# FreeBSD and Apple connection



## Avyd (Jul 29, 2013)

Hello,

I'm curious about the connection between Apple and FreeBSD. I would like to clarify some things.

Does a high percent of donation come from Apple?

Do FreeBSD developers include code from Apple in the systems?

If yes how do they deal with security issues? (That is an important question because open source communities do not trust Apple. Not only because they are closed source, but they let third party people inside your systems.)

How many people do you have reviewing the code of FreeBSD?

Thank you in advance.


----------



## SirDice (Jul 29, 2013)

Avyd said:
			
		

> I'm curious about the connection between Apple and FreeBSD.


There isn't any to speak of actually.



> Does a high percent of donation come from Apple?


Nope. Not even a small percentage.
http://www.freebsdfoundation.org/donate/sponsors



> Do FreeBSD developers include code from Apple in the systems?


Only if Apple has BSD licensed code that solves an issue I wouldn't know why they would do that.



> How many people do you have reviewing the code of FreeBSD?


There is no code review like the one that happens with OpenBSD for example.


----------



## throAU (Jul 30, 2013)

AFAIK, FreeBSD is making use of clang and Grand Central Dispatch, both of which were Apple funded and released under a compatible license.

However much of the code flows the other way - OS X makes use of a heap of FreeBSD userland tools in the shell, and I believe various parts of the Unix "layer" within the OS (yes, it is running under Mach) is based on FreeBSD and is caught up to the FreeBSD tree on a semi-regular basis.

Apple is funding clang/llvm because (like FreeBSD) they want to break their dependence on gcc (Which in Apple's case now is pretty much complete.  Pretty sure gcc is no longer installed with Xcode at all).  This is of particular importance to Apple because the gcc people have been dragging their feet on Objective-C features.

edit:
Reference:  http://wiki.freebsd.org/GCD and http://en.wikipedia.org/wiki/Clang


----------



## Avyd (Jul 30, 2013)

throAU said:
			
		

> AFAIK, FreeBSD is making use of `clang` and Grand Central Dispatch, both of which were Apple funded and released under a compatible license.
> 
> However much of the code flows the other way - OS X makes use of a heap of FreeBSD userland tools in the shell, and I believe various parts of the Unix "layer" within the OS (yes, it is running under Mach) is based on FreeBSD and is caught up to the FreeBSD tree on a semi-regular basis.
> 
> ...



So based on these information - how can I trust FreeBSD if I have zero trust in Apple?

That is the only thing keeps me back from using FreeBSD. Compared to Debian, how many people observe at least the code? After version freeze do FreeBSD have enough people to at least run through the code to make sure nothing nasty is included?


----------



## freethread (Jul 30, 2013)

Avyd said:
			
		

> So based on these information - how can I trust FreeBSD if I have zero trust in Apple?


 
Many people trust in god. FreeBSD sources are open, you can trust in what you see (and than you know) or in what you guess to know.


----------



## drhowarddrfine (Jul 30, 2013)

Avyd said:
			
		

> So based on these information - how can I trust FreeBSD if I have zero trust in Apple?



Apple isn't writing the code but, even if they are, it's still in the open and looked at by other people. Someone, earlier, said there is no code review. Somebody reviews the code somewhere before it's allowed in the system. FreeBSD doesn't allow just anything submitted to make it to RELEASE without reviewing it.

Your comment about Apple letting third parties into their system also doesn't apply to FreeBSD because FreeBSD is not "their system". What Apple does behind closed doors will be far different than what it does out in the open.

But this whole discussion is just tin-hat stuff anyway that doesn't apply to 99.9999% of us.


----------



## jrm@ (Jul 30, 2013)

Avyd said:
			
		

> So based on these information - how can I trust FreeBSD if I have zero trust in Apple?


Clang is not part of the base of the default compiler in FreeBSD 9, although it will be in FreeBSD 10.  Furthermore, Apple is one of many contributors to the Clang project.  The code is open.  Check it for yourself if you don't trust it.



			
				Avyd said:
			
		

> That is the only thing keeps me back from using FreeBSD. Compared to Debian, how many people observe at least the code? After version freeze do FreeBSD have enough people to at least run through the code to make sure nothing nasty is included?



Tell us how many people "observe at least the code" of Debian and we'll then give you an exact comparison.


----------



## SirDice (Jul 30, 2013)

jrm said:
			
		

> Clang is not part of the base of FreeBSD 9,


Correction, it is. It's just not used as the default compiler. That's still GCC.


----------



## youngunix (Jul 31, 2013)

Avyd said:
			
		

> So based on these information - how can I trust FreeBSD if I have zero trust in Apple?
> 
> That is the only thing keeps me back from using FreeBSD. Compared to Debian, how many people observe at least the code? After version freeze do FreeBSD have enough people to at least run through the code to make sure nothing nasty is included?



Wow! I thought I was a nut for taking extreme measures when it comes to security. 

