George Neville‐Neil, president of the FreeBSD foundation, recently gave the keynote at AsiaBSDCon. During his presentation he derided Sean Webb/Lattera for its focus on security (https://hardenedbsd.org/content/easy-feature-comparison), simultaneously deriding OpenBSD as “basement dwellers” (this in a talk asserting that the BSDs need to present a unified front to succeed in the world). He also made excuses for the fact that FreeBSD finally—finally!—implemented ASLR in 2019. (For reference, PaX developed ASLR in 2001, OpenBSD implemented their own in 2003, and mainstream Linux got it in 2005.) His excuse, that ASLR is “broken anyway,” was called out by the very first commenter for betraying a complete misunderstanding of what ASLR defends against (GNN trumpeted ASLR attacks on JIT engines, but executing malicious JavaScript on the host is out of ASLR’s scope and always has been). https://youtu.be/7kShjboN6ek?t=2820

I don’t know the full story between Sean Webb/Lattera and FreeBSD, but I do know FreeBSD has a poor track record when it comes to security mitigations, and if the presentation above is representative of how the president of the FreeBSD Foundation behaves at an ostensibly cross‐BSD conference, I know which side I’m immediately inclined to disfavor.