This is a smallish rant/story about one of my experiences in the OpenBSD IRC   
   community. But before I do so, I will give a introduction about the state   
   of affairs, myself etc.   
      
   I have spent many years on IRC. I remember the first time I logged on IRC, I   
   was absolutely fascinated by how many different channels existed and how   
   there was litterally a channel for every topic.   
      
   I very quickly became accustomed to support channels, helping out users in   
   real time that had problems. Over the years, certain places became more   
   friendly, others became intolerant and some just stayed the same.   
      
   There are quite a few channels I help out in, but remain silent most of the   
   time in some channels due to the way the community works. One of these   
   channels is #OpenBSD.   
      
   #OpenBSD is a support channel for the now becoming obscure OpenBSD operating   
   system. It is not a very friendly channel most of the time. Users who   
   enter, asking about hardware support are often to go read some manual (at   
   least provide a link?) or are told to donate their hardware to OpenBSD   
   developers or stop complaining - They were not complaining, only asking for   
   support.   
      
   It should seem quite obvious as to why I would often help people in private   
   (one to one) communications when I see them asking for help in that   
   channel. It just isn't a very friendly place when it comes to helping users   
   even though it is a support channel.   
      
   Note that OpenBSD has a 'legacy' of being a very secure operating system and   
   it's community being very security minded. Many of the users of the   
   operating system acknowledge the fact that other operating   
   systems/distributions do not take security to heart and end up with what   
   can be considered terrifying vulnerabilities.   
      
   Over the years other operating systems that exceed OpenBSD in usage have   
   been growing larger and larger, making OpenBSD less relevent. Linux   
   distributions in particular have been a particular thorn in OpenBSD's side   
   (I doubt that the OpenBSD community will admit it though - claiming it   
   doesn't rival them in security, free to use for anything).   
      
   Much of the pro-OpenBSD user have diminished from what it used to be. Since   
   then, the majority of pro-OpenBSD users in #OpenBSD (in my opinion) have a   
   grudge against Linux.    
      
   This is where the story begins.   
      
   I made a fatal mistake about a week ago. I helped someone in #OpenBSD, in   
   the channel it self. They wanted to know the administrative differences   
   between OpenBSD and a Enterprise Linux system. He did not know much about   
   OpenBSD. Being that I had experience with both and a good amount of   
   knowledge. I started typing up a lot of information between each other.   
      
   I discussed why certain daemons in OpenBSD were more secure, because   
   of 'fake/change root' capability in OpenBSD was superior in certain   
   technical ways which prevented certain circumvention which allowed one to   
   get out of a 'fake/change root' situation on Linux. Since in most   
   enterprise Linux systems and OpenBSD, the majority of daemons sit in a   
   fake/change root setup, this was relevent information.   
      
   I brought up a lot of comparisons, trying to remain completely unbiased   
   towards one or the other. Eventually, I brought up how the root account was   
   not disabled from being logged into by default.   
      
   Disabling the root account would prevent certain security vulnerabilities   
   that would allow people to bruteforce into a server because they know a   
   account they can log into.   
      
   It would prevent certain vulnerabilities in daemons to break into that   
   account and how the Linux system we were comparing to had not only the root   
   account disabled, but had a nicely secure 'sudo' configuration setup by   
   default (I also mentioned how selinux, apparmor were often configured to   
   disable code execution under the root account through buffer overflows etc.   
   too).   
      
   This caused a huge outcry on the channel, three different users, who didn't   
   even talk for days on the channel suddenly came to life and started on how   
   that isn't really security and hiding the door is no substitute for a good   
   lock.   
      
   At this point, I was actually surprised. I felt the arrogance of #OpenBSD   
   suddenly came to the point that they hated Linux so much, that if Linux did   
   something even slightly better in security, it was obviously not true and   
   Linux was 100% wrong.   
      
   I argued with these three users that hiding the "door" does not make the   
   system any less secure and I acknowledged that security by obscurity   
   obviously won't replace good hard security, but claiming that I   
   am /replacing/ the current good security with obscurity was a outright lie.   
      
   It went into a argument about how if someone uses a weak password, it won't   
   help any if the user is named root or "ash-fox", at which point I pointed   
   out the obvious. The hacker finds the box, knows there is a root account   
   and breaks into that. I then stated that a hacker finds a box, knows the   
   root account is disabled but does not know what the user account is which   
   can access root - he's going to need to find that account name first. How   
   is the latter less secure?   
      
   As it went on, these users arguing against me did not acknowledge that I was   
   right in any way or form, they just continuously changed the argument. At   
   one point one person stated that I made administration a lot harder. Upon   
   which I just grinned at my monitor and asked why typing a command   
   like "sudo -i" (gives you a root shell from your user account) or "sudo   
   cp /blah /wee"  was so much harder.   
      
   Another argument, automated scripts that needed to execute commands on a   
   remote machine through ssh command combos would be harder... This coming   
   from people who are supposed to be security oriented. I pointed out again,   
   adding 'sudo' to a command is not hard, additionally, you can limit the   
   commands sudo can execute on a per account basis so wouldn't it be infact   
   more secure?   
      
   It continued, claiming that it was making administration too difficult in   
   the calls for security and went on about how usernames should be 128   
   character long randomly generated, and passwords should be 512 long   
   randomly generated passwords when you initially install the system, trying   
   to downplay the whole default 'sudo' setup, disabled root account setup   
   that a Linux system provides.   
      
   At which point, I pointed out that they were blowing things out of   
   proportion and if they were really concerned about user friendliness, they   
   would start fixing the install process of OpenBSD.   
      
   One example I gave was when you're thrown into a command line interface   
   partition manager and have to figure out how to use it yourself - However,   
   when you type the help command, you only see the last lines of the help   
   file, which really tell you nothing about how to setup the partitions. You   
   have no way to scroll up or down either.   
      
   Someone pointed out that people should read the manual then (you get this   
   feeling of 'RTFM' from people like that).   
      
   Eventually, the argument was ended with someone stating that they are simply   
   making their operating system available to me and I don't have to use it if   
   I don't like it.   
      
   I cannot refute that - but, I am close to saying I'm finished with helping   
   out in #OpenBSD.   
      
   That said, during the entire discussion, there was one or two people (I   
   cannot recall if it was the same person) spectating who did acknowledge   
   some of the points I made - so it isn't the entirety of the #OpenBSD   
   channel behaving this way, but these people also never talk on the channel   
   and I suspect they don't because they are like me.   
      
   I did not really get to finish helping that guy out with finding the   
   differences between OpenBSD and the Enterprise Linux we were discussing.   
      
   --    
   Do not meddle in the affairs of kitsune, for you are crunchy and good with   
   ketchup.   
      
   ---   
    þ Synchronet þ QuickFox BBS - "Right on, Commander!" - telnet:/   
   bbs.quickfox.net   
    * Origin: Time Warp of the Future BBS - Home of League 10 (1:340/400)