filter being old and unmaintained, seemed to have finally sparked some conversation about the topic on the "questions" and "current" mailing lists (unfortunately people didn't always use reply-all so you have to cross-reference the two lists to follow the whole conversation sometimes)
  • Straight from the SMP FreeBSD pf maintainer: "no one right now [is actively developing pf on FreeBSD]"
  • Searching for documentation online for pf is troublesome because there are two incompatible syntaxes
  • FreeBSD's pf man pages are lacking, and some of FreeBSD's documentation still links to OpenBSD's pages, which won't work anymore - possibly turning away would-be BSD converts because it's frustrating
  • There's also the issue of importing patches from pfSense, but most of those still haven't been done either
  • Lots of disagreement among developers vs. users...
  • Many users are very vocal about wanting it updated, saying the syntax change is no big deal and is worth the benefits - developers aren't interested
  • Henning Brauer, the main developer of pf on OpenBSD, has been very nice and offered to help the other BSDs get their pf fixed on multiple occasions
  • Gleb Smirnoff, author of the FreeBSD-specific SMP patches, questions Henning's claims about OpenBSD's improved speed as "uncorroborated claims" (but neither side has provided any public benchmarks)
  • Gleb had to abandon his work on FreeBSD's pf because funding ran out

LibreSSL progress update

  • LibreSSL's first few portable releases have come out and they're making great progress, releasing 2.0.3 two days ago
  • Lots of non-OpenBSD people are starting to contribute, sending in patches via the tech mailing list
  • However, there has already been some drama... with Linux users
  • There was a problem with Linux's PRNG, and LibreSSL was unforgiving of it, not making an effort to randomize something that could not provide real entropy
  • This "problem" doesn't affect OpenBSD's native implementation, only the portable version
  • The developers decide to weigh in to calm the misinformation and rage
  • A fix was added in 2.0.2, and Linux may even get a new system call to handle this properly now - remember to say thanks, guys
  • Ted Unangst has a really good post about the whole situation, definitely check it out
  • As a follow-up from last week, bapt says they're working on building the whole FreeBSD ports tree against LibreSSL, but lots of things still need some patching to work properly - if you're a port maintainer, please test your ports against it

Preparation for NetBSD 7

  • The release process for NetBSD 7.0 is finally underway
  • The netbsd-7 CVS branch should be created around July 26th, which marks the start of the first beta period, which will be lasting until September
  • If you run NetBSD, that'll be a great time to help test on as many platforms as you can (this is especially true on custom embedded applications)
  • They're also looking for some help updating documentation and fixing any bugs that get reported
  • Another formal announcement will be made when the beta binaries are up

Interview - Dag-Erling Smørgrav - / @RealEvilDES

The role of the FreeBSD Security Officer, recent ports features, various topics

News Roundup

BSDCan ports and packages WG

  • Back at BSDCan this year, there was a special event for discussion of FreeBSD ports and packages
  • Bapt talked about package building, poudriere and the systems the foundation funded for compiling packages
  • There's also some detail about the signing infrastructure and different mirrors
  • Ports people and source people need to talk more often about ABI breakage
  • The post also includes information about pkg 1.3, the old pkg tools' EOL, the quarterly stable package sets and a lot more (it's a huge post!)

Cross-compiling ports with QEMU and poudriere

  • With recent QEMU features, you can basically chroot into a completely different architecture
  • This article goes through the process of building ARMv6 packages on a normal X86 box
  • Note though that this requires 10-STABLE or 11-CURRENT and an extra patch for QEMU right now
  • The poudriere-devel port now has a "qemu user" option that will pull in all the requirements
  • Hopefully this will pave the way for official pkgng packages on those lesser-used architectures

Cloning FreeBSD with ZFS send

  • For a FreeBSD mail server that MWL runs, he wanted to have a way to easily restore the whole system if something were to happen
  • This post shows his entire process in creating a mirror machine, using ZFS for everything
  • The "zfs send" and "zfs snapshot" commands really come in handy for this
  • He does the whole thing from a live CD, pretty impressive

FreeBSD Overview series

  • A new blog series we stumbled upon about a Linux user switching to BSD
  • In part one, he gives a little background on being "done with Linux distros" and documents his initial experience getting and installing FreeBSD 10
  • He was pleasantly surprised to be able to use ZFS without jumping through hoops and doing custom kernels
  • Most of what he was used to on Linux was already in the default FreeBSD (except bash...)
  • Part two documents his experiences with pkgng and ports


  • All the tutorials are posted in their entirety at
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • If you want to come on for an interview or have a tutorial you'd like to see, let us know - we want to do what the viewers want to see
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

Latest News

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014


As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

Episode 186: The Fast And the Firewall: Tokyo Drift


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines AsiaBSDcon Reports and Reviews AsiaBSDcon schedule Schedule and slides from the 4th bhyvecon Michael Dexter’s trip report on the iXsystems blog NetBSD AsiaBSDcon booth report TrueOS Community Guidelines are here! TrueOS has published its new Community Guidelines The TrueOS Project has existed for over ten years. Until...

Episode 185: Exit Interview


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Interview – Kris Moore – / @pcbsdKrisTrueOS founder, FreeNAS developer, BSD Now co-hostBenedict Reuschling – / @bsdbcrFreeBSD commiter & FreeBSD Foundation Vice President, BSD Now co-host Send questions, comments, show ideas/topics, or stories you want mentioned on the show...

Episode 184: Tokyo Dreaming


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines OpenBSD A2k17 hackathon reports a2k17 hackathon report: Patrick Wildt on the arm64 port a2k17 hackathon report: Antoine Jacoutot on syspatch, rc.d improvements and more a2k17 hackathon report: Martin Pieuchot on NET_LOCK and much more a2k17 hackathon report: Kenneth Westerback on...

Episode 183: Getting Steamy Here


Direct Download:VideoHD VideoMP3 AudioOGG AudioTorrent This episode was brought to you by Headlines playonbsd with TrueOS: It’s Getting Steamy in Here and I’ve Had Too Much Wine We’ve done a couple of tutorials in the past on using Steam and Wine with PC-BSD, but now with the addition of playonbsd to the...