systemd is destructive

Here you can discuss every aspect of Debian. Note: not for support requests!

Re: systemd is destructive

Postby dust hill resident » 2016-11-08 18:24

Systemd is controversial, but ultimately, it'll make Linux great again.

I just updated my main desktop computer from Debian oldstable to stable a few days ago, so it has systemd now. Everything's working great. Lennart Poettering is the best! I support systemd.
User avatar
dust hill resident
 
Posts: 235
Joined: 2007-05-18 13:31

Re: systemd is destructive

Postby millpond » 2016-11-12 23:16

dust hill resident wrote:Systemd is controversial, but ultimately, it'll make Linux great again.

I just updated my main desktop computer from Debian oldstable to stable a few days ago, so it has systemd now. Everything's working great. Lennart Poettering is the best! I support systemd.


The right tool for the right job.

As i have elsewhere stated, as a Devuan user, with no great love or respect for Lennart, I do see plenty of useful applications for systemd.
I regard it as a form of busybox, something which assumes the functions of others that may not do *very well* put performs functions adequately enough for special device purposes.

A consumer Linux system designed to discourage users from delving into the cli for mods, and keep them distracted with eyecandy on the desktop - in indeed quite special purpose. It should work great with such users.

For sysadmins and others who need full control of the system down to the raw code systemd is a nightmare - it breaks thing, especially when those things are tried and tested scripts for honing and customizing systems. Binary logs are the ultimate insult to anyone running a server. A disgrace actually.

I would not mind squeezing systemd into a Raspberry Pi fitted with WRT or Tomato to make a small roter. There reboot times are critical, and there are few dependencies to break.

I would not mind putting systemd into a toaster, or a burglar alarm.

I do not even really mind having libsystemd on my Devuan systems. It comes when called and then goes away. There it seems to act like software *should*.

I simply have a problem with ANY software that tries to take over and dominate system functions without being easy to turn off, disable, or remove.

SystemD is not the only one to be singled out for restricting freedom. Others do it at the excuse of security, not realizing that security is inversely proportional to freedom. Ask Ben Franklin. I dislike PAM, and I hate grub.

Systemd is only a chancre sore on the underlying ulcer of 'korporate efficiency' that is affecting and infecting the FOSS world and worldview.

Recently it has been determined that the Win microkernel, and especially svchost is not only vulnerable to booger attacks, it has been since day one of the nt kernel, and it is in its entirety unpatchable. As in unfixable.

Systemd is just another svchost app, and do we really want to discover 20 years from now that all our real attempts at system security is nothing but a joke???

I dont really care if my toaster gets hacked, or if my alarms go off at 3am. I can fix that, with an older version of Linux.

I do care if the swat teams come bashing down my door because someone in the DNC decided to use my system as a bot for their emails.
millpond
 
Posts: 582
Joined: 2014-06-25 04:56

Re: systemd is destructive

Postby bw123 » 2016-11-13 00:19

Systemd is just another svchost app, and do we really want to discover 20 years from now that all our real attempts at system security is nothing but a joke???

I dont really care if my toaster gets hacked, or if my alarms go off at 3am. I can fix that, with an older version of Linux.

I do care if the swat teams come bashing down my door because someone in the DNC decided to use my system as a bot for their emails.


Interesting point of view, but real examples of systemd being hacked this way would be more persuasive.
jessie/KDE4.14.2 plasma netbook, 3.16.39-1+deb8u2 (2017-03-07) x86_64 GNU/Linux
User avatar
bw123
 
Posts: 2378
Joined: 2011-05-09 06:02
Location: TN_USA

Re: systemd is destructive

Postby ruffwoof » 2016-11-13 01:55

If you look at all of the derivatives ... massive amounts of duplication/replication http://futurist.se/gldt/wp-content/uploads/12.10/gldt1210.png then I see a common kernel and a common systemD convergence as being a good thing. More eyes all looking at the same, rather than every-which-way alternatives.
ruffwoof
 
Posts: 115
Joined: 2016-08-20 21:00

Re: systemd is destructive

Postby millpond » 2016-11-13 05:33

ruffwoof wrote:If you look at all of the derivatives ... massive amounts of duplication/replication http://futurist.se/gldt/wp-content/uploads/12.10/gldt1210.png then I see a common kernel and a common systemD convergence as being a good thing. More eyes all looking at the same, rather than every-which-way alternatives.


It is the sheer diversity that defines Linux to many of us. Ideally, a master of Linux creates his own distro. It is crucial to the element of freedom.

Linux is not cheesecake where one would want uniformity between units.

It is more like pizza - where every attempt to standardize\korporatize it with chains\affiliates only degrade the end result.

Centralization of functions is not always a good thing. There are powerful arguments against the Linux monolithic kernel itself. And systemd is set on a path to displace, and even replace that kernel. If the days of the Linux kernel are numbered, I'd much rather see it replaced by a microkernel than a Lennart monstrosity.
But sadly it will probably not really be Linux anymore.
millpond
 
Posts: 582
Joined: 2014-06-25 04:56

Re: systemd is destructive

Postby millpond » 2016-11-13 07:25

bw123 wrote:
Systemd is just another svchost app, and do we really want to discover 20 years from now that all our real attempts at system security is nothing but a joke???

