Even Better than Linux

PLUGGED IN
Even better than Linux

Trio of operating systems based on BSD is even more reliable and secure

By Simson L. Garfinkel, 09/16/99

The Linux operating system has gotten a tremendous amount of publicity in recent months. Millions of computers are running Linux; it is playing an increasingly important role in business; and people are beginning to think Linux might be a credible threat to the dominance of Microsoft.

But I'm not rejoicing for the ascendancy of Linux or its penguin mascot. I have my two feet firmly planted in another camp. No, I'm not rooting for Bill Gates and the Redmond home team. Instead, I've thrown my lot in with a trio of operating systems that all end with the initials BSD.

At my home, I run an operating system called NetBSD on the computer that's connected to my MediaOne cable modem. This NetBSD machine is my file server and my print server. It also runs a system called NAT (network address translation) that lets me access the Internet from the other computers on my home network. I installed NetBSD on the computer a little more than a year ago, and it has been working well for me ever since.

It's important to understand that everything I do with NetBSD I could do just as easily with Linux. That's because there are far more similarities between the two systems than differences. Both are based on the Unix operating system, developed at Bell Labs in the 1970s, and both can be freely redistributed. The big difference is portability. While Linux can only run on a few kinds of computers, NetBSD can run on more than 22, including Intel-compatible PCs, Amigas, old 68000-based Macs, Digital VAXes, and even those sleek but defunct NeXT workstations. This has made the system popular at places like MIT and NASA, both of which have large menageries of computer systems from a multitude of vendors.

Earlier this year there were a number of well-publicized security problems involving the Linux operating system. During that time my computer was frequently attacked. However, since I wasn't running Linux, I wasn't vulnerable. Linux is the favored operating system for most of the attackers on the Internet, which is another reason I don't use it.

Last month I set up a high-performance database server. This machine runs FreeBSD, a different version of the BSD operating system. FreeBSD has gained notoriety in recent weeks because it powers Yahoo and Hotmail. The operating system also has a reputation for never crashing - while offering high performance and leading-edge features. I chose FreeBSD for the database server because FreeBSD has exceptionally good support for multiple execution threads within a single process, allowing the database server to be more responsive when more than one person is using it at the same time.

OpenBSD is the ultra-secure version of BSD developed by programmers in Canada. Although all the BSD systems are reasonably secure, the dozen people who created OpenBSD spent more than four years doing a line-by-line audit of it, fixing security pitfalls other Unix vendors haven't even conceived.

Because the OpenBSD team is based in Canada, it isn't hobbled by the antiquarian export control laws that stifle much of the US software industry. As a result, OpenBSD comes with military-grade cryptography deeply integrated into the core system. OpenBSD also comes with IPsec, the cryptographic extensions to the Internet's TCP/IP protocol that let systems automatically encrypt information before it is sent over the wire. This is the same software other companies sell for thousands of dollars. It's free with OpenBSD. (NetBSD should have a full implementation of IPsec by the end of the year; a version of IPsec is also available for Linux, but it isn't built-in.) All of these combine to make the operating system a good choice for firewalls and the paranoid.

The three BSD operating systems are all descended from the BSD version of Unix developed at the University of California at Berkeley during the 1980s (''BSD'' stands for Berkeley Standard Distribution). They're also the descendants of Project GNU, started by Richard Stallman at the Massachusetts Institute of Technology. There's a lot of infighting among the groups developing these three systems, but there's also a lot of cooperation, since all are distributed in source code. All can run most programs that are written for Linux, and frequently they can run the programs faster than Linux itself.

If I had to pick out the single difference between the BSD community as a whole and the proponents of Linux, I would say it is something called ''correctness.'' The BSD developers are more concerned that the underlying technology in their operating systems be implemented in a manner consistent with the overall design of the systems. Linux developers, overall, are more interested in just putting together something that works.

Another big difference is commercialism. Where the BSD projects are largely the work of individuals, businesses are now the driving force in the Linux community. This may be one reason proponents of Linux are frequently slow to admit the debt they owe to the Computer Science Research Group at Berkeley, which created BSD, and to the Free Software Foundation at MIT, the charitable organization that raised money for Project GNU. Although Linus Torvalds frequently gets the credit for creating Linux, he only wrote the system's kernel. The rest he cobbled together from other sources, largely BSD and GNU.

Kirk McKusick wrote an excellent history of BSD in his essay ''Twenty Years of Berkeley Unix.'' You can find it in the book ''Open Sources,'' published by O'Reilly & Associates. It is also on line, along with the rest of the book, at www.oreilly.com/catalog/opensources/book/kirkmck.html.

Although Linux is a fine operating system, I would encourage businesses as well as advanced enthusiasts to take a serious look at the other choices.

Technology writer Simson L. Garfinkel can be reached at plugged-in@simson.net.