all right so this video is going toaddress something that i've been askedby a lot of people which is why i don'tuse openbsd or at least why i don't useopenbsd on the desktop and make a bunchof content related to that because i douse it for servers this here is one imessage aged into that i've updated touh 7.1 recentlyum i made a video like a year agotalking about why i was looking to startusing openbsdinstead of or at least in conjunctionwith linux serversone of the strategies that i've prettymuch settled on is using openbsd on theperimeter of a vpc like having it set upas a reverse proxy firewalland i think i did make a videowhere i set up a desktop environment onopenbsd like in a virtual machine orsomething like thatbut you'll probably never catch meactually using openbsd as a daily driveron a desktop or laptopand it's because i don't really thinkthat open bsd is meant for that soi'm on openbsd.org this is theirofficial website there's the front pageandfor example the word desktop doesn'tshow up anywhere there's no pictures ofsomebody using an open bsd desktop onthe website there's no picturesof open bsd with a desktop environmentor with window managers there is apicture of a rack mounted serverright here which i presumeis running open bsdbut still nodesktops no guise nothing like that nowcompare that to something like linuxmintwhichyeah like if you didn't knowanything about linux mint like if youjust randomly went to linux mint.com onedayand you looked at this you'd be like ohokay yeah this is for a desktopoperating system it's very obvious oreven if you went touh what is it artixlinux.org rightso we go to iso releasesand look there's releases that come witha desktop environment already set up foropenbsdwe don't have this option so even thoughit is possible of course to set up adesktop environment and use openbsd as adesktop i mean i've done that at leastthe first part setting up the desktopenvironment um butall of this lack of indications thatit's a desktop os umkind of clearly tells me that it's notand if you are someone whois able to run open bsd on a desktopsuccessfullythen you're a bit of a hacker and mindyoua hacker is not necessarily someone whojust puts on a black hoodie and sellsransomware on the dark net uh no i'mtalking about the og definition of ahacker which is a skilled person ininformation technology that uses theirskills to achieve a goal or overcome anobstacle by non-standard means sobasically it's someone who makestechnology do things that it wasn'tnecessarily meant to do like if youinstall and play doom on a graphingcalculator you're a hacker if youinstall linux to a nintendo ds you're ahacker and if you installopen bsd to a desktop and use that asyour daily driver then in my opinion youare a hacker because i just don't thinkthat open bsd is really meant for that ithink it's more meant for servers andnot the desktops and let me be clear idon't have anything against anybody whowants to use open bsd on their desktopor anywhere reallyi really don't get this infighting thatthere seems to be between some linux andbsd users like we really shouldn't befighting a brother war we should begetting together and shepherding peopleaway from using proprietary operatingsystemsbut something you should know aboutopenbsd if you're considering using iton a desktopis that there's limited support forwi-fi i mean you know desktop peoplethink of a tower but on a laptop thatmight be a big deal to youum limited support for wi-fi there's notsupport for bluetooth there's verylimited support for device drivers ingeneral like graphics cards peripheralsthings like that you can't install steamand you can't install a lot of othersoftware without using ports whichcould compromise open bsd security whichis probablythe reason why you chose openbsd whichis considered one of the world's mostsecure operating systems in the firstplace instead of freebsd which isactually meant for desktops look at thatwe see it right there on the front pageof their website soif you can get openbsd working as adesktop os the more power too i meanlike i said i consider you a hackerwhich most people uh consider a hugecomplimentbut don't go hitting up the devs of openbsd to try to include support for wi-fisix or for bluetooth ora lot of other desktop things in thekernel i highly doubt that they're evergoing to do that and if they did itwould actually piss off a lot of uh openbsd users like myself because wi-fi andbluetooth on a server isthis is the reason why i startedswitching part of my serverinfrastructure at least the internetfacing things over to open bsd in thefirst place becauseon linux servers well let me actuallyjust show you so this is a debian serverwhich i had i was going to use for emailbut i guess this will be a quick rantwithin a rant vaulter refuses to opensmtp port 25. so i gotta find adifferent hosting provider for email umi i do still think that vaulter is greatfor everything else and i might justthrow uh my affiliate link in this uhvideo as well so that if you sign up youcan get some credit to the account andso will ium that's probably a big reason why ilike vaulter to be honest with you butas far as the technical stuff goesthey're pretty great it's just i don'tknow for some reason within the pastyear or so they've started refusing todo the needful when it comes to usingemail so if you want vaulter for emailthen don't use my affiliate link anddon't use valtter use something else butanyway let me show you mykernel configof this open bsd or excuse me of this uhdebian box and let me show youbluetoothokay so