OpenBSD: Code audit, security

Early and continuing emphasis on security - code audit started 1995 and still ongoing:

Assume hostile environment

Look for unsafe behaviors

Find one bug, fix similar bugs everywhere in the tree

(repeat ...)

Lead to exploit mitigation techniques (W^X, privsep, ASLR, see eg http://www.openbsd.org/papers/ven05-deraadt/index.htmland the 10 years later http://www.openbsd.org/papers/ru13-deraadt)

First free OS with strong crypto in base, illegal to re-export from the US early on(!)