"Some secure protocols like SSH send encrypted keystrokes as they're typed. By doing timing analysis you can figure out which keys the user probably typed (keys that are physically close together on a keyboard can be typed faster). A careful analysis can reveal the length of passwords and probably some of [the] password itself."

"The great majority of OpenBSD developers are from outside the United States, and I would guess that most of us prefer not to visit the US now thanks to the murderous foreign policy, authoritarian domestic surveillance, and invasive border control. You'll find few of us there. Personally I've been refusing invitations to go to, or even transit through the United States for about 6 years."

"When you buy from Apple, you do not get what you paid for. Instead you get exactly what you got suckered into buying."

"I just imported ix(4), a driver for the Intel 82598EB 10 Gigabit Ethernet adapters. It is based on Intel's ixgbe FreeBSD driver, with many local changes for OpenBSD.

"Development is really fast right now, because of the hackathon in Edmonton. We are testing as much as we can before we commit, but as always during these hackathon processes we really depend on our user community -- to track our changes and help spot the occasional bug we accidentally introduce. We are developing really fast and hard; please help us by testing really fast and hard too."

"If you can't use strcpy and strlcpy correctly, then you should not be a programmer."

"I think people are placing too much blame on valgrind. valgrind doesn't tell you 'Delete this line of code.' It says 'You are using uninitialized memory here.' The correct fix is to initialize the memory, not delete the line of code. It's not about trusting or not trusting the tool; it's about responding correctly."

"It is kind of strange to us to have Sun suddenly be the perfect example of openness."

"If you truly wish to relinquish ALL rights then public domain is exactly that. This is obviously the most free. If additionally you wish to retain attribution only then /usr/src/share/misc/license.template is a great choice. This is probably the most free except for public domain. If it bothers you if Microsoft uses your performance in a Vista ad then you must pick something else.

"I would only do it if I could get some compensation for immaterial damage; yuck, working on Windows is so painful."

"There once was a message to test; Repeated unto being a pest; While marked to ignore; It was seen more and more; Until other begged, 'Give it a rest!'"

"Since you did it three times so rapidly, I am calling you a liar. And since you refuse to undo your commercial support in Emacs and GCC, I am going to call you a hypocrite."

"The US government has rules about what it can collect and put in it's own databases and use. Forward thinking people put careful rules in place preventing the government from legally playing big brother...

"There are people who write diffs, and people who _don't_ write diffs."

"Overall, I doubt that all of our security technologies add more than about 2% of a performance hit."