I dont really care if my toaster gets hacked, or if my alarms go off at 3am. I can fix that, with an older version of Linux.

I do care if the swat teams come bashing down my door because someone in the DNC decided to use my system as a bot for their emails.


Interesting point of view, but real examples of systemd being hacked this way would be more persuasive.



The problem is that the high level of technical competence to use the exploits in open source code, make it unlikely that they would even be detected in reasonable time periods. I for one do not believe in the least that mod-heartbeat was a programmer error. Just do a little investigation, and it seems positively weird how it got into the Apache distribution.

A well designed exploit will be undetectable since it will not be different from normal system processes. With the exception that many of the best designed exploits, if they are discovered at all, often have no observable functions, and will often self destruct after a period of time. My personal guess is that they are used as capsids to inject into hardware.

All modern CPUs have special execution bits designed to enable *outside* agencies to take control of the system. The user has no access to these functions. An example of this explained is at:
https://www.youtube.com/watch?v=4kCICUPc9_8

Systemd enters into the fray, as Redhat's primary customer is the US military, and it is certainly reasonable to suppose that they would want ultimate control over their systems without operator awareness. we will never see those exploits, as they would be regarded as Top Secret. This article:
https://igurublog.wordpress.com/2014/02 ... your-life/

Mentions how Redhat and M$ software have had certain anomalies over long period of time, that may be more than 'bad programming' - especially when such bad programming can generate overflow/race conditions that can compromise the system.

There have been plenty of security patches already issued for systemd:
/www.suse.com/support/update/announcement/2016/suse-su-20161346-1.html

Is just one. The problem is that as the program grows within Linux, and its complexity increases, that major exploits become not just probable, but apparently inevitable. Just look at Linux itself, after having suffered quite a few major embarassments in the past few years.

Plus there is the fact that any software used by the US military would be a primary target in any international cyberwarfare as part of a pre-emptive first strike: Command, Control, Communications.

I certainly do not believe that non-systemd systems would be safe in such a scenario - only *safer*.

SO at least by current technology available to general users like us - absence of evidence is not evidence of absence.

The scary part is *trends*, which is the main objection to systemd, and similar 'technologies' that attempt to usurp the traditionally independent parts of the general system.
millpond
 
Posts: 582
Joined: 2014-06-25 04:56

Re: systemd is destructive

Postby Head_on_a_Stick » 2016-11-15 07:39

^ That being the case, the Linux kernel should not be used then -- RedHat contributes quite a lot of code to the kernel, no?

The kernel is far more likely to subvert the system than PID1 and contains far more lines of code in which a backdoor could be hidden.

Has anybody told the Devuan people?

:mrgreen:
“Controlling complexity is the essence of computer programming."Brian Kernighan

Please read before posting How to report a problem
User avatar
Head_on_a_Stick
 
Posts: 6491
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: systemd is destructive

Postby edbarx » 2016-11-20 14:23

Head_on_a_Stick wrote:The kernel is far more likely to subvert the system than PID1 and contains far more lines of code in which a backdoor could be hidden.

The kernel is the system. A backdoor would simply be a function that is permanently running as a thread. However, SystemD, as its name suggests, is another system that is replacing parts of "classical Linux", with "modern" parts that require tweaks by obstinate naughty users, who insist of putting themselves as rulers of their operating systems.
Debian == { > 30, 000 packages }; Debian != systemd
The worst infection of all, is a false sense of security!
It is hard to get away from CLI tools.
User avatar
edbarx
 
Posts: 5379
Joined: 2007-07-18 06:19
Location: 35° 50 N, 14 º 35 E

Re: systemd is destructive

Postby millpond » 2016-11-21 21:14

edbarx wrote:
Head_on_a_Stick wrote:The kernel is far more likely to subvert the system than PID1 and contains far more lines of code in which a backdoor could be hidden.

The kernel is the system. A backdoor would simply be a function that is permanently running as a thread. However, SystemD, as its name suggests, is another system that is replacing parts of "classical Linux", with "modern" parts that require tweaks by obstinate naughty users, who insist of putting themselves as rulers of their operating systems.


I believe that at the core of the matter is the belief that Linux is and should remain a recognizable and *similar* port of Unix. Posix compliant in all aspects.

Its the general direction of deviating away from this backbone that is the real issue here.

I have no objection to Redhat/Ubuntu creating Lennux. It would probably even run more efficiently on desktops and widgets.

But i want Linux on my systems. I would consider BSD, but for driver issues.
I want to be able to create my own daemons and put them where I want them, and fire them up and stop them on my own terms. Sysvinit gives me those options plain and clear. I do not want them lgged into some weird type of database and wotnot - that might be subject to processes i do not want.

The object of Linux is to have the power to wrest control of the system even from Linus.
Compiling ones kernel goes a long way towards this, for example.

Where are the config option files to compile systemd, and even gnome to turn stuff OFF.

