why do entreprises buy it if there are free distro

with redhat features?

<b>aaron:</b> They also sell support for their whole product and companies chose to buy the full package. Same goes for SuSE. Ubuntu makes a competing distribution that is without cost. Some companies chose to use theirs.

the payed features are not completely open source, some of em are exclusive

thats how they make money

if they make everything open source

<b>aaron:</b> My company pays for SuSE Linux licenses and support. We do not use a single closed source package or service from SuSE.

then everybody can make its own software from the source and (the product will not be excusive)

<b>aaron:</b> We also do not use a single SuSE Linux exclusive program.

we are talking about close source

don't tell about your company

why do we use reverse?

because some companies uses closed sources

programs

<b>aaron:</b> You where talking about commercial software. SuSE enterprise Linux is a commercial piece of software.

we do black box pentesting to understand its logic

and exploit it

and find the issues

we sometimes can even exctract the code source

from it

<b>aaron:</b> You where talking about commercial software. SuSE enterprise Linux is a commercial piece of software.

I was talking about the complete commercial closed source programs

there are commercial softwares which are based on open source ones

<b>aaron:</b> Sneaky Head (Telegram): Again, commercial and source are not related. Commercial means for money, from a company. This is different than source access.

read what I've said and u will realize that I didn't say the contrary of what u said but u are still deying the idea of closed source that's your problem

<b>aaron:</b> Sneaky Head (Telegram): Again, there is no need for insults. I will happily refer you to a dictionary if English is not your first language.

commercial != closed source exclusive commercial == closed source

<b>aaron:</b> Sneaky Head (Telegram): Again, there is no need for insults. I will happily refer you to a dictionary if English is not your first language.

Show me where is the insult sir smarty?

<b>aaron:</b> Sneaky Head (Telegram): Again, there is no need for insults. I will happily refer you to a dictionary if English is not your first language.

I am okay with my english, I can transmit the message perfectly thanks mr smart, and am still observing and learning from u to see something new

next time try to understand rather than aguing about something u ignore ^^ and sorry for disturbing ye

<b>aaron:</b> Sneaky Head (Telegram): I can assure you, you can not transmit your message perfectly as we seem to be talking in circles. And nor do you seem to have the patience to clarify your message without resorting to insults. I'm not really sure there's any value in continuing this conversation.

<b>aaron:</b> Sneaky Head (Telegram): I can assure you, you can not transmit your message perfectly as we seem to be talking in circles. And nor do you seem to have the patience to clarify your message without resorting to insults. I'm not really sure there's any value in continuing this conversation.

am still waiting from u to show this insults, and there still have no traces of an answser, Though I've asked if u know something about seucrity and reverse engineering and u said no, So how I can debate with a person who cannot understand what am saying? and has no idea about the sec field? it is normal that we're still turning in circle because I am talking with someone who doesn't know what am talking about!

in this case

nothing better than documentation

and searching

never argue with someone about something u ignore (advice)

<b>aaron:</b> Sneaky Head (Telegram): I know enough about both reverse engineering and security to carry on a discussion. I simply have no interest in the fields themselves. I learned about these topics from the hardware engineering side, not the security side that most people approach them at.

aaron: Sneaky Head (Telegram): I'll ask you again, you have over 80% of the OSX operating system source available. What of the 20% that remains closed do you feel is essential for your understanding of how the kernel works? What parts can you not simply read from Intel's chip manuals?

<b>aaron:</b> All their x86_64 register distances are in clang anyway.

from this 20% that you are talking there are things can cause security issues; And there are softwares and apps which are compeletely obfuscated and secured and doesn't allow u to crack it, we some people use reverse to make thses stuff publically availbale, and osme others (like security experts) use RE to find loopholes and vulnerabilities and exploits

aaron: Sneaky Head (Telegram): When was the last time someone used register distances to create a vulnerability?

<b>aaron:</b> Sneaky Head (Telegram): And the last time I saw OSX CVEs linked, it was near 100% from open sourced components anyway. The main offenders being fonts and WebKit.

vulnerability is not created, but it is made when produced, if you are talking about CPU registers, I tell that the problem is mostly not there but in memory stacks

<b>aaron:</b> Sneaky Head (Telegram): And the last time I saw OSX CVEs linked, it was near 100% from open sourced components anyway. The main offenders being fonts and WebKit.

