Explore a systematic evaluation of OpenBSD's security mitigations in this 53-minute conference talk from the 36th Chaos Communication Congress (36C3). Delve into a comprehensive analysis of OpenBSD's advertised security features, examining their effectiveness, performance impacts, and potential vulnerabilities. Learn about various mitigations such as privilege separation, Unveil, ASLR, RETGUARD, and TCP SYN cookies. Gain insights into the rationale behind these security measures, their origins, and how they compare to implementations in other operating systems. Discover the importance of threat modeling and evidence-based security claims in operating system design. Evaluate OpenBSD's reputation as a secure operating system through a rational and systematic approach, considering factors like complexity, inspectability, and ease of bypass.