Announcing pfSense plus

rcfa

@jegr I think what sound different about this:

In the past it seemed the FE was always CE++; i.e. the base product being developed was CE, and then there are a few goodies, support, and extra testing added.

Now it sounds like a fork: Netscape developing a closed source edition, the community the community edition, and CE going eventually a divergent path, unless it ends up stagnating, where Netgate changes possibly coming back to CE only if Netgate deems it necessary to push changes upstream.

That may not be the reality, but that’s how it sounds.

A closed source nature would go straight back to the security through obscurity paradigm due to which I gave up other proprietary platforms for pfSense, so free home edition would defeat the purpose of using pfSense in the first place.

dennypage

@rcfa said in Announcing pfSense plus:

closed source nature would go straight back to the security through obscurity paradigm

It's wrong to equate "closed source" and "security through obscurity." They are not the same thing.

Cool_Corona

@dennypage When you work in intelligence you know that statement in not true.

Any closed source product has backdoors built in for snooping and thats what opensource should hinder.

dennypage

@cool_corona said in Announcing pfSense plus:

When you work in intelligence you know that statement in not true.
Any closed source product has backdoors built in for snooping and thats what opensource should hinder.

Wow.

Cool_Corona

@dennypage Every US product has to have behind the scenes access for intelligence purposes.

And thats a fact. Not an option.

Cool_Corona

@dennypage Thats why a lot of countries in the EU is skipping Chinese and US products and begun to develop own forks.

rcfa

@dennypage said in Announcing pfSense plus:

@rcfa said in Announcing pfSense plus:

closed source nature would go straight back to the security through obscurity paradigm

It's wrong to equate "closed source" and "security through obscurity." They are not the same thing.

In my book they are: it’s either “blind trust” (obscure) or “trust, but verify” (transparent).

There is by definition no transparency without open source, because, how would you inspect code that’s not open? Reverse compilation? Hack the server and steal the source?
I think it’s obvious how impractical/illegal any acquisition of transparency of a closed source project would be…

rcfa

@dennypage said in Announcing pfSense plus:

@rcfa said in Announcing pfSense plus:

closed source nature would go straight back to the security through obscurity paradigm

It's wrong to equate "closed source" and "security through obscurity." They are not the same thing.

In my book they are: it’s either “blind trust” (obscure) or “trust, but verify” (transparent).

There is by definition no transparency without open source, because, how would you inspect code that’s not open? Reverse compilation? Hack the server and steal the source?
I think it’s obvious how impractical/illegal any acquisition of transparency of a closed source project would be…

JeGr

@cool_corona said in Announcing pfSense plus:

@dennypage Thats why a lot of countries in the EU is skipping Chinese and US products and begun to develop own forks.

Yeah right. That's a very optimistic view on things. So every closed source product has a backdoor, huh. I call bullshit, but hey that's just my opinion. But stating that as a fact is lying as I certainly doubt you have the insight to every freakin' software on the planet that isn't published via an open source license because of different reasons whatever they may be. That's just an opinion of a subset you perhaps know about, but other then that, it's just that - your opinion. A fact would have proof and review.

Also - you really think the top reason for the EU to build their own shit is because of "no backdoors"? I'd rather say they don't like others having the possibility to introduce/force their way into a software but you really think they wouldn't do it themselves? Huh. Weird.

@rcfa said in Announcing pfSense plus:

In my book they are: it’s either “blind trust” (obscure) or “trust, but verify” (transparent).

"Trust but verify" in a software context can be achieved easily by an external audit of which Netgate/pfSense already had one. So perhaps there will be another one in the future? Wouldn't count against it as it's likely to happen for requirements of various reasons (like needs to be certified etc. blah)
"Trust but verify" profits from code being publicly available or open source. But it doesn't need it. OSS is no guarantee for a better product, but it sure can help to achieve it. But all those cries for OpenSource sound a bit stale if noone actually does the work, reads the code, checks the state it is in. And most that argue about it don't.

@rcfa said in Announcing pfSense plus:

There is by definition no transparency without open source, because, how would you inspect code that’s not open? Reverse compilation? Hack the server and steal the source?

Huh? Never heard of audits under contract? They are done all the time. Even big corporations like "evil Microsoft" have contracts with companies so they get access to the source for development or security auditing reasons.

Cheers

Cool_Corona

@jegr I work closely with people in intelligence and foreign Ministry departments regarding embassy and consulates.

US Intelligence has backdoors built in everything thats coming from the US or has US ownership.

https://www.reuters.com/article/us-usa-security-congress-insight-idUSKBN27D1CS

noplan

@cool_corona said in Announcing pfSense plus:

US Intelligence has backdoors built in everything thats coming from the US or has US ownership.

That's bloody f@#&* bullshit

In other words if true and not concerning the obligation in smojecaround the patriot act all us hardware must be banned emediatally from official European institutions

BR Q

Cool_Corona

@noplan And here we go....

https://www.popularmechanics.com/technology/security/a34533340/nsa-tech-back-doors-software/

https://edri.org/our-work/foreign-authorities-are-banning-google-and-microsoft-services-from-schools-the-czech-republic-is-floundering/

https://www.zdnet.com/article/nsa-backdoors-us-hardware-headed-overseas-greenwald/

Lets not discuss this further. Its pointless.

rcoleman-netgate

@cool_corona said in Announcing pfSense plus:

Lets not discuss this further. Its pointless.

Indeed. Take it into https://forum.netgate.com/category/2/off-topic-non-support-discussion