Man

<b>aaron:</b> And the memory stack is 100% open and documented code in clang.

executables that we reverse are completely closed source

aaron: The closed bit is register distances (which are available in the Intel CPU manual anyway.)

<b>aaron:</b> And the memory stack is 100% open and documented code in clang.

If you don't know what I mean with stack and buffers that cause buffer over flow vulnerability for example

I can't carry on this dicussion with u

it a the mechansim how the software deals with the memory, and where it causes the bug

there is communication and request/responses between memory and programs

<b>aaron:</b> Sneaky Head (Telegram): I know what stack and buffer overflows are. And as I said from the CVE list, the majority where found in WebKit (open sourced) and the font libraries (also open sourced). None in the power drivers. None in the CPU drivers.

Ok

find me a vulnerability in Windows 10

or one of its programs

or I'll give a 100% program closed source

and please

show me how it work

so u are saying that all the softwares all over the world are open source

<b>aaron:</b> Sneaky Head (Telegram): I don't have a windows box or software available. I dislike their user interface, and have better things to do with my time.

am amazed!

u are the one who is turning in circles and saying illogical things

aaron: Sneaky Head (Telegram): No, I am only saying 80% of OSX is open sourced. Which is the one you mentioned a few days ago. You know, the BSD one?

OSX is closed source, even if they made some features open sourced like Microsoft did

read read

https://en.wikipedia.org/wiki/Comparison_of_open-source_and_closed-source_software

this may help u to understand

documentation is better than arguing

++ for information, many giant companies like Cisco were an open sourced communities at the beginning :)

<b>aaron:</b> Sneaky Head (Telegram): So again, which of the closed source components in OS X do you need source for? As someone who has read the source for many components on all the BSDs and also OS X, there is nothing that I felt was missing for my uses.

OSX is closed source, even if they made some features open sourced like Microsoft did

Uh, you realize they actually post the majority of their sources, right? I mean, I'm not a fan of Apple, but it's just wrong to say that they're not releasing sources for their OS. https://opensource.apple.com/release/macos-10126.html

When you understand that I'm talking about the closed source stuff they release and use a little your brains to understand what am saying then we can carry on our discussion, I said most commercial software companies are closed source they never release the secret behind some softwares for confidential and security and commercial purposes; and that's why RE is here, and not only for Softwares it's even for hardware and many other things, Da hell do u really try to understand or u are doing it intentionally? I never said that commercial things don't release their codes but they only release some

ig u talk about OSX ok maybe I didn't hear that they released they code but try to understand the meaning of what am saying at least

It'd be much easier to understand what you're saying if you didn't jump to insulting us. There's no need for that. When you keep railing on Apple for being closed source/proprietary and we point out to you that they are actually pretty good on releasing their sources for most of their work, that's all this conversation had to be.

No one said that all of OSX/MacOS is open source, just that a lot of it is.

And no one has insulted u :) and after all I was not even talking to u

the strategy of open source has extented more recentely because the open source communities are being more succesful then the commecial ones

For example Microsoft has opned most of their softwares and framworks to become open source and implemented Linux systems into their projects and devices

Welcome mi to BSD , This group is about Berkeley Software Distributions BSD family operating systems. @usebsd

cool logo

I'm new to bsds. Does bsd has selinux or apparmor or anything similar to that?

And if I were to use packages from port collection in freebsd, is it recommended for production use rather than the one from official repo

BSD has capsicum and pledge, as well as jails

And if I were to use packages from port collection in freebsd, is it recommended for production use rather than the one from official repo

Building from ports is generally only used to change compile-time options in a package, or to get a more recent version than is available in the binary repos. You can use both in production.

I see. I notice that some packages gets faster security updates from port collection.

Yep, that's because it's really just patching the sources. It takes more time to actually get it built and packaged

A little question xD

There are some unixlike OS which came without Xterm while installing xorg?

So i can supose xterm will be on all unix-like OS and it's a good choice for portability between linux-bsd?

<b>aaron:</b> VMS (Telegram): No. I know on Gentoo, their X meta-package does not depend on xterm.

aaron: VMS (Telegram): You are generally safe to assume there will be some graphical terminal installed, but why are you depending on a specific GUI application that does not provide any libraries?

<b>aaron:</b> VMS (Telegram): If you really need a graphical terminal for your application, I would recommend embedding Suckless' st or something.

Mmm

suckless.org st - simple terminal https://st.suckless.org/

Ty aaron