Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

systemd is destructive

Here you can discuss every aspect of Debian. Note: not for support requests!
Locked
Message
Author
n_hologram
Posts: 459
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

#181 Post by n_hologram »

I've always found the zeitgeist daemon pretty disrespectful to Marxism.

I personally use what_is_to_be_done.sh to encrypt my logfiles into Marxist rhetoric, and trotsky.sh to decrypt them later if needed.

Communist puns aside, I find your points reasonable. I personally refrain from the daemon for similar reasons, along with it being fundamentally superfluous to me. I think it's another example of a program that would be desirable from a business distribution's standpoint (RHEL), for the same reasons why Intel's ME was pitched (greater sysadmin maintenance on company laptops), but doesn't translate well to the consumer side of things. However, it's also important to note that if someone has access to your logfiles, you probably have bigger problems to worry about than the logging program, malware or not.

I liked this comment in the slashdot post you shared:
If they really want to watch my online activity I'm sure AT&T would bend over backwards to assist them
https://www.smbc-comics.com/comics/20120220.gif
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
the crunkbong project: scripts, operating system, the list goes on...

User avatar
Fernando Negro
Posts: 124
Joined: 2013-11-24 01:29
Location: Portugal
Has thanked: 2 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#182 Post by Fernando Negro »

Wheelerof4te wrote:^If systemd is such a big problem for you, why are you using Debian? Debian devs have decided to ship systemd as default init/service software in Jessie. It's been 3+ years now. While heading to Buster, it's impossible to revert that decision.
Along with OpenBSD and other BSDs, you have several non-systemd distros such as MX Linux. Maybe try those?
Hello, Wheelerof4te.

The reason why I have been using Debian for the past years, is because I had never reflected much about of the whole "systemd" polemic (that I already knew that existed).

But, having I decided to watch the video presentation I mention, where one of the creators of Devuan explains the reasons why many people decided to make a fork, I then reflected about this whole issue - and, now think I've become aware of a most serious problem related to this recent evolution.

I have, in the past days, tried to install Devuan on my computer - but, like with Debian 8 Jessie, I cannot make my graphics card work well on it. And, besides this, I have noticed a big problem with the Devuan distribution itself, in relation to the repositories it uses: https://dev1galaxy.org/viewtopic.php?id=1984

So, for the time being, I will continue using the lesser of two evils (Debian) until a better (and stable) alternative appears.

(And, trying to remain as short as possible about a side issue,)

"antiX" and related distros - like "MX Linux" - don't generate any trust in me. Since that, being a former political activist myself (also of the "anticapitalista" family) I know that a lot of organizations that claim to be "anti" are actually traps put out by the establishment itself. So, I always proceed with caution now, whenever I know of a new one. And, the naming of the versions of "antiX" in itself, is already a big "red flag" to me. (Long story...)

(But, speaking about the reason why I have made this post,)

The reason I did it, is because I believe that this is something that most probably no one has ever thought about. And, for that reason, something that I really think I should call people's attention to, in order to possibly make them reconsider using this kind of daemons.
I just *love* the stability, much more bug-free nature, and modular installation options of Debian. Apart from the unfortunate adoption of "systemd" (viewtopic.php?f=20&t=129881&start=165#p671030) this distribution is *great*.

User avatar
Fernando Negro
Posts: 124
Joined: 2013-11-24 01:29
Location: Portugal
Has thanked: 2 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#183 Post by Fernando Negro »

n_hologram wrote:I've always found the zeitgeist daemon pretty disrespectful to Marxism.

I personally use what_is_to_be_done.sh to encrypt my logfiles into Marxist rhetoric, and trotsky.sh to decrypt them later if needed.

Communist puns aside, I find your points reasonable. I personally refrain from the daemon for similar reasons, along with it being fundamentally superfluous to me. I think it's another example of a program that would be desirable from a business distribution's standpoint (RHEL), for the same reasons why Intel's ME was pitched (greater sysadmin maintenance on company laptops), but doesn't translate well to the consumer side of things. However, it's also important to note that if someone has access to your logfiles, you probably have bigger problems to worry about than the logging program, malware or not.

I liked this comment in the slashdot post you shared:
If they really want to watch my online activity I'm sure AT&T would bend over backwards to assist them
https://www.smbc-comics.com/comics/20120220.gif
Hello, n_hologram.

