bw123 wrote:Interesting point of view, but real examples of systemd being hacked this way would be more persuasive.Systemd is just another svchost app, and do we really want to discover 20 years from now that all our real attempts at system security is nothing but a joke???
I dont really care if my toaster gets hacked, or if my alarms go off at 3am. I can fix that, with an older version of Linux.
I do care if the swat teams come bashing down my door because someone in the DNC decided to use my system as a bot for their emails.
The problem is that the high level of technical competence to use the exploits in open source code, make it unlikely that they would even be detected in reasonable time periods. I for one do not believe in the least that mod-heartbeat was a programmer error. Just do a little investigation, and it seems positively weird how it got