Change my mind.
Companies are just taking BSD code and don’t contribute to it. At the end they’re selecting Linux even if there’s licensing risk and they have contribute to code. Why? Because Linux have a lot of contributors, that makes it much more advanced system with more features. Also companies which want to support Linux don’t have to worry that someone would close their code or code they funded with money. It’s not about competition but collaboration. GPL license allowed us also to sell own open-source solutions.
FreeBSD, OpenBSD and NetBSD are behind Linux. I love that systems (especially OpenBSD), but I don’t see a point in contributing or donating to them. Instead of being ready to use solutions they’re trying to be base for commercial closed-source products and it would be great as contributors could get something from that, but they get nothing.
I understand that BSD see closed source as something cool and way to commercialize software, but in today times where a lot of devices have 24/7 access to internet, microphones, cameras and at the same time to sensitive data it’s extremely dangerous. Closed source is used to hide backdoors, acts of surveillance and keeping monopoly on market which obviously stop evolution of software.
Please tell me how BSD license can be good solution for operating system. It’s not about offending BSD, but as someone who love open source software I hate closed source software I would like to know how I can defend this license.
Look, I dislike permissive licenses too, but you need a source to back this claim up.
Right now, each BSD does something special, that Linux (distro’s) can’t trivially replace, even if the usecase is more niche. NetBSD Dev’s make efforts to get it running on many devices as they can. OpenBSD (and it’s subprojects) are highly secure, moreso than Linux. Who do you think makes our beloved OpenSSH? OpenSSH noted for having very few vulnerabilities over it’s two decade long existence, and OpenBSD itself is similar, which is insane because there are products with multiple bad vulnerabilities every year (Linux being one of them…). This is due to a highly security minded architecture - one that Linux lacks.
FreeBSD is like Linux before systemd. I like systemd, but systemd is really trying to be kubernetes on a single node. I like systemd because I like kubernetes, but I understand why someone wouldn’t like it, and I question if “single node k8s” is the best architecture for a single server or personal desktop. The ports system results in freebsd packaging many server services that aren’t packaged on Linux. Being able to manage those through the system package manager, and the conviniences that provides, is nice.
Different, and not popular don’t mean bad.
I highly doubt that OpenBSD is more secure than Qubes OS or secureblue.
Openbsd is definitely more secure than secureblue. There is only so much you can do to handle the massive monolithic architecture of the Linux kernel. Further down the stack, many parts of Linux, like sudo, dbus, or systemd are regularly hit by zero days. The SELinux domain architecture that Secureblue is interesting, but SELinux is extremely complex and difficult to get right, compared to the much more simpler pledge and unveil sandboxing that openbsd offers.
In addition to that, there are further issues like the problematic way that user namespaces interact with browsers. (And user namespaces are frustrating in general, secureblue actually has a short article on their problems). For maximum security, you want to sandbox tabs from eachother using user namespaces (only works on chromium btw, firefox can’t do this so it doesn’t matter) — BUT, if you run your browser in a sanbox created by user namespaces, then you can’t nest them, disallowing you from using that powerful tool to isolate tabs. So you are forced to make a choice: You can either sandbox the browser itself, in exchange for weakening the isolation between tabs, or you can strengthen the isolation between tabs, in exchange for weaking the sandbox around the browser itself. Giving the browser access to user namespaces is questionable though, because see above, user namespaces have led to a lot of vulnerabilities.
OpenBSD’s pledge + unveil (but only on chromium again), does not really make such tradeoffs. It can sandbox tabs from eachother, while also sandboxing the browser itself. In addition to that, pledge + unveil do not present a massive kernel attack surface that people have had to restrict for having too many 0days. And this is just one of the many, many examples, where OpenBSD presents a better security posture than Linux.
Qubes is technically Xen, a different kernel than Linux. The Xen kernel virtualizes Linux distros, from which you can manage Qubes/Xen, or do normal Linux app stuff. But nothing stops you from using a BSD virtualized by Xen for management or usage. Qubes talks about why they use Xen here — but the short version is that they did not consider the Linux kernel’s kvm secure enough for their usecase.