systemd is destructive

Here you can discuss every aspect of Debian. Note: not for support requests!

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby n_hologram » 2018-04-11 11:09

I've always found the zeitgeist daemon pretty disrespectful to Marxism.

I personally use what_is_to_be_done.sh to encrypt my logfiles into Marxist rhetoric, and trotsky.sh to decrypt them later if needed.

Communist puns aside, I find your points reasonable. I personally refrain from the daemon for similar reasons, along with it being fundamentally superfluous to me. I think it's another example of a program that would be desirable from a business distribution's standpoint (RHEL), for the same reasons why Intel's ME was pitched (greater sysadmin maintenance on company laptops), but doesn't translate well to the consumer side of things. However, it's also important to note that if someone has access to your logfiles, you probably have bigger problems to worry about than the logging program, malware or not.

I liked this comment in the slashdot post you shared:
If they really want to watch my online activity I'm sure AT&T would bend over backwards to assist them

https://www.smbc-comics.com/comics/20120220.gif
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 433
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby Fernando Negro » 2018-04-11 11:46

Wheelerof4te wrote:^If systemd is such a big problem for you, why are you using Debian? Debian devs have decided to ship systemd as default init/service software in Jessie. It's been 3+ years now. While heading to Buster, it's impossible to revert that decision.
Along with OpenBSD and other BSDs, you have several non-systemd distros such as MX Linux. Maybe try those?

Hello, Wheelerof4te.

The reason why I have been using Debian for the past years, is because I had never reflected much about of the whole "systemd" polemic (that I already knew that existed).

But, having I decided to watch the video presentation I mention, where one of the creators of Devuan explains the reasons why many people decided to make a fork, I then reflected about this whole issue - and, now think I've become aware of a most serious problem related to this recent evolution.

I have, in the past days, tried to install Devuan on my computer - but, like with Debian 8 Jessie, I cannot make my graphics card work well on it. And, besides this, I have noticed a big problem with the Devuan distribution itself, in relation to the repositories it uses: https://dev1galaxy.org/viewtopic.php?id=1984

So, for the time being, I will continue using the lesser of two evils (Debian) until a better (and stable) alternative appears.

(And, trying to remain as short as possible about a side issue,)

"antiX" and related distros - like "MX Linux" - don't generate any trust in me. Since that, being a former political activist myself (also of the "anticapitalista" family) I know that a lot of organizations that claim to be "anti" are actually traps put out by the establishment itself. So, I always proceed with caution now, whenever I know of a new one. And, the naming of the versions of "antiX" in itself, is already a big "red flag" to me. (Long story...)

(But, speaking about the reason why I have made this post,)

The reason I did it, is because I believe that this is something that most probably no one has ever thought about. And, for that reason, something that I really think I should call people's attention to, in order to possibly make them reconsider using this kind of daemons.
Signed,

A longtime Ubuntu user, that has migrated to Debian.
User avatar
Fernando Negro
 
Posts: 91
Joined: 2013-11-24 01:29
Location: Portugal

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby Fernando Negro » 2018-04-11 12:28

n_hologram wrote:I've always found the zeitgeist daemon pretty disrespectful to Marxism.

I personally use what_is_to_be_done.sh to encrypt my logfiles into Marxist rhetoric, and trotsky.sh to decrypt them later if needed.

Communist puns aside, I find your points reasonable. I personally refrain from the daemon for similar reasons, along with it being fundamentally superfluous to me. I think it's another example of a program that would be desirable from a business distribution's standpoint (RHEL), for the same reasons why Intel's ME was pitched (greater sysadmin maintenance on company laptops), but doesn't translate well to the consumer side of things. However, it's also important to note that if someone has access to your logfiles, you probably have bigger problems to worry about than the logging program, malware or not.

I liked this comment in the slashdot post you shared:
If they really want to watch my online activity I'm sure AT&T would bend over backwards to assist them

https://www.smbc-comics.com/comics/20120220.gif

Hello, n_hologram.

