Open­BSD

When we need a reliable, stable and secure operating system, Open­BSD is our first choice. This strong preference is based on important technical and practical merits, as the following brief introduction explains:

Open­BSD is an open source software project producing a free, Unix-like operating system descended from Berkley Software Distribution (BSD). Its de­ve­lop­ment began in 1995 by forking the NetBSD code­base.

Unlike similar projects, Open­BSD develops a complete operating system (not just the kernel), has strict mana­ge­ment hierarchy, mandates extensive peer-review for all new code and releases stable versions on a regular basis (every 6 months).

Open­BSD is used at commercial, educational and government organizations worldwide, including universities, research facilities, internet service providers and large enterprises, such as Adobe, Yahoo, Google, HP and GoDaddy. Software code produced by the project is used in critical parts of various other operating systems and security-oriented software products. Many commercial fire­wall appliances are based on Open­BSD.

De­ve­lop­ment Environment

From the very beginning, Open­BSD was designed and built by its developers to suit their own use-cases. As our needs are very similar, this also makes it an excellent de­ve­lop­ment and hosting platform for our own applications and infor­ma­tion systems.

The project follows a strict docu­men­ta­tion process where any errors or omissions are considered equivalent to software bugs. The result is a high-quality, always up-to-date docu­men­ta­tion of all administrative tools, software libraries and system calls, that's second to none among both open source and commercial operating systems.

Although never afraid to introduce backward incompatible security or code quality im­prove­ments, Open­BSD normally progresses through gradual evolution rather than major changes. KoMnA is thus able to regularly and cost-effectively upgrade existing systems, making sure that even our older solutions run on a modern, secure platform.

Security and Reliability

Many computer security experts consider Open­BSD to be the most secure and reliable general purpose operating system in existence. This reputation comes from:

  • Very ex­pe­ri­enced developers and mandatory peer-review.

  • Strong focus on software security and code correctness, even at the cost of new features, speed optimizations or user-friendliness.

  • Periodic full source code audits, with any newly found bug type being searched for and fixed everywhere in the source tree.

  • Integration of good randomness and strong cryptography wherever possible.

  • Rewriting daemons and services to use privilege separation, chroot_jails, pledge(), and other such security measures.

  • Security and networking innovations, many of which have since become mainstream (public source repository, IPSec, ASLR, stack protector, W^X, safe al­ter­na­tives for dan­ge­rous libc APIs, etc.)

  • "Secure by default" system configuration where any network services must be manually enabled by administrators (after reading the docu­men­ta­tion), who are thus fully aware of their responsibility and potential security problems.

  • Un­com­pro­mi­sing stance on licensing and hardware docu­men­ta­tion transparency, rejecting closed-source software as well as non-disclosure agreements, and even disfavoring complex or too restrictive open-source licenses.

  • Portable security and networking software developed by the project, gaining great influence and wide adoption. This in­clu­des OpenSSH, LibreSSL, OpenBGPD, OpenNTPD, pf, mandoc, acme-client, and others.