Not everybody wants to drive a car-bomb into a building, there are those that preserve life and those that don't. Same way with software, that's why the Free Software Foundation, OpenSource movements and much more came to be. When it comes to BSD and Linux, you can browse sources, download and/or alter them to your liking or participate in the development of their Operating Systems or software. That way, you can track/inspect the codes, unlike Apple and Microsoft. Ultimately, you really have no choice but to choose one of the four choices, unless you brew your own Operating System.


----------



## throAU (Jul 31, 2013)

Avyd said:
			
		

> So based on these information - how can I trust FreeBSD if I have zero trust in Apple?
> 
> That is the only thing keeps me back from using FreeBSD. Compared to Debian, how many people observe at least the code? After version freeze do FreeBSD have enough people to at least run through the code to make sure nothing nasty is included?



You can read the source code like everybody else - or trust that the FreeBSD team have checked it.

Do you trust Google? Microsoft? HP? Oracle?  Adobe?  There are plenty of other companies who contribute code to many open source projects or supply applications which you pretty much need these days.


p.s.

Apple are a major contributor to webkit.  Which powers Chrome, Safari and Opera.  Pretty much any current browser which isn't Firefox.

If you're truly as paranoid as you indicate here, how are you sure that the firmware in your NIC is not compromised, or that the microcode in your CPU isn't?  I'd be far more worried about that, than possible bugs in an open source project with source code freely available.


----------



## SirDice (Jul 31, 2013)

After rummaging through my drawers looking for my tin-foil hat I found an old document I think you should read. Even if you have access to the code and can read it it's still no guarantee there's nothing 'bad' going on. But at some point you have to trust _something_. 

Reflections on Trusting Trust


----------



## KNOStic (Jul 31, 2013)

And I'll add to the thanks, that this is something I've had to tell many over the years new to security. The code is perfect. You've audited it until you dropped. But do you really trust the compiler that generated the OBJ code from it?

Their face when ... Thanks for that reiteration, bro!


----------



## Avyd (Jul 31, 2013)

youngunix said:
			
		

> Wow! I thought I was a nut for taking extreme measures when it comes to security.



The deeper you dig inside, you more problems you see. Just go to a hackerspace and have some conversations. There are much more paranoid people than me, like I'm not sure I am one.



			
				throAU said:
			
		

> You can read the source code like everybody else - or trust that the FreeBSD team have checked it.
> 
> Do you trust Google? Microsoft? HP? Oracle?  Adobe?  There are plenty of other companies who contribute code to many open source projects or supply applications which you pretty much need these days.



I do not trust any of them.
On my own physical computers I don't use closed source software. On virtual machines I can separate untrusted ones.



			
				throAU said:
			
		

> p.s.
> 
> Apple are a major contributor to webkit.  Which powers Chrome, Safari and Opera.  Pretty much any current browser which isn't Firefox.
> 
> If you're truly as paranoid as you indicate here, how are you sure that the firmware in your NIC is not compromised, or that the microcode in your CPU isn't?  I'd be far more worried about that, than possible bugs in an open source project with source code freely available.



We still have Xombrero/xxxterm or Conkeror, which are keyboard based and faster to browse and better to configure. For gui we have Firefox or Konqueror.
Chromium may be ok for non-serious things or if flash is really needed.

Trusting hardware is an important, but rarely discussed topic. Just look at vPro feature in Intel which provides remote hw management. You can disable it theoretically or replace your NIC which does not support that..etc.
Observing your network can help you identify if something is not ok with your hardware - with that you can at least make sure if something nasty is inside it won't go out from your current network.



			
				SirDice said:
			
		

> After rummaging through my drawers looking for my tin-foil hat I found an old document I think you should read. Even if you have access to the code and can read it it's still no guarantee there's nothing 'bad' going on. But at some point you have to trust _something_.
> 
> Reflections on Trusting Trust



Thank you for the document, I have read it and made me think about a Trust System which contributors join, check each other's code and give trust levels. Just like gpg.


----------



## vanessa (Jul 31, 2013)

@Avyd
Aren't you afraid of posting such questions in open space when you now officially know about the existence of Prism and Tempora? The chance is that your IP address is being logged and bugs are being installed in your home over night. 

But seriously, think about how beautiful life could be with less fear. Don't take me wrong - I don't intend to laugh at you! But if you are not a suicide bomber or similar, your activities are of no interest to the agencies, as spying also costs money. Fear of chasing on the other hand is a very popular problem among many of us.

Just my 2 cents.


----------



## Avyd (Jul 31, 2013)

vanessa said:
			
		

> But seriously, think about how beautiful life could be with less fear.



..so religion saved you with a little pinky cloud. Amen.

But seriously, I just wanted to know the connection between FreeBSD and Apple.

It's not being paranoid, but being curious. Hackers are curious.

I'm not intended to reply for the other parts as these would be too off-topic.


