Answering PHK's "Why Bother?" with FreeBSD Question

In the October issue of Daemon News, Poul-Henning Kamp asks "Why Bother?" He wants to know why people use FreeBSD when Linux gets most of the attention from users and vendors. He also wants to know why developers should continue to work on FreeBSD.

I will tailor my response for FreeBSD, as that is the BSD with which I am most familiar. Some of my arguments will apply to other variants. Some of my reasons even apply to other open source operating systems, like Linux. Few will apply to closed operating systems, least of which Windows.

1. FreeBSD is open source, with a business-friendly license. Being an open source, BSD-licensed operating system means I am free to modify the OS as I see fit and can continue to support and evolve any part of it, should the official developers decide to abandon any aspect of the project. I can use FreeBSD in commercial projects as long as I retain the copyright notice and disclaimer with the product.

2. FreeBSD is an integrated, complete product. FreeBSD isn't just a kernel supplemented by software. The developers provide easy (albeit time-consuming on slower machines) means to keep the system up-to-date and functioning properly. (Note: I will publish an article shortly that takes an in-depth look at keeping FreeBSD up-to-date.)

3. All FreeBSD source code is available via CVS. This feature allows users to quickly examine any aspect of the OS to determine if it will suit their needs. For example, I can look in a file like src/sys/dev/aac/aac_pci.c to see if it might support new hardware I'm considering purchasing. I can then checkout the complete CURRENT source or download a CURRENT .iso snapshot (via snapshots.se.freebsd.org or snapshots.jp.freebsd.org). This is perhaps the single greatest measurable advantage compared to closed-source software.

4. FreeBSD developers are accesible and analyze problems in context. I am constantly surprised to find so many developers posting answers to freebsd-questions and interacting helpfully with newsgroups like freebsd-stable and others. When a user posts a thoughtful question which demonstrates he's done some homework, he very frequently gets multiple responses that treat his problem within context of the entire OS. FreeBSD developers work within an operating system, not in isolation.

5. The FreeBSD ports tree offers over 12,000 applications, tailored for FreeBSD. When running FreeBSD, there's almost never a need to download and compile a tar.gz archive from a third party site. Instead, visit FreshPorts.org, see what's available, and then install either a precompiled package or build from source code within the ports system. When you see a program in the ports tree, you have some level of confidence that it will work on your system. When installed using the ports tree or as a precompiled package, you can now manage, track, and upgrade that application. (Note: I am planning a second article on this aspect of FreeBSD as well.)

6. FreeBSD's security features and track record are excellent. I can deploy a FreeBSD-based security appliance, with no ports listening other than OpenSSH, in less than 20 minutes (depending on CD-ROM speed). This system can defend itself without a network- or host-based firewall. FreeBSD has had an order of magnitude lower number of remote root vulnerabilities compared to Windows 2000, for example. Tools like FreeBSD-update, Portsnap, Portaudit and Portupgrade make keeping the system up-to-date easy. The VuXML project tracks issues not only in the OS but also the ports collection.

7. FreeBSD (as well as OpenBSD and NetBSD) Continue to Innovate. This is remarkable, despite the much smaller development community, user base, and lack of large commercial sponsorship. FreeBSD's SMP, network performance, TrustedBSD, and the ndis Windows driver wrapper are impressive. The OpenBSD project has brought us OpenSSH, Pf, OpenBGPD, Pfsync and CARP, and OpenNTPD. NetBSD introduced IPv6 and plenty of clean code that ends up in other projects. This is not to say that Linux or other UNIX derivatives don't innovate. I just amazed that a much smaller community has created these leading network services within a short period of time. I only expect better features out of FreeBSD's 5.x tree now that 5.3 has attained the STABLE mark.

There are seven reasons why I "bother" with FreeBSD. I would like to hear your comments, either via email or through postings to freebsd-advocacy or advocacy.daemonnews.org.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics