Incubation Examples


Some are fresh starts, some are followups

  pf, tmux, security hardening, privilege-separation,
  privilege-drop, stackghost, OpenSSH, strlcpy/strlcat,
  arc4random, auditing procedures, stack-protector, OpenBGPD,
  OpenNTPD, isakmpd, IKEv2, relayd, new resolver, PIE,
  soft-error ICMP/RST, randomized mmap, randomized malloc,
  hw.sensors, hundreds more...

We invent/adopt new "security ideas", complete & integrate into
system, then ship a release to push the idea to maturity.

ie. first OS to ship IPSEC, IPv6, crypto, SSH, strong random,
stack-protector, other security mitigation methods, ...