----------



## drhowarddrfine (Jul 31, 2013)

> Even if you have access to the code and can read it it's still no guarantee there's nothing 'bad' going on.


As I said, though, it's better than code that's behind closed doors that no one can see. Then you're putting trust in the keyholder.





> But at some point you have to trust something.


Exactly!


----------



## drhowarddrfine (Jul 31, 2013)

Avyd said:
			
		

> Just go to a hackerspace and have some conversations. There are much more paranoid people than me


Just go to reddit or ANY forum and you'll find far more.


----------



## drhowarddrfine (Jul 31, 2013)

vanessa said:
			
		

> your activities are of no interest to the agencies



Exactly the point I drive home to everyone for years.


----------



## vanessa (Jul 31, 2013)

You didn't guess it right about the religion - I am a glowing atheist and react mostly allergic to 'believers'.

Regarding your concerns: yes, the question is interesting. There are however dozens of ways not involving IT in order to  get information or chase someone down. So, if you are endangered, it wouldn't be enough to use a secure open source OS.

By the way, has Apple seriously donated the cosmical amount of 99$ to FreeBSD (regarding the list)? Wow! I'm impressed!

For me it sounds as would Apple ridicules FreeBSD after profiting so much from the project.


----------



## SirDice (Jul 31, 2013)

As for the code review, after many years I _think_ this is how it works. If there's somebody more knowledgeable than me please chime in. 

As far as I know there's only a handful of people that have commit access to the source tree. I believe there's a distinction made between userland and kernel but some people may have access to both. Patches can come from everywhere, the mailing-list or, preferably, via the send-pr system. Because only a handful have commit access they will need to 'review' the code.  

I was more thinking about the review process of OpenBSD code but that's probably more of an audit than a review. In this respect the FreeBSD code isn't being audited in the way the OpenBSD code is. But, there's a lot of 'cross-pollination' going on between the different BSDs. If OpenBSD finds some major issue the solution will eventually find it's way to FreeBSD and vise verse.


----------



## Avyd (Jul 31, 2013)

vanessa said:
			
		

> You didn't guess it right about the religion - I am a glowing atheist and react mostly allergic to 'believers'.



Looks like guessing is not working between us 



			
				vanessa said:
			
		

> Regarding your concerns: yes, the question is interesting. There are however dozens of ways not involving IT in order to  get information or chase someone down. So, if you are endangered, it wouldn't be enough to use a secure open source OS.



Definietly.



			
				vanessa said:
			
		

> By the way, has Apple seriously donated the cosmical amount of 99$ to FreeBSD (regarding the list)? Wow! I'm impressed!
> 
> For me it sounds as would Apple ridicules FreeBSD after profiting so much from the project.



"Apple Matching Gifts" - Funny, they donated more than in 2012.

There is also "Steve Jobs, in memory of" and "Microsoft Matching Gifts Program".

Thank you for mentioning, but besides it's funny, I don't think it makes things different in the development.


----------



## CurlyTheStooge (Jul 31, 2013)

SirDice said:
			
		

> But at some point you have to trust _something_.
> 
> Reflections on Trusting Trust



Thanks @SirDice. That was a good read.

Regards.


----------



## youngunix (Aug 1, 2013)

vanessa said:
			
		

> I am a glowing atheist and react mostly allergic to 'believers'.



HEY! I believe in FreeBSD, its developers and founding fathers ï¿½jr . Don't you take that away from me, you lady with a beautiful name ï¿½e .


----------



## throAU (Aug 1, 2013)

SirDice said:
			
		

> After rummaging through my drawers looking for my tin-foil hat I found an old document I think you should read. Even if you have access to the code and can read it it's still no guarantee there's nothing 'bad' going on. But at some point you have to trust _something_.
> 
> Reflections on Trusting Trust



Pretty much (I've read that article back in the mid-late 90s as well). Worth noting is that the article is from 1972 and the government has no doubt been well aware of how to do this since then or even previously.  How much do you trust your device firmware?

At some point it comes down to risk vs. cost of mitigation.

The cost to write your own software entirely from scratch (in machine code, to avoid Thompson's compiler trojan scenario) for your own hardware design, manufactured by yourself (to avoid microcode/firmware bugs by the OEM) is just way too much.  Abandoning computer use entirely would be far less costly in terms of time, money and lost functionality.

By the way, Konqueror runs Webkit, and there are proof-of-concepts to escape the VM sandbox on x86.

What are you going to observe your network with?  Unless it's an oscilloscope (and you are manually decoding each frame by observing the waveform on the wire), then you are trusting what the firmware in your machine's network adapter is relaying to you.  It may well be silently processing frames and not letting you view them due to firmware level bugs (as in, the surveillance kind).

And even if you do all that - as soon as you hit your ISP's router, you're boned.  Even if you run your own clean-room implementation of IPsec, if you talk to any other machine with it, you're boned.