(I will keep this first part of my comment as short as possible, in order not to divert from the original issue. But, because I see part of your comment as you implying that I'm a sort of "left-winger" - which I am not - I feel forced to reply to that part,)

When I talk about the same decentralization principle applied to "bigger/political organizations", it has nothing to do with "left-wing" or "right-wing" political views. But - as I say - about Democracy.

(Marxist ideology has, throughout History, given form to the most anti-democratic, centralized, and absolutist type of governments there are. And, the debate about centralization vs decentralization, can be made on both sides of the conventional political spectrum. One of the best critiques that can be made to the European super-state even, is to draw the huge parallels between the unelected European Commission and the Soviet Politburo - ex: https://www.prisonplanet.com/articles/m ... orship.htm)

Now, going to the subject in question,

Yes, that's what I think also. This type of daemons is - not only unnecessary (or "superfluous" as you say) - but, like Intel's ME or AMD's PSP, a big security risk, whose only "positive" aspect can be to allow an outside administrating entity to better control your computer. This being the reason why I really don't like any of the mentioned evolutions.

(Like I said in another forum, about AMD's PSP - https://www.phoronix.com/forums/forum/p ... ost1000053 - computers worked fine before the addition of this type of controlling components.)

And, yes. I'm aware that, when working with a computer connected to the Internet, there are all sorts of security and privacy risks. But, what I also think is that (even if just for a question of principle) we should always try to minimize them.
I just *love* the stability, much more bug-free nature, and modular installation options of Debian. Apart from the unfortunate adoption of "systemd" (viewtopic.php?f=20&t=129881&start=165#p671030) this distribution is *great*.

n_hologram
Posts: 459
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

#184 Post by n_hologram »

Fernando Negro wrote: I see part of your comment as you implying that I'm a sort of "left-winger"...
Lol no, I was just making a pun. Sorry if it appeared as a political jab.
This type of daemons is - not only unnecessary (or "superfluous" as you say) - but, like Intel's ME or AMD's PSP, a big security risk, whose only "positive" aspect can be to allow an outside administrating entity to better control your computer...And, yes. I'm aware that, when working with a computer connected to the Internet, there are all sorts of security and privacy risks. But, what I also think is that (even if just for a question of principle) we should always try to minimize them.
I think we can both agree on that.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
the crunkbong project: scripts, operating system, the list goes on...

steve_v
df -h | grep > 20TiB
df -h | grep > 20TiB
Posts: 1395
Joined: 2012-10-06 05:31
Location: /dev/chair
Has thanked: 78 times
Been thanked: 173 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#185 Post by steve_v »

Wheelerof4te wrote:Debian devs have decided to ship systemd as default init/service software in Jessie.
Systemd as the default init is fine. Systemd as the only viable init is not. As nobody can be bothered maintaining the parts required to run post-jessie Debian with anything but systemd as init, we are now effectively at only.
Wheelerof4te wrote:While heading to Buster, it's impossible to revert that decision.
Shenanigans. It's not impossible, it's just rather difficult as buster is already in testing.
It's significantly less difficult to untangle the systemd dependencies in unstable so future releases offer a real choice. SysV has been removed, but OpenRC is in the unstable repos: Cool. World+dog is compiled against systemd, and the OS won't run properly without it: Very uncool.

On the "centralised control" bit, I don't care about this political angle that's creeping in, but any kind of "master program" that does as much as systemd does is simply not how you Unix. It's overengineered, fragile, and difficult to work with. It's also a great big SPOF.
Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.

User avatar
stevepusser
Posts: 12930
Joined: 2009-10-06 05:53
Has thanked: 41 times
Been thanked: 71 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#186 Post by stevepusser »

"antiX" and related distros - like "MX Linux" - don't generate any trust in me. Since that, being a former political activist myself (also of the "anticapitalista" family) I know that a lot of organizations that claim to be "anti" are actually traps put out by the establishment itself. So, I always proceed with caution now, whenever I know of a new one. And, the naming of the versions of "antiX" in itself, is already a big "red flag" to me. (Long story...)
So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you? Our repository and sources are open to all, the MX applications are developed openly on github, and anyone can join the development team, if only as beta testers.

