Oct 12, 2016

Surprised that it's not a port of bhyve.

I also found some slides from the authors of vmm/vmd:



(found on https://wiki.freebsd.org/bhyve)

Jun 29, 2016

Great links, thanks!

Defense in depth is a good strategy, and it's definitely good to see QubesOS doing their thing. I'm glad to see activity in the secure computing space regardless of which OS is the most secure.

Since the focus of the thread is reliability, I'd like to point out one common criticism of OpenBSD (such as in your link [1]), which is that they aren't actually focused on security as they are on writing correct, quality code.

...Is that actually a downside? I like correct, quality code. And if that approach happened to get them 90% of the way to a secure system, that's just a cherry on top. What I like most about OpenBSD is how starkly simple it is. Yes, technologies lag behind somewhat - they just got support for EFI and 802.11n - but in OpenBSD something either works or it doesn't. Nothing in the base system is obviously busted.

A native OpenBSD hypervisor[0] is finally in the works, so in the future it might be possible to build a Qubes-like thing on top.

[0] "OpenBSD vmm/vmd Update" http://bhyvecon.org/bhyvecon2016-Mike.pdf