So you're going to be limited to IP over avian carrier.

But do you trust the birds?

The latency sucks, too.


----------



## Avyd (Aug 1, 2013)

throAU said:
			
		

> Pretty much (I've read that article back in the mid-late 90s as well).
> 
> At some point it comes down to risk vs. cost of mitigation.
> 
> ...



Proof-of-concepts and the percent of occurrences are different. Chance for that is low and even after escaping the VM, with right priveleges set what can an automated software do? And what's more you can have extra security with hardening like grsecurity or similiar (on FreeBSD there should be an alternative).

My machine adapter, my router, my firewall..etc - I don't think all of them would hide connections. Chances for that are low. Combining devices/software helps.

Why would I use IPSec? Mostly companies use that. Home hosts, private servers, company server..etc are different in many ways and shouldn't be treated the same way.

Konqueror is *not* webkit - konqueror.org



> At the heart of Konqueror is the KHTML rendering engine (which was chosen by Apple to create WebKit, which today forms the basis for modern browsers like Safari and Chrome). It currently supports the latest Web Standards such as HTML5, Javascript, CSS3 and others. Alternatively, Konqueror can also use Webkit if you're looking for compatibility across the board.





			
				throAU said:
			
		

> And even if you do all that - as soon as you hit your ISP's router, you're boned.  Even if you run your own clean-room implementation of IPsec, if you talk to any other machine with it, you're boned.
> 
> So you're going to be limited to IP over avian carrier.
> 
> ...



Is the bird encrypted lol?


----------



## throAU (Aug 1, 2013)

Avyd said:
			
		

> Is the bird encrypted lol?



It's just IP, if you encrypt your payloads with IPSec, yes.  You will however need to trust the remote party with a pre-shared key, or trust that they protect their certificate if you use certificate based auth.

re: Konqueror, my bad.  However, apple did contribute to KHTML before they forked it into webkit if I recall correctly.

Do you trust Trolltech?  They wrote QT and KDE (thus, Konqueror) uses QT.



			
				Avyd said:
			
		

> Proof-of-concepts and the percent of occurrences are different. Chance for that is low and even after escaping the VM, with right priveleges set what can an automated software do? And what's more you can have extra security with hardening like grsecurity or similiar (on FreeBSD there should be an alternative).



Depending on how paranoid you are - proving an occurrence may be extremely difficult if your hardware lies to you.  If your CPU microcode is subverted (and it is far more "closed" than FreeBSD), all bets are off.  I would argue that the chances of FreeBSD being tainted by Apple are "low" but in your book it is cause for concern.  VM escape is of similar level of risk, if not more so, in my opinion.  People have actually demonstrated exploits for it in the past - no one has demonstrated that FreeBSD is compromised yet.  If I was the NSA, I'd be getting Intel and AMD on board to subvert the CPU, and I'm sure the NSA has far more devious people than me on board who are paid in full-time employment to think up ways to do this sort of thing.



> My machine adapter, my router, my firewall..etc - I don't think all of them would hide connections. Chances for that are low. Combining devices/software helps.



Don't think?  Why not?  You can't be sure.  If you're paranoid enough to not trust open source software because Apple has contributed (even though the source is available for you to analyze and compile yourself), then I don't think you're being sufficiently paranoid enough (i.e., paranoid to the same level) here.



> Why would I use IPSec? Mostly companies use that. Home hosts, private servers, company server..etc are different in many ways and shouldn't be treated the same way



You'd use IPSec so that only the intended party can see the contents of your packets.  Otherwise, you can take all the precautions you like on your own computer and your own network, but as soon as the packets hit the internet, they can be intercepted and analyzed.

All that said - this level of paranoia is just not something you can mitigate.  What you CAN do is to run open source software, encrypt your data, don't trust any sort of "encryption" where you didn't personally generate and hold the private key(s) and consider what you expose to the internet.  Beyond that, unfortunately it's simply too hard.


----------



## Crivens (Aug 1, 2013)

Avyd said:
			
		

> Is the bird encrypted lol?



No, but it may be hacked in transit. But you will see that in the packet loss 

The cost ./. benefit was mentioned in this thread. May I add the "risk" dimension in this? Open source enables people to check code, and if you want to place something in the source then you have the risk of being found out. And with analyzing the traffic, checking for dodgy remote maintainance traffic - it is sufficient that one check for this is turning up proof for the yell to go around the planet. You want to secretly mess with someone, you need to limit the risk of being found out. If you are found out, but do not know that, then you might be fed "interesting" things. So, considering you want to do $BAD_THING to other users, how big is the risk that more than zero users judges the cost/benefit ratio acceptable to check for something going on? Like some PhD students? Or some other agency/company who might love to catch you in the cookie jar?

There is no absolute trust. There is only _zool_^h probabilities. You can modulate that some, by choosing to work with tools not easily compromized - but what is acceptable for you is up to you.