Its a much bigger battle than just systemd.
millpond
 
Posts: 582
Joined: 2014-06-25 04:56

Re: systemd is destructive

Postby Head_on_a_Stick » 2016-11-22 07:50

edbarx wrote:A backdoor would simply be a function that is permanently running as a thread.

Actually, I was thinking of a deliberate buffer overflow or similar vulnerability.
“Controlling complexity is the essence of computer programming."Brian Kernighan

Please read before posting How to report a problem
User avatar
Head_on_a_Stick
 
Posts: 6491
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: systemd is destructive

Postby fsmithred » 2016-11-22 16:22

Head_on_a_Stick wrote:The kernel is far more likely to subvert the system than PID1 and contains far more lines of code in which a backdoor could be hidden.

Has anybody told the Devuan people?


The kernel team has a much better track record when it comes to fixing their own bugs and not breaking other people's stuff. And yes, the devuan folks know. I think most of them are sysadmins with lawns.
fsmithred
 
Posts: 1858
Joined: 2008-01-02 14:52

Re: systemd is destructive

Postby sunrat » 2016-11-22 23:24

fsmithred wrote:...I think most of them are sysadmins with lawns.

I didn't think lawns needed sysadmins, just water and mow every few weeks. :D
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!
User avatar
sunrat
 
Posts: 1909
Joined: 2006-08-29 09:12
Location: Melbourne, Australia

Re: systemd is destructive

Postby Head_on_a_Stick » 2016-11-23 07:54

I wrote:Has anybody told the Devuan people?

I apologise for this flippant comment, I meant no disrespect to the hard-working Devuan team.

fsmithred wrote:The kernel team has a much better track record when it comes to fixing their own bugs and not breaking other people's stuff.

Even if that is true, @millpond was referring to deliberate attempts to place vulnerabilities in the code base, this would be easier to do and harder to detect [1] with the (much) larger code base in the Linux kernel rather than systemd (and also more likely to be effective).

[1] The only way to find deliberate backdoors would be a systematic audit of the code and who does that? *cough*OpenBSD*cough*
“Controlling complexity is the essence of computer programming."Brian Kernighan

Please read before posting How to report a problem
User avatar
Head_on_a_Stick
 
Posts: 6491
Joined: 2014-06-01 17:46
Location: /dev/chair

Re: systemd is destructive

Postby oswaldkelso » 2016-11-23 11:26

[1] The only way to find deliberate backdoors would be a systematic audit of the code and who does that? *cough*OpenBSD*cough*


While OpenBSD maybe one of the more secure operating systems they do include "binary blobs" that they have no way of checking.

https://web.archive.org/web/20060603230 ... /node/6550

I like the FSF position on this. If the firmware can not be updated in any way it's part of the hardware, If it can it's software and needs the source to be available.

Of course that doesn't stop some trumped up leader from ordering the manufacturer to insert dodgy firmware, so even more reason to buy hardware with free firmware.
Ash init durbatulûk, ash init gimbatul,
Ash init thrakatulûk agh burzum-ishi krimpatul.
User avatar
oswaldkelso
 
Posts: 1063
Joined: 2005-07-26 23:20
Location: UK

Re: systemd is destructive

Postby millpond » 2016-11-23 22:13

Head_on_a_Stick wrote:
I wrote:Has anybody told the Devuan people?

I apologise for this flippant comment, I meant no disrespect to the hard-working Devuan team.

fsmithred wrote:The kernel team has a much better track record when it comes to fixing their own bugs and not breaking other people's stuff.

Even if that is true, @millpond was referring to deliberate attempts to place vulnerabilities in the code base, this would be easier to do and harder to detect [1] with the (much) larger code base in the Linux kernel rather than systemd (and also more likely to be effective).

[1] The only way to find deliberate backdoors would be a systematic audit of the code and who does that? *cough*OpenBSD*cough*


Keeping in mind that much of Unix development with networks has been funded directly, or indirectly by DARPA - I have no doubts that there are some kind of exploits well hidden in the kernel coding or else probably a commonly used module. Look at Bash, which was probably the tip of the iceberg. But I do believe that the deepest layer exploits would be the most classified, to be used only in times of 'emergency' - lest their existence come to light. They do not really bother me, as they could just as easily shut the net down.

It all comes down to a matter of who to trust: Linus or Lennart. My choice is the Finn. Lennart has a history of arrogance and even contempt for Linus himself. There is no real question that he intends the systemd project to morph into something that will challenge the kernel itself. plus i trust Redhat about as much as I trust microsoft. The exploits I expect to see inserted would be more military and corporate in nature. Aimed at command, control and surveillance (particularly for the military). This will be most apparent when redhat starts to try to march us into the cloud, and at first the code will be innocuous. Execution disable bits used to prevent unauthorized access, as well as promoted as a security device against theft, and even remote repair of damaged BIOS. In a way some of the greatest threats will he hidden in plain sight.

Plus there is another aspect: look at how much software has started off 'free' and morphed into blood suckers after they have 'hooked' a user base. Do we really trust redhat that much????
millpond
 
Posts: 582
Joined: 2014-06-25 04:56

PreviousNext

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 1 guest

fashionable