But of course, you can't use logic to argue with a conspiracy theorist---that's only more evidence of the vast conspiracy. :lol:

Steve (still waiting for those checks from "Big Linux" to start rolling in)
Last edited by stevepusser on 2018-04-11 20:04, edited 1 time in total.
MX Linux packager and developer

n_hologram
Posts: 459
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

#187 Post by n_hologram »

stevepusser wrote:So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you
I mean, your avatar IS of a notorious evil scientist...
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
the crunkbong project: scripts, operating system, the list goes on...

User avatar
bw123
Posts: 4015
Joined: 2011-05-09 06:02
Has thanked: 1 time
Been thanked: 28 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#188 Post by bw123 »

stevepusser wrote:
But of course, you can't use logic to argue with a conspiracy theorist---that's only more evidence of the vast conspiracy. :lol:
Yeah, I noticed the history lesson on Marx came from prisonplanet also. This sentence shows what a limited understanding the OP has.
Fernando Negro wrote: Marxist ideology has, throughout History, given form to the most anti-democratic, centralized, and absolutist type of governments there are.
The above quote is a ridiculous statement, when you consider that Marx wasn't even born until the early 19th century.

I won't even try to contribute to the topic, whatever it is.
resigned by AI ChatGPT

User avatar
stevepusser
Posts: 12930
Joined: 2009-10-06 05:53
Has thanked: 41 times
Been thanked: 71 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#189 Post by stevepusser »

n_hologram wrote:
stevepusser wrote:So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you
I mean, your avatar IS of a notorious evil scientist...
Balderdash and folderol!! Farnsworth works only for the benefit of mankind! Plus all the other alien species! He brings only good news to everyone!
MX Linux packager and developer

User avatar
Fernando Negro
Posts: 124
Joined: 2013-11-24 01:29
Location: Portugal
Has thanked: 2 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#190 Post by Fernando Negro »

Everyone,

Please, (unless your intention is to derail this important thread) stick to the subject of the security concerns - or broader related issues - that I raise in my initial post.
stevepusser wrote: So, speaking as the lead packager of MX Linux, what on earth would we have to do to get any trust from you? Our repository and sources are open to all, the MX applications are developed openly on github, and anyone can join the development team, if only as beta testers.
stevepusser,

(Feeling forced to reply to that - and, trying to make my response as short as possible...)

I've never tried "MX Linux", in particular. But, having I looked at "antiX", and really not liking what I saw, that feeling is naturally extended to anything related to it.

Concerning the political nature of such a group,

As I said, it's a *long* story ... And, I couldn't explain it (and present proofs of my claims) without turning this into a (very) big political discussion.

But, speaking about facts that every person in here can understand - and, that are even related to my security concerns,

If the people at "antiX" would like to generate trust among their users, they could start by not encouraging people to install "cool" apps that allow the "remote access" of our computers and networks. Since that, every person that really knows how the Internet works, knows that to have such a kind of doors, that allow the remote access of our equipments, is a ridiculously *huge* security risk.

Any password used in such type of sessions can always be intercepted and decrypted. And, such encrypted connections can also always be decrypted - and, who knows, interfered with, taken over etc. (https://www.youtube.com/watch?v=PZQXxUmROIU#t=1h8m25s)

And, the part of serving as a "trap", in this case, is that: by encouraging people to use such type of connections, like "voice chat between two pcs via encrypted mumbl", and telling people that they are safe when using them, you're encouraging people to reveal and do things (over such connections) that they wouldn't if they were convinced that the connection was not secure - which, in fact (by its nature) is exactly what it always is. (Since that, as I recently mentioned in another thread, in this forum - http://forums.debian.net/viewtopic.php? ... 60#p670674 - *everything* of more important that people do on the Internet is being surveilled, recorded and decrypted, by the "powers-that-be".)