(I will keep this first part of my comment as short as possible, in order not to divert from the original issue. But, because I see part of your comment as you implying that I'm a sort of "left-winger" - which I am not - I feel forced to reply to that part,)

When I talk about the same decentralization principle applied to "bigger/political organizations", it has nothing to do with "left-wing" or "right-wing" political views. But - as I say - about Democracy.

(Marxist ideology has, throughout History, given form to the most anti-democratic, centralized, and absolutist type of governments there are. And, the debate about centralization vs decentralization, can be made on both sides of the conventional political spectrum. One of the best critiques that can be made to the European super-state even, is to draw the huge parallels between the unelected European Commission and the Soviet Politburo - ex: https://www.prisonplanet.com/articles/m ... orship.htm)

Now, going to the subject in question,

Yes, that's what I think also. This type of daemons is - not only unnecessary (or "superfluous" as you say) - but, like Intel's ME or AMD's PSP, a big security risk, whose only "positive" aspect can be to allow an outside administrating entity to better control your computer. This being the reason why I really don't like any of the mentioned evolutions.

(Like I said in another forum, about AMD's PSP - https://www.phoronix.com/forums/forum/p ... ost1000053 - computers worked fine before the addition of this type of controlling components.)

And, yes. I'm aware that, when working with a computer connected to the Internet, there are all sorts of security and privacy risks. But, what I also think is that (even if just for a question of principle) we should always try to minimize them.
Signed,

A longtime Ubuntu user, that has migrated to Debian.
User avatar
Fernando Negro
 
Posts: 91
Joined: 2013-11-24 01:29
Location: Portugal

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby n_hologram » 2018-04-11 12:40

Fernando Negro wrote:I see part of your comment as you implying that I'm a sort of "left-winger"...

Lol no, I was just making a pun. Sorry if it appeared as a political jab.
This type of daemons is - not only unnecessary (or "superfluous" as you say) - but, like Intel's ME or AMD's PSP, a big security risk, whose only "positive" aspect can be to allow an outside administrating entity to better control your computer...And, yes. I'm aware that, when working with a computer connected to the Internet, there are all sorts of security and privacy risks. But, what I also think is that (even if just for a question of principle) we should always try to minimize them.

I think we can both agree on that.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 433
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby steve_v » 2018-04-11 13:38

Wheelerof4te wrote:Debian devs have decided to ship systemd as default init/service software in Jessie.
Systemd as the default init is fine. Systemd as the only viable init is not. As nobody can be bothered maintaining the parts required to run post-jessie Debian with anything but systemd as init, we are now effectively at only.

Wheelerof4te wrote:While heading to Buster, it's impossible to revert that decision.
Shenanigans. It's not impossible, it's just rather difficult as buster is already in testing.
It's significantly less difficult to untangle the systemd dependencies in unstable so future releases offer a real choice. SysV has been removed, but OpenRC is in the unstable repos: Cool. World+dog is compiled against systemd, and the OS won't run properly without it: Very uncool.

On the "centralised control" bit, I don't care about this political angle that's creeping in, but any kind of "master program" that does as much as systemd does is simply not how you Unix. It's overengineered, fragile, and difficult to work with. It's also a great big SPOF.
steve_v
 
Posts: 695
Joined: 2012-10-06 05:31
Location: New Zealand

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby stevepusser » 2018-04-11 18:43

"antiX" and related distros - like "MX Linux" - don't generate any trust in me. Since that, being a former political activist myself (also of the "anticapitalista" family) I know that a lot of organizations that claim to be "anti" are actually traps put out by the establishment itself. So, I always proceed with caution now, whenever I know of a new one. And, the naming of the versions of "antiX" in itself, is already a big "red flag" to me. (Long story...)


So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you? Our repository and sources are open to all, the MX applications are developed openly on github, and anyone can join the development team, if only as beta testers.

