Just riffing off of what has already been said, not claiming any expertise. Just relating personal and unfortunately painful at times experience.
There are folks out there with amazing knowledge and experience. Some choose to be malicious. The ones that have both patience and discipline combined with the above... yikes. You can certainly build a mighty fortress with OpenBSD, but if you get sloppy with the foundation it is gonna fail. Applies to any in life. Malicious types can shim BIOS, boot loaders, craft insane hidden disklabels, and who knows what else. They can also mess with downloads. e.g. can't get a foothold right now, i'll just mess with basexx.tgz for neophyte obsd user (me). Partial extract before failure... He'll reboot and then let's see what he does... Mirror traffic is watched, certainly possible to get hammered on during upgrades... Anywho, lots of knowledge available here. Just gotta poke around a bit ;) As an aside, if your online banking 'requires' either Java or Flash, that is rather disturbing.
