OpenBSD is a fucking joke!

Today OpenBSD 5.4 has been released ^[1], also known as ``the most secure operating system ever'', or at least that's what the NSA wants you to think!
Did you ever tried to install OBSD? no? well, it's pretty simple: you first go to http://openbsd.org (sorry, no TLS) and click on "Getting releases", then choose some mirror from the list of http, ftp or CVS servers, and now if you want to check the integrity of your download look the SHA256 file that you got from the same place..... wait, what?..
Yup, that is, enterprise security technique! who needs any DSA/RSA signed hash when you can trust: your LAN, your ISP, the tier1 route til the mirror, the mirror itself, and the fUCKING WHOLE INTERNET.

This is fucking ridiculous, do not trust what the media says, OpenBSD is a fucking joke!

__________________

[1] - http://www.openbsd.org/54.html

new development today

http://bsd.slashdot.org/story/14/01/19/0124202/openbsd-moving-towards-signed-packages-based-on-d-j-bernstein-crypto

It's official: 'we are moving towards signed packages,' says Theo de Raadt on the misc@ mailing list. This is shortly after a new utility, signify, was committed into the base tree. The reason a new utility had to be written in the first place is that gnupg is too big to fit on the floppy discs, which are still a supported installation medium for OpenBSD. Signatures are based on the Ed25519 public-key signature system from D. J. Bernstein and co., and his public domain code once again appears in the base tree of OpenBSD, only a few weeks after some other DJB inventions made it into the nearby OpenSSH as well.

I guess /prog/ is really on to what's going on in the computing industry. Or maybe mr. de raadt reads /prog/