Ian Darwin writes in about his work deploying the arm64 platform and the Raspberry Pi 3:So I have this empty white birdhouse-like thing in the yard, open at the front. It was intended to house the wireless remote temperature sensor from alow-cost weather station, which had previously been mounted on a dark-colored wall of the house (reading were really high when the sun reached that side of the house!).But when I put the sensor into the birdhouse, the signal is too weak for the weather station to receive it(the mounting post was put in place by a previous owner of our property, and is set deeply in concrete).So the next plan was to pop in a tiny OpenBSD computer with a uthum(4) temperature sensor and stream the temperature over WiFi.Read more...
While the world largely wasn't looking, there was a nano hackathon last month, Hackathon report - e2k17 Hackathon, Edmonton Alberta. Bob Beck (beck@) writes,
Google's golang, collaboratively developed by Unix and C pioneers like Ken Thompson, Rob Pike et al has been very BSD friendly (the language itself is BSD licensed) and it just got even friendlier for OpenBSD's pledge mechanism.To quote the diff:"unix: add support for OpenBSD pledgePledge, the privilege-restricting syscall and mitigation mechanism,was missing from syscall_openbsd.go. As of the latest release, itis officially supported in 'stable'."Link to the full golang diff here: https://go.googlesource.com/sys/+/8fd966b47dbdd4faa03de0d06e3d733baeb9a1a9%5E%21/
On behalf of the EuroBSDCon 2017 Program Committee, here is the Call for Proposals for the EuroBSDCon 2017 conference which will take place in Paris, France from 21st through 24th of September 2017:
If you follow commits closely, via source-changes@ or otherwise, you may already know that mandoc has grown another useful feature. Ingo Schwarze sent us this very nicely formatted article about the new mandoc to markdown converter:Read more...
Avoid possible side-channel leak of ECDSA private keys when signing.A source code patch exists which remedies this problem:for 6.0.for 5.9This is related to CVE-2016-7056 "ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)"Additional details can be read here: http://seclists.org/oss-sec/2017/q1/52Thanks to M:Tier https://stable.mtier.org for raising awareness on this patch.
OpenBSD as WiFi access points look set to be making a comeback in the near future. With this diff https://marc.info/?l=openbsd-tech&m=148396652007923&w=2, Stefan Sperling added 802.11n hostap mode, with full support initially for the Atheros chips supported by the athn(4) driver.
Undeadly editor Peter Hansteen (pitrh) recently spoke to the Bergen (BSD and) Linux User Group (BLUG) on the subject "OpenBSD and you", and has shared the slides from the talk.These make a great resource for preaching to the as-yet-unconverted.
Ted Unangst (tedu@) has written a flak entry entitled "openbsd changes of note".It gives an overview (with relevant links) of recent significant changes in -current.Update: there is now a second part.Update: there is now a third part.
Kristaps Dzonsons, of mandoc and acme-client (and more) fame, has written a detailed article entitled "why pledge(2) …or, how I learned to love web application sandboxing".The tl;dr section starts:
New contributor doctrit writes,An interesting news article title caught my attention and I was pleasantly surprised to find OpenBSD having a prominent place within the article's content. 8^)
Five OpenBSD 6.0 CD-ROM copies were signed by 40 developers during theg2k16 Hackathon in Cambridge, UK. These copies are being auctioned sequentially on ebay.CD set #1 (Sep 29th + 5 days) sold for $4200CD set #2 (Oct 4th + 3 days) sold for $3000CD set #3 (Oct 8th + 3 days) sold for $817CD set #4 (Oct 11th + 3 days) sold for $635CD set #5 (Oct 14th + 3 days) sold for $1024All proceeds will be donated to the OpenBSD Foundationto support and further the development of free software based on the OpenBSD operating system.Read more...
With a small commit, OpenBSD now has a hypervisor and virtualization in-tree. This has been a lot of hard work by Mike Larkin, Reyk Flöter, and many others.VMM requires certain hardware features (Intel Nehalem or later, and virtualization enabled in the BIOS) in order to provide VM services, and currently only supports OpenBSD guests.