----------



## Avyd (Aug 1, 2013)

throAU said:
			
		

> Don't think?  Why not?  You can't be sure.  If you're paranoid enough to not trust open source software because Apple has contributed (even though the source is available for you to analyze and compile yourself), then I don't think you're being sufficiently paranoid enough (i.e., paranoid to the same level) here.



You can't be sure about anything actually and everything is relative, right?



			
				throAU said:
			
		

> You'd use IPSec so that only the intended party can see the contents of your packets.  Otherwise, you can take all the precautions you like on your own computer and your own network, but as soon as the packets hit the internet, they can be intercepted and analyzed.



I meant to ask why use IPSec when we have OpenVPN which is faster and more simple? But that can be just personal preference of course.



			
				throAU said:
			
		

> All that said - this level of paranoia is just not something you can mitigate.  What you CAN do is to run open source software, encrypt your data, don't trust any sort of "encryption" where you didn't personally generate and hold the private key(s) and consider what you expose to the internet.  Beyond that, unfortunately it's simply too hard.



Trying. Some people do, some not, but if you don't even try your best because it's "too hard".. well, you can use Windows.

Probably you think it's paranoia because you are glued to an American way of thinking. European people think differently - try to think like a German and you will understand.

Apple is not trusted in dealing with privacy. Anyone who trust them is not so clever. You can easily avoid their software.

You still speak about paranoia, but the question if we can trust the code base that is inside the system or not? That is still not clarified. We know only that the *code is not really reviewed* and some codes are accepted from Apple.

For further information I will contact the devs because this topic does not seem to have an and and we are not so close to the point.


----------



## drhowarddrfine (Aug 1, 2013)

> Apple is not trusted in dealing with privacy. Anyone who trust them is not so clever. You can easily avoid their software.


Yeah. That's why you should use Microsoft ... oh ... wait ...
Yeah. That's why you should use Intel ... oh ... wait ...
Yeah. That's why you should use ... oh ... wait ...


----------



## Anonymous (Aug 1, 2013)

@Avyd, you are not the only German in the world, so please speak for yourself and not for others. How about putting a "I think, ..." or "In my opinion, ..." or even more friendly and abbreviated "IMHO, ..." in front of your statements?

IMHO, as a German, @drhowarddrfine is right with his perception about your paranoia.



			
				Avyd said:
			
		

> ... try to think like a German and you will understand.
> 
> Apple is not trusted in dealing with privacy. Anyone who trust them is not so clever. You can easily avoid their software. ...



I am following the activities of Apple since 1984, and I trust Apple much more then I ever would trust you. You come here with a completely anonymous profile, finally claiming to be German, and are trolling against companies, communities, people of other nations and cultures. For me this is enough.

@all please understand, that not all Germans think like the OP.

Many people in the world disagree or are even upset about the NSA activities. By the way, according to recent surveys about 45-50 % of the US people do not like it too much, this accounts for about 150 million US people and this is well more than the total population of Germany.


----------



## jrm@ (Aug 1, 2013)

Avyd said:
			
		

> ..try to think like a German and you will understand.


I tried it once, but my basal ganglia nearly exploded, so I vowed to never do it again.



			
				Avyd said:
			
		

> For further information I will contact the devs because this topic does not seem to have an and and we are not so close to the point.


I appreciate your skepticism, really, but it's not clear how to give you the information you are looking for.  Others have told you, generally, what Apple contributes and the code is open.  Unfortunately, nobody can give you a guarantee that all code is bonafide.


----------



## kpa (Aug 1, 2013)

What really amuses me is this very naive perception that code contributed by someone is readily usable on the target platform and there for it is easy to have things "slip trough the cracks" when it gets imported. This is very very far from the reality. If you take the ZFS implementation in FreeBSD as an example, the code from OpenSolaris was totally unusable in its pristine form for FreeBSD because the kernel internals are so different. Essentially a number of people, very bright and professional people, had read trough the code and figure out how to make that mess into something that could work on FreeBSD. You are suggesting that it was still possible to something slip by in that process and make it into FreeBSD and form an exploitable backdoor and nobody would notice? You're living in a fantasy land my friend.


----------



## graudeejs (Aug 1, 2013)

SirDice said:
			
		

> After rummaging through my drawers looking for my tin-foil hat I found an old document I think you should read. Even if you have access to the code and can read it it's still no guarantee there's nothing 'bad' going on. But at some point you have to trust _something_.
> 
> Reflections on Trusting Trust



Awesome read.


----------



## drhowarddrfine (Aug 2, 2013)

rolfheinrich said:
			
		

> IMHO, as a German, @drhowarddrfine is right with his perception about your paranoia.



Well, I am half German. Some call me a half-wit.


----------



## throAU (Aug 2, 2013)

Also... Apple were involved in mklinux (contributed code) which has since been pulled into the mainline kernel if I'm not mistaken.

