The internet is buzzing about GNU/Linux. People talk about the BSD family of operating systems less often than about this one. Are they more complex? Are they more boring? We'll get to the bottom of these questions with one of the most active members in the OpenBSD community!
About today's guest
—Tell us about yourself. What do you do in the OpenBSD community and outside of it?
—Hello everyone, my name is Vyacheslav Voroncov, and I'm a not-so-anonymous "advanced user" of PCs in general and OpenBSD in particular.
Just like any seasoned IT nerd, I've loved this stuff since childhood—I'm really into it, I talk about it all the time, and I annoy everyone around me. I also moderate OpenBSD-related Telegram channels, help fellow users, and bring them together. I create and submit patches, test hardware, and host various services, hoping to eventually make them useful.
Outside the community, I work at an IT company, as you might expect from the most common stereotypes.
Why did you pick OpenBSD?
Among the most well-known *BSD systems are FreeBSD, OpenBSD, and NetBSD. More specialized operating systems based on FreeBSD exist, including pfSense and OPNsense for network firewalls, as well as proprietary solutions such as TrueNAS for network storage—they are all based on FreeBSD.
—Why OpenBSD specifically and not any other *BSD-based system?
—The question is difficult, but interesting. Although OpenBSD is often described as the most secure OS out there, that's not the crucial thing to me.
To me, OpenBSD is primarily an intuitive and well-structured OS that is suitable and, most importantly, designed for everyday use. The main difference between BSD systems and Linux distributions is worth mentioning: the concept and existence of a "base system." The base OS is more than a bunch of packages slapped together; it's a tightly integrated, curated, and tested set of software. Even though the base system of OpenBSD is small by today's standards, you can run basic network services and use the OS as a workstation for developing and building OpenBSD. If you prefer, you can do all this using a GUI.
OpenBSD actively encourages and, in a sense, requires "dogfooding," or using one's own product. So, unlike other operating systems, it often meets the real needs of developers and users. It's also designed for everyday use. Unfortunately, I think other operating systems have moved away from these approaches to some extent.
Community's role in the system software development
—Is it true that small communities can be more influential than large ones, such as the GNU/Linux community? For example, Windows has included the OpenSSH client and server for several years, as well as its own version of the LibreSSL library.
—Absolutely. In general, measuring significance by size is quite harmful—it's similar to counting the number of lines or megabytes in a program.
Why don't we satisfy our curiosity and look through the entire repository, though?
The gnu folder, which contains third-party dependencies and tools, has been excluded from the summary.
E:\Git\openbsd>cloc . --timeout 0 --exclude-dir=gnu
45065 text files.
23299 unique files.
21810 files ignored.
github.com/AlDanial/cloc v 2.08 T=96.56 s (241.3 files/s, 139193.7 lines/s)
--------------------------------------------------------------------------------
Language files blank comment code
--------------------------------------------------------------------------------
C/C++ Header 7242 202089 864453 5457857
C 11210 793566 858653 4622924
Bourne Shell 573 15614 15299 93353
Perl 679 11188 10512 83876
yacc 58 8167 2998 72049
Assembly 619 12282 32905 57037
make 2032 11996 6066 41408
Text 84 5430 0 38101
ASP.NET 2 1139 18 27329
m4 58 1931 623 17827
BitBake 220 842 497 8328
Python 155 1293 698 8214
lex 17 805 949 6318
reStructuredText 7 2155 751 4580
Markdown 41 621 0 4480
HTML 3 603 38 3918
Korn Shell 84 979 1171 3731
Go 5 613 167 3697
awk 37 373 980 3519
Logos 17 386 65 2423
C++ 23 193 492 1901
ANTLR Grammar 1 0 0 1725
SQL 4 0 0 1401
sed 13 60 251 921
Scheme 3 76 127 626
Forth 1 122 162 596
CSS 3 43 53 328
XML 6 0 0 215
Nemerle 3 45 0 182
R 35 2 0 175
Windows Module Definition 2 13 0 142
Protocol Buffers 2 107 359 128
Expect 1 1 3 100
diff 20 3 54 98
Standard ML 8 0 0 64
JSON 3 0 0 29
D 6 0 0 20
Windows Resource File 2 5 0 20
DOS Batch 2 0 0 18
TOML 2 0 0 15
C Shell 1 4 8 14
GLSL 10 0 0 10
Ada 1 3 0 8
Lua 1 0 1 2
Pawn 2 0 0 2
TeX 1 0 0 2
--------------------------------------------------------------------------------
SUM: 23299 1072749 1798353 10569711
--------------------------------------------------------------------------------
Small niche communities, on the contrary, are often more focused on achieving results through their enthusiasm and close communication. In a sense, such groups often have a higher level of professionalism due to easier access to distinguished professionals. People and projects that have developed in such communities often actively enter the mainstream due to their high quality standards.