remember this is a server thisis a vpsand as you can see bluetoothall the different configs related tobluetooth are eitherum built in to the kernel or they're uma moduleuh same thing like if we keep scrollingthrough here you'll probably find abunch of other wireless things that wejust don't needum let's see yeah so near fieldcommunication right this is anotherthing that's just there's no reason tohave thison a server but yet it's built in therethere's tons of things inthis kernel that i just don't need for aserver and if i was using debian on mydesktopthen i would have the same deal going oni would have a bunch of server things inthe kernel that i wouldn't need on adesktop and debian is not the onlydistro that does this okay ubuntu fedoraarchmost distrosship with a really generic kernelandcustomizing the kernel i mean you cancustomize a kernel on any distro butgenerally it's notpart of the process when you're settingup your distrothey all come with these really generickernels that do a lot of things that youdon't need them to doalso most people using a linux boxwhether it's for a desktop or a serverthey're not using a hardened kernelso in case you didn't know about thisproject there'sanotherkernel like another version of the linuxkernel called linux hardened which hasdozens of optionsthat we were just looking at changedto reduce the attack surface soreally good stuff probably a great thingto use to further enhance the securityof your vps or maybe even on your linuxdesktop but almost nobody does thisalmost everyone is just using thegeneric version of the kernel that shipswith their operating system and maybe ifyou use a distro i can't even think ofany off the top of my head that shipwithuh the hardened kernel by default butmaybe if you use a uh distroyou know the few people that are settingup a vps with that kind of linux iso areusing the heart of kernel but mostpeople they're probably using debianthey're probably using red hat somethinglike thatand it's just generic linuxand don't get me wrong the kernel isreally not a hugesecurity concern i mean as long as it'supdated okay don't get me wrong ifyou're using like version four or threeor something crazy like that that shouldbe a concern to you but if you're usingan up-to-date or an lts kernelum i wouldn't reallylose sleep overhaving modules enabled that i don't needbecause it's really unlikely that yoursor anyone else's vps is going to gethackedthat way from a vulnerability in akernel module attackers are going to goafter the lowest hanging fruit they'regoing to go for things like unsecure sshunsecured cpanels or like if you'rerunning wordpress they're going to goafter the people who have outdatedplugins or outdated versions ofwordpress django or whatever serverapplications you're using it doesn'tchange the fact though that the linuxkernel is very large and insecurecompared to open bsds and that's whyifi'm going to have an internet facing boxthat people are going to be scanningpeople are going to be trying to breakinto and do all kinds of dirty things tomy poor little vpsi wanted to be running the most secureoperating system in the world and haveit do only what i want it to dobut my desktopsthey're not openly accessible from theinternet somy main concerns with them is thingslike the web browser orpotentially with email right like ishould not be clicking on links and anduh you know nonsense that's in my emailboxuh there's some security overlap betweenservers and desktops right like i stilluse very strong passwords on both istill use encryption on both but for themost part my approach to securingservers and desktops is pretty differentso don't hold your breath waiting for meto make open bsd desktop content but ifyou do want to watch desktop bsd contentand maybe learn how to use openbsdon the desktop for yourselflet me show you some content creatorsthat can help you out with that souh this is zany zhani um not exactlysure how to pronounce his name but hemakes a lot of open bsd desktop contentlike we searchfor desktop look at all this he's got anew computer and a new rice which ithink you can also download so if youwant to just like copy his config whichactually does look pretty clean iwatched like a couple of his videosum just to see and like you see he's gotthese longmaybe their live streams or maybethey're just recordings i don't know buthe's gotobviously tons of desktopopen bsd contentand then we've also got root bsd so samething and this person clearly went tothe mental outlaw academy of basedthumbnails because just look at thishe's utilizing the apoos and the animegirls expertlythis guy he you know he he might be ableto teach the class himself and he's alsogot an odyssey channelso look at that we don't even have towatch him on cringe tubewe can watch him on base tubesee look at this so you don't have toshow google that you're learning how touse open based on the desktop so goforth and consume desktop open bsdcontent from these guys they're they'reactually small channels so you knowdefinitelyuh go show them some love both zanyand root bsdand umlike i said i'm using it on this on forservers like kind of on the perimeter ofa vpc somaybe i'll do some tutorials for openbsdoncei've got things set up how i like themmaybe i'll show you guys how touse it as like a reverse proxy or how touse it as a vpn serveruh maybe i'll do some pf tutorials butit's gonna be you know dry boring stuffit's not it's not gonna be cooluh desktop stuff or like gaming on openbsd or anything like thatlike and contact the algorithm subscribeto me on odyssey have a great day