So, the Linux kernel is potentially "tainted" too. CUPS (printing) has had Apple's hand in it.


Confirming:  Apple have contributed much code to KHTML:  http://blogs.kde.org/2005/05/13/webcore-khtml-firefox-know-your-facts


----------



## Avyd (Aug 2, 2013)

rolfheinrich said:
			
		

> @Avyd, you are not the only German in the world, so...



So it looks like you misunderstood: I didn't say I'm German by any words, but I know many of them. Some of them are hackers, sysadmins and programmers - all of them take privacy seriously.

@kpa,
Nobody is speaking about script kids.



			
				throAU said:
			
		

> Also... Apple were involved in mklinux (contributed code) which has since been pulled into the mainline kernel if I'm not mistaken.



Contributing and reviewing is not the same as contributing. It's not only about Apple since we can't see a clean process how code is added/modified.

I'm not saying it's only about FreeBSD, but ignoring clean processes leads to a worst quality.


----------



## Crivens (Aug 2, 2013)

Avyd said:
			
		

> Probably you think it's paranoia because you are glued to an American way of thinking. European people think differently - try to think like a German and you will understand.
> ...
> We know only that the *code is not really reviewed* and some codes are accepted from Apple.



It's not so much (only) a way of thinking. Thinking can only draw from experiences and imagination. Norway, for example, is a European country but the citizens there had never any reason to distrust on that level you find in Germany or some other countries. Hopefully they will never have reason to do.

And as far as code reviews go - you can only spot things in a review if the one placing them there puts them where you may find them. If someone who is a lot smarter or a lot more experienced than you _wants_ to slip something past you - you are likely not going to find it. Reviews are not the silver bullet they are thought to be.



			
				jrm said:
			
		

> I tried it once, but my basal ganglia nearly exploded, so I vowed to never do it again.


Ouch, that hurts my national pride. 
Oh, wait - with our current buffoons-in-power (a nice example of Germans who think nothing of spying) this pride is somewhat limited.

@kpa Please do not state that ZFS was a mess without citing proof. I'd love to read other opinions about that code base. Most software, once ripped out of it's native habitat and being shoe-horned into another, looks like that. I'm pretty sure that the development of ZFS was done with much care, but the coding style is pretty obscure. That I would agree to instantly. And having done this once or twice in my life, I can also support your point that you either spot anything dodgy while doing so, or it simply does not work afterwards.


----------



## throAU (Aug 2, 2013)

OK to turn this situation on it's head:  FreeBSD core is a more stringent review process than Linux's.

Linus has final say on the official Linux kernel, sure.  But few distributions use his vanilla kernel.  Or vanilla packages either.  Most of them have distribution specific patches and there's no telling what they've done.

And as per the above post:  code review isn't a silver bullet.  Outside of kernel space, Debian for example had a random number generator vulnerability in OpenSSL for over 18 months.  This vulnerability was *inserted into Debian* by a code reviewer who didn't know what he was doing, and thought he'd clean the code up.  

All code that codes into FreeBSD base is reviewed by the core team before it is included.

For the record, I'm not American and am one of the more paranoid network admins you'll meet.  But you can only go so far before we're so deep into tinfoil territory that if we're at that point, you're almost certainly compromised at a far lower level than you will ever detect.

Apple do not contribute to FreeBSD un-checked.  If this is what concerns you:  It doesn't work like that.



edit:
As to the ZFS code being a "mess".  I don't think that was a comnment on the code quality.  Merely that the architectures were so different that it essentially needed to be untangled and re-written for FreeBSD to fit the FreeBSD way.


----------



## kpa (Aug 2, 2013)

throAU said:
			
		

> edit:
> As to the ZFS code being a "mess".  I don't think that was a comnment on the code quality.  Merely that the architectures were so different that it essentially needed to be untangled and re-written for FreeBSD to fit the FreeBSD way.



Yes, that's what I meant and I was exaggerating a little bit more than was needed. I do have experience of maintaining and developing code that was originally written by someone else and it's an analogous situation to importing contributed code from someone else to your own work. Programming languages like C tend to give you lot of freedom  about how you express certain programming idioms and it can devilishly hard sometimes to grasp what the original author meant with certain piece of code if there are no comments to help you. 

I do know that such obfuscated code can be used to hide something nasty but the it's rare to have long sections of the code written in such manner so it's very unlikely that a few lines of obfuscated code could make up a back door into the final program. There are of course exceptions. One quite famous one was in Linux kernel where a malicious commit changed an equivalence check in a syscall implementation into an assignment and the result was that any process calling the syscall got root priviledges right away. The commit didn't make into the kernel because it was caught quite early.


----------



## jrm@ (Aug 2, 2013)

Avyd said:
			
		

> ..try to think like a German and you will understand.
> 
> 
> 
> ...