But of course, you can't use logic to argue with a conspiracy theorist---that's only more evidence of the vast conspiracy. :lol:

Steve (still waiting for those checks from "Big Linux" to start rolling in)
Last edited by stevepusser on 2018-04-11 20:04, edited 1 time in total.
The MX Linux repositories: Backports galore! If we don't have something, just ask and we'll try--we like challenges. New packages: GIMP 2.10.2, Pale Moon 27.9.3, wine-staging 3.11, QuiteRSS 0.18.11, Linux kernel 4.17, Krita 4.1.0
User avatar
stevepusser
 
Posts: 9710
Joined: 2009-10-06 05:53

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby n_hologram » 2018-04-11 19:06

stevepusser wrote:So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you

I mean, your avatar IS of a notorious evil scientist...
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 433
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby bw123 » 2018-04-11 19:20

stevepusser wrote:
But of course, you can't use logic to argue with a conspiracy theorist---that's only more evidence of the vast conspiracy. :lol:


Yeah, I noticed the history lesson on Marx came from prisonplanet also. This sentence shows what a limited understanding the OP has.

Fernando Negro wrote:Marxist ideology has, throughout History, given form to the most anti-democratic, centralized, and absolutist type of governments there are.


The above quote is a ridiculous statement, when you consider that Marx wasn't even born until the early 19th century.

I won't even try to contribute to the topic, whatever it is.
User avatar
bw123
 
Posts: 3135
Joined: 2011-05-09 06:02
Location: TN_USA

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby stevepusser » 2018-04-11 20:06

n_hologram wrote:
stevepusser wrote:So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you

I mean, your avatar IS of a notorious evil scientist...


Balderdash and folderol!! Farnsworth works only for the benefit of mankind! Plus all the other alien species! He brings only good news to everyone!
The MX Linux repositories: Backports galore! If we don't have something, just ask and we'll try--we like challenges. New packages: GIMP 2.10.2, Pale Moon 27.9.3, wine-staging 3.11, QuiteRSS 0.18.11, Linux kernel 4.17, Krita 4.1.0
User avatar
stevepusser
 
Posts: 9710
Joined: 2009-10-06 05:53

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby Fernando Negro » 2018-04-11 22:12

Everyone,

Please, (unless your intention is to derail this important thread) stick to the subject of the security concerns - or broader related issues - that I raise in my initial post.

stevepusser wrote:So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you? Our repository and sources are open to all, the MX applications are developed openly on github, and anyone can join the development team, if only as beta testers.

stevepusser,

(Feeling forced to reply to that - and, trying to make my response as short as possible...)

I've never tried "MX Linux", in particular. But, having I looked at "antiX", and really not liking what I saw, that feeling is naturally extended to anything related to it.

Concerning the political nature of such a group,

As I said, it's a *long* story ... And, I couldn't explain it (and present proofs of my claims) without turning this into a (very) big political discussion.

But, speaking about facts that every person in here can understand - and, that are even related to my security concerns,

If the people at "antiX" would like to generate trust among their users, they could start by not encouraging people to install "cool" apps that allow the "remote access" of our computers and networks. Since that, every person that really knows how the Internet works, knows that to have such a kind of doors, that allow the remote access of our equipments, is a ridiculously *huge* security risk.

Any password used in such type of sessions can always be intercepted and decrypted. And, such encrypted connections can also always be decrypted - and, who knows, interfered with, taken over etc. (https://www.youtube.com/watch?v=PZQXxUmROIU#t=1h8m25s)

And, the part of serving as a "trap", in this case, is that: by encouraging people to use such type of connections, like "voice chat between two pcs via encrypted mumbl", and telling people that they are safe when using them, you're encouraging people to reveal and do things (over such connections) that they wouldn't if they were convinced that the connection was not secure - which, in fact (by its nature) is exactly what it always is. (Since that, as I recently mentioned in another thread, in this forum - viewtopic.php?f=3&t=137002&start=60#p670674 - *everything* of more important that people do on the Internet is being surveilled, recorded and decrypted, by the "powers-that-be".)

Listen to Edward Snowden, if you have any doubts that "Big Brother is watching you".
Signed,

A longtime Ubuntu user, that has migrated to Debian.
User avatar
Fernando Negro
 
Posts: 91
Joined: 2013-11-24 01:29
Location: Portugal

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby n_hologram » 2018-04-11 22:31

stevepusser wrote:Balderdash and folderol!! Farnsworth works only for the benefit of mankind! Plus all the other alien species! He brings only good news to everyone!