Listen to Edward Snowden, if you have any doubts that "Big Brother is watching you".
I just *love* the stability, much more bug-free nature, and modular installation options of Debian. Apart from the unfortunate adoption of "systemd" (viewtopic.php?f=20&t=129881&start=165#p671030) this distribution is *great*.

n_hologram
Posts: 459
Joined: 2013-06-16 00:10

Re: "systemd" and "zeitgeist" daemons as great security risk

#191 Post by n_hologram »

stevepusser wrote:Balderdash and folderol!! Farnsworth works only for the benefit of mankind! Plus all the other alien species! He brings only good news to everyone!
I still don't understand why you don't preface every new post in this thread with "Good news, everyone!"

zeitgeist-core ranks pretty high on popcon. It is a little unsettling that almost 33% of Debian users [who submit to popcon, that is] are okay with a data-logger like this. I see no value in it for non-corporate user.
https://qa.debian.org/popcon.php?package=zeitgeist

Btw fernando, you lost credibility with Alex Jones lol. (btw, if you're really concerned about surveillance, stop using youtube -- you do know which company owns them, right?)

But, just for fun, tell us about the government surveillance in Portugal these days.
bester69 wrote:There is nothing to install in linux, from time to time i go to google searching for something fresh to install in linux, but, there is nothing
the crunkbong project: scripts, operating system, the list goes on...

User avatar
stevepusser
Posts: 12930
Joined: 2009-10-06 05:53
Has thanked: 41 times
Been thanked: 71 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#192 Post by stevepusser »

If the people at "antiX" would like to generate trust among their users, they could start by not encouraging people to install "cool" apps that allow the "remote access" of our computers and networks.
What on earth are you talking about? And I mean the oblate spheroid earth, not the flat earth that I fear you are going to promote next...
Last edited by stevepusser on 2018-04-12 03:39, edited 1 time in total.
MX Linux packager and developer

jibberjabber
Posts: 162
Joined: 2016-01-10 16:58

Re: "systemd" and "zeitgeist" daemons as great security risk

#193 Post by jibberjabber »

I wonder if the OP is using a PC with "Intel inside", and Minix 3, like most every one is ? The folks at Intel, are watching every one. Note: , and Minix 3 does not use systemd, ....
This thread was boring, but now that there is some humour involved it is getting more interesting.
I wonder why Intel choose Minix 3, instead of Linux ?
written by HelpBot#8453
Alias jibberjabber
I am sorry, my english is not that good, and I sometimes have other problems,so my response might not be perfect.
N5RLX > "Jibber jabber ,all day and all night, jibber jabber jibber jabber"

steve_v
df -h | grep > 20TiB
df -h | grep > 20TiB
Posts: 1395
Joined: 2012-10-06 05:31
Location: /dev/chair
Has thanked: 78 times
Been thanked: 173 times

Re: "systemd" and "zeitgeist" daemons as great security risk

#194 Post by steve_v »

Fernando Negro wrote:If the people at "antiX" would like to generate trust among their users, they could start by not encouraging people to install "cool" apps that allow the "remote access" of our computers and networks. Since that, every person that really knows how the Internet works, knows that to have such a kind of doors, that allow the remote access of our equipments, is a ridiculously *huge* security risk.
This is a ridiculously *huge* load of paranoid garbage. There are many methods for remote access, and without remote access (what do you think a webserver is?) the internet would have no purpose. Knowing about, securing, and safely employing such things is user 101.
Would you have everyone discourage SSH? NoMachine? CGI & PHP? I use all of the above, and none of my boxes have ever been compromised.
Fernando Negro wrote:Any password used in such type of sessions can always be intercepted and decrypted. And, such encrypted connections can also always be decrypted - and, who knows, interfered with, taken over etc.
Rubbish. You clearly know absolutely nothing about encryption or authentication. Go read up on the implementation and the underlying mathematical theory.
You need to find a more reliable source of information. If "prisonplanet" is your go-to, Conspiracy theorist: confirmed.
Fernando Negro wrote:"trap"...
surveilled, recorded and decrypted...
"powers-that-be"
Image
Fernando Negro wrote:Listen to Edward Snowden...
Don't listen to Fernando Negro if you have a functioning brain and wish to keep it that way. He's clearly either a conspiracy nut or a troll, probably both.
Yes, there are various actors who are keen to keep track of what you are up to. But encryption works, which is why certain braindead politicians are are pushing to ban it. If you doubt this, go talk to a mathematician.

Aside from some minor entertainment value, this thread is just a waste of perfectly good bandwidth. If the OP was actually knowledgeable enough to to post a credible "warning" as he claims this is, there'd be technical details here instead of youtube links and fearmongering.
stevepusser wrote:I mean the oblate spheroid earth
What are you talking about? Everybody knows the earth is a disc, supported by four elephants...
Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.

Locked