InfoWorld: OpenBSD comes close to security nirvana with a system that is 'secure by default'Nov 08, 1999, 19:43 (0 Talkback[s])
(Other stories by Joel Scambray, Stuart McClure)
"WELL KNOWN FOR its "secure by default" posture, OpenBSD (www.openbsd.org), the Internet-based volunteer effort, recently announced the inclusion and support of Versions 1.3 and 1.5 of Secure Shell (SSH) client and server in OpenBSD Version 2.6, which is due to appear in early December. But including security-related products in the operating system is nothing new for OpenBSD. The product also includes integrated cryptography and virtual private networking technologies such as Blowfish, MD5, SHA-1, IPSec, and S/Key. Because of this it has been accepted as the de facto secure-operating system...."
"Our aspiration is to be number one in the industry for security," de Raadt says."
"And they have backed up this claim. OpenBSD has avoided a successful remote root attack on the operating system for more than two years. That success has outperformed any other operating system on the market. De Raadt has become an expert on securing code, and has done much to ensure that OpenBSD code is written securely and holes are discovered quickly."