I still don't understand why you don't preface every new post in this thread with "Good news, everyone!"

zeitgeist-core ranks pretty high on popcon. It is a little unsettling that almost 33% of Debian users [who submit to popcon, that is] are okay with a data-logger like this. I see no value in it for non-corporate user.
https://qa.debian.org/popcon.php?package=zeitgeist

Btw fernando, you lost credibility with Alex Jones lol. (btw, if you're really concerned about surveillance, stop using youtube -- you do know which company owns them, right?)

But, just for fun, tell us about the government surveillance in Portugal these days.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing

the crunkbong project: scripts, operating system, the list goes on...
n_hologram
 
Posts: 433
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby stevepusser » 2018-04-12 01:51

If the people at "antiX" would like to generate trust among their users, they could start by not encouraging people to install "cool" apps that allow the "remote access" of our computers and networks.


What on earth are you talking about? And I mean the oblate spheroid earth, not the flat earth that I fear you are going to promote next...
Last edited by stevepusser on 2018-04-12 03:39, edited 1 time in total.
The MX Linux repositories: Backports galore! If we don't have something, just ask and we'll try--we like challenges. New packages: GIMP 2.10.2, Pale Moon 27.9.3, wine-staging 3.11, QuiteRSS 0.18.11, Linux kernel 4.17, Krita 4.1.0
User avatar
stevepusser
 
Posts: 9710
Joined: 2009-10-06 05:53

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby jibberjabber » 2018-04-12 03:03

I wonder if the OP is using a PC with "Intel inside", and Minix 3, like most every one is ? The folks at Intel, are watching every one. Note: , and Minix 3 does not use systemd, ....
This thread was boring, but now that there is some humour involved it is getting more interesting.
I wonder why Intel choose Minix 3, instead of Linux ?
N5RLX > "Jibber jabber jibber jabber,all day and all night, jibber jabber jibber jabber"

Then there is Papa Parrot
jibberjabber
 
Posts: 93
Joined: 2016-01-10 16:58

Re: "systemd" and "zeitgeist" daemons as great security risk

Postby steve_v » 2018-04-12 04:48

Fernando Negro wrote:If the people at "antiX" would like to generate trust among their users, they could start by not encouraging people to install "cool" apps that allow the "remote access" of our computers and networks. Since that, every person that really knows how the Internet works, knows that to have such a kind of doors, that allow the remote access of our equipments, is a ridiculously *huge* security risk.
This is a ridiculously *huge* load of paranoid garbage. There are many methods for remote access, and without remote access (what do you think a webserver is?) the internet would have no purpose. Knowing about, securing, and safely employing such things is user 101.
Would you have everyone discourage SSH? NoMachine? CGI & PHP? I use all of the above, and none of my boxes have ever been compromised.

Fernando Negro wrote:Any password used in such type of sessions can always be intercepted and decrypted. And, such encrypted connections can also always be decrypted - and, who knows, interfered with, taken over etc.
Rubbish. You clearly know absolutely nothing about encryption or authentication. Go read up on the implementation and the underlying mathematical theory.

You need to find a more reliable source of information. If "prisonplanet" is your go-to, Conspiracy theorist: confirmed.

Fernando Negro wrote:"trap"...
surveilled, recorded and decrypted...
"powers-that-be"

Image

Fernando Negro wrote:Listen to Edward Snowden...
Don't listen to Fernando Negro if you have a functioning brain and wish to keep it that way. He's clearly either a conspiracy nut or a troll, probably both.
Yes, there are various actors who are keen to keep track of what you are up to. But encryption works, which is why certain braindead politicians are are pushing to ban it. If you doubt this, go talk to a mathematician.

Aside from some minor entertainment value, this thread is just a waste of perfectly good bandwidth. If the OP was actually knowledgeable enough to to post a credible "warning" as he claims this is, there'd be technical details here instead of youtube links and fearmongering.

stevepusser wrote:I mean the oblate spheroid earth
What are you talking about? Everybody knows the earth is a disc, supported by four elephants...
steve_v
 
Posts: 695
Joined: 2012-10-06 05:31
Location: New Zealand

Previous

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 2 guests

fashionable