Some examples include the already mentioned OpenSSH or tmux, which is used in the Red Hat distribution installer and many of its derivatives. Another example is Unicode, which originated from Plan9, an OS almost nobody knows about. In a sense, both UNIX and C began as personal "underground" projects.
—Are there any shared collaboration points between other *BSD communities, for example, in the areas of security or education?
—Of course, there are. More on that, communities are groups of people with their own interests. Open source is all about communication and interaction. Both code and documentation are actively migrated, ported, and adapted between projects. Conferences and meetups primarily bring together people interested in BSD systems and open source in general.
—Are there any friendly interactions with other small communities of OS users? What do you think about ReactOS?
—The IT world is relatively small, and its underground scene is even smaller. It's a tight-knit community where everyone ends up crossing paths. ReactOS is a project with a very interesting and ambitious goal. In my opinion, the OS is probably a technological and legal dead end. However, it's a remarkable source of experience, talent, knowledge, and simple enjoyment for the people involved. And that's worth far more than just a Windows-compatible OS.
In 2024, we checked the ReactOS source code during version 0.4.15 development. Check out what PVS-Studio analyzer detected here.
How well is OpenBSD protected from external threats?
—The more popular an OS becomes, the more likely it is to have security issues. Systems based on the GNU/Linux kernel were—and still are—considered completely secure because they have a smaller user base on PCs and are mainly run on servers. Now, at least once every couple of months, some CVE pops up in a random component of such a system. What about OpenBSD?
—OpenBSD's primary focus is code security, and often many mitigations and sane defaults are implemented there earlier than in other operating systems. Sometimes this happens even before the vulnerability appears.
To ensure that novice users of OpenBSD do not need to become security experts overnight (a viewpoint which other vendors seem to have), we ship the operating system in a Secure by Default mode.
Is OpenBSD more secure by default than an average GNU/Linux distribution? Yes, I think it is. A smaller attack surface also helps, as the system contains fewer arbitrary components, which means they receive more attention. As with any system, CVEs do occur, but not to the same extent as in other operating systems.
—Does the relatively low level of interest create a false sense of its "invincibility"? How often is the code checked for any unexpected "surprises"?
—It's hard to judge how much that perception stems from limited interest. At the same time, calling OpenBSD uninteresting wouldn't be accurate either. Due to its history and goals, it actually stays under constant scrutiny from people and organizations working in information security. Code reviews happen continuously, not just once in a while.
How to attract attention?
—Which is more challenging in *BSD: porting software from GNU/Linux, expanding supported hardware, or attracting interest to the OS in general?
—Everything matters! It all depends on a person's skills and preferences. However, some sad trends in the world of software and hardware are worth mentioning.
You can find a catalog of packages adapted for OpenBSD from GNU/Linux either on the official CVSWeb server in the OpenBSD Ports directory, or via other browsers with more extended capabilities, such as OpenPorts. At the time of writing this article, a total of 11,919 packages have been ported for compatibility with OpenBSD.
The attitude toward open source as a product rather than a project is growing stronger. As a result, many users think developers owe them something, and many developers expect instant and unconditional profit. In the end, the development spirit vanishes with any cooperation and interaction. This affects the overall software quality, accessibility, hardware support, and attitude toward the creative aspect.
Software is becoming less portable and more "nailed down" to specific architectures and operating systems. Rather than releasing complete documentation, hardware manufacturers often hastily create a driver that barely works and then abandon it after a while. Meanwhile, the general attitude toward open-source software is shifting toward the "it just works" mindset. Changing this attitude is the most challenging task.
—Can you give examples of OpenBSD success stories where a GNU/Linux distribution proved to be an unsuitable solution for the tasks at hand?
—The answer here lies rather in the realm of specific tastes, preferences, and requirements. OpenBSD and GNU/Linux distributions are established, mature general-purpose operating systems with rich and overlapping sets of open-source software. In the right hands, they're all great at most tasks.
I recommend installing OpenBSD everywhere you want a healthy dose of minimalism, secure default settings, and the option to easily isolate things, all while enjoying many out-of-the-box features. I've personally deployed and encountered OpenBSD-based mail servers, DNS and web servers, proxies, and firewalls in companies.
What's next
—What are your plans for developing the OpenBSD community?
—As usual, I have plenty of plans, and I want to do it all at once! The ideal long-term result would be a large, comprehensive infrastructure for communication, development, and cooperation not only for OpenBSD but also for all open-source software community.
—What do you expect from 2026 for OpenBSD and its community? What are your wishes for yourself and other members?
—Unfortunately, I expect even greater challenges from 2026, but I hope that overcoming them will also create new possibilities. For example, the ongoing increase in component prices will prompt many to seek simple, straightforward solutions and consider resource consumption and optimization.
I wish everyone good health and more opportunities to do what they love!
Top comments (0)