Oh my.  I can now see how that might have been interpreted as an insult.  It wasn't meant to hurt anyone's pride, just my weak attempt to poke fun at the statement.  On the other hand, if I may perpetuate the stereotype a little, I would agree that the overall mood in Germany is a little more cautious about these things.  At least that was my impression after having lived there for a few years.

In any case, good luck to you @Ayad on your code vetting explorations.  Please consider reporting back if you discover anything interesting.


----------



## phoenix (Aug 2, 2013)

kpa said:
			
		

> What really amuses me is this very naive perception that code contributed by someone is readily usable on the target platform and there for it is easy to have things "slip trough the cracks" when it gets imported. This is very very far from the reality. If you take the ZFS implementation in FreeBSD as an example, the code from OpenSolaris was totally unusable in its pristine form for FreeBSD because the kernel internals are so different. Essentially a number of people, very bright and professional people, had read trough the code and figure out how to make that mess into something that could work on FreeBSD.



You may want to do some reading through the history of ZFS in FreeBSD.  For example, a single person did the initial import into FreeBSD 7-STABLE (Pawel Jakub Dawidek), and he did in a matter of days (or hours?  I can't find the e-mail where he mentioned just how little time it took to make it work on FreeBSD due to GEOM and how portable the ZFS code was).  Sure, over the years since then, several people have worked on it, and brought newer versions over and newer features and fixed bugs, etc.  But the initial import was easy.  It wasn't nearly the mess you make it out to be.


----------



## wblock@ (Aug 2, 2013)

"Easy" is probably not the right word.  For instance, most programs don't have a paper written about their porting process.  And that paper describes how a Solaris compatibility layer was written.


----------



## phoenix (Aug 3, 2013)

I was commenting more on "how much of a mess the ZFS code is" and how that made it so hard to port to FreeBSD ... which is the opposite of what Pawel reports.


----------



## kpa (Aug 3, 2013)

Yeah... I have to take back my claims about ZFS being hard to port to FreeBSD. My point still stands that it's not easy plant backdoors in form of contributed source code. Someone may have a better example of something that required a major rewrite when it was imported to FreeBSD, PF perhaps?


----------



## Crivens (Aug 3, 2013)

jrm said:
			
		

> Oh my.  I can now see how that might have been interpreted as an insult.


No offence was taken, at least not by me. That's why the "" was in place.


----------



## neelwebs (Aug 3, 2013)

throAU said:
			
		

> Apple are a major contributor to webkit.  Which powers Chrome, Safari and Opera.  Pretty much any current browser which isn't Firefox.



Google forked WebKit back in April as Blink, and Opera uses Blink in its newer versions, so only Safari uses WebKit. And don't forget Internet Explorer. IE isn't WebKit-based either.


----------



## throAU (Aug 5, 2013)

neelwebs said:
			
		

> Google forked WebKit back in April as Blink, and Opera uses Blink in its newer versions, so only Safari uses WebKit. And don't forget Internet Explorer. IE isn't WebKit-based either.



Sure.  It's still mostly WebKit unless you think that Google have re-written the majority of it in the couple of months the fork has been around for.  Hint: It's probably 95-99% WebKit.

And if you're paranoid about Apple's involvement in free software and yet are willing to give Google a free pass you're pretty naieve.

I didn't include Internet Explorer because it's not available on non-Windows platforms, and Opera's market share is so insignificant as to be comparable to a statistical rounding error (and as above for Google - Blink = WebKit anyway).


----------



## kpa (Aug 5, 2013)

throAU said:
			
		

> I didn't include Internet Explorer because it's not available on non-Windows platforms, and Opera's market share is so insignificant as to be comparable to a statistical rounding error (and as above for Google - Blink = WebKit anyway).



IE was actually available on non-Windows platforms back in the day but that was at the time of versions 4 and 5. I have used the Solaris version and it was probably the worst browser I've ever used...

http://en.wikipedia.org/wiki/Internet_explorer#OS_compatibility


----------



## throAU (Aug 5, 2013)

Even so, IE on non-windows platforms used a different rendering engine (i.e., it wasn't really IE).  The Mac version at the time was actually more standards compliant/better than the Windows version.  But yeah, talking ancient history there - circa 1998-2000.


----------



## Crivens (Aug 5, 2013)

I remember using gopher and mosaic. Does that make me a fossil?


----------



## kpa (Aug 5, 2013)

Crivens said:
			
		

> I remember using gopher and mosaic. Does that make me a fossil?



I started using the internet in 1991 when there wasn't any WWW browser available, what does that make me?


----------



## drhowarddrfine (Aug 5, 2013)

throAU said:
			
		

> Sure.  It's still mostly WebKit unless you think that Google have re-written the majority of it in the couple of months the fork has been around for.  Hint: It's probably 95-99% WebKit.



Don't have a percentage but Blink had large portions of legacy code removed from it but not as much added back in. A number of those things added in were done by Opera. That was one of the points of Blink. To speed things up and make it easier to maintain and update without all the legacy stuff.



> Opera's market share is so insignificant


Opera, by far, was the biggest on mobile till recently. It still is significant, and I'm supposed to know what percentage it is, but I've forgotten at the moment and I'm too lazy to look it up.


----------



## drhowarddrfine (Aug 5, 2013)

Crivens said:
			
		

> I remember using gopher and mosaic.



An interesting thing is, Marc Andreessen wrote Mosaic, which Microsoft licensed and turned into Internet Explorer. Andreessen also formed Netscape and wrote the Netscape browser. He was asked by Charlie Rose why he didn't use Mosaic code. "Cause it's terrible!", he said. So Andreessen had a hand in creating the two most popular browsers on the planet.

Andreessen formed Netscape with Jim Clark of Silicon Graphics. I used to sit near Jim when I worked at Silicon Graphics. He would come into the cafeteria and sit down just like anyone so talking to him was easy. 

I want to say I heard him talking about browsers on occasion back then, and I even want to say I once saw Andreessen there, but you know how memories can distort into facts.


----------



## Crivens (Aug 5, 2013)

kpa said:
			
		

> I started using the internet in 1991 when there wasn't any WWW browser available, what does that make me?


.oO(Trilobite)?

Those were the days, the newsgroups were good and the amount of idiots seemes to have been a lot less.


----------



## throAU (Aug 6, 2013)

drhowarddrfine said:
			
		

> Opera, by far, was the biggest on mobile till recently. It still is significant, and I'm supposed to know what percentage it is, but I've forgotten at the moment and I'm too lazy to look it up.



Not even close, in terms of mobile, Safari has about 50% of the market.


----------



## Savagedlight (Aug 6, 2013)

According to statcounter.com, the top mobile browsers are Android (28.64%), iPhone (22.43%), Opera (15.73%). Chrome was down at 3.77%. I assume 'Android' means whatever is the default browser on Android phones (used to not be Chrome) and iPhone meaning whatever is default on those (Safari I reckon?).

I don't see how that makes Opera insignificant.

@throAU: I'd love to see a source for your claim.


----------



## kpedersen (Aug 6, 2013)

In some ways I actually have similar concerns to Avyd.

I use the firewall in Windows for example not to keep intruders out but to keep all the spyware in, such as online DRM, online updaters, message reporters and all that other shite.

If Apple was a major contributor to FreeBSD I am sure they would have some very smart way to convince people that adding spyware to the source code was a _good_ idea. Just look at what Canonical did with a _released version_ of Ubuntu. Did no-one check the code there before it went out? We hadn't even heard that this was planned until consumers had actually installed it. Funnily enough, the code is still in there (albeit disabled by default for now until they catch everyone off guard again in another future release.)

There are some people in this world who think that online activation is a good thing to do and if they take over an open-source project, it is going to be an awful lot of work for me to keep up-to-date with patches removing that sort of stuff before I use it.


----------



## throAU (Aug 7, 2013)

Here shows Mobile Safari with 58% of the market last month.

Opera Mini is doing a lot better than I thought, with 9%.

And here is how the stats are collected.

Anecdotally, *where I live*, iPads out-number other tablets more than 10:1 in terms of what I've personally seen in the wild and what people are asking to attach to our WIFI network.


----------



## Crivens (Aug 7, 2013)

kpedersen said:
			
		

> If Apple was a major contributor to FreeBSD I am sure they would have some very smart way to convince people that adding spyware to the source code was a _good_ idea.



That would be a great trick, I would say. You can fool all people for some time, etc... But there are always things which I, for one, would not go with. The best place to drop some lock in code would be a central place, like the kernel. Apple uses a different kernel, so that central point would not work. Slipping in something in the userland is not as easy.

The only thing that would work would be, IMHO, that they provide something that gives benefit, and you pay for it with online interaction. What would you, for example, say to a version of XCode for FreeBSD which consumes 10% of your CPU for BitCoin mining? Or maybe for seti@home or any other @home client? That would be something I would consider, and in case of the @home clients would be willing to investigate and maybe try. Because I would love XCode for FreeBSD.

The problems of Ubuntu are more to the general management culture. Management often thinks that such decisions can be commanded unto you. And then, to say it with the words of Terry Prattchet, they look at the rebelling masses like a lawn mower at the grass that just formed a union. Only many of that grass don't care.


----------



## ikbendeman (Sep 12, 2013)

I believe Konqueror has a mode for Webkit and KHTML.


----------



## xibo (Sep 12, 2013)

ikbendeman said:
			
		

> I believe Konqueror has a mode for Webkit and KHTML.



If you're refering to kwebkitpart, that is a FreeBSD-only thing written by one of the kde@ people and not part of the KDE SC.

The Webkit Konqueror is rekonq and it does not offer the ability to switch the rendering engine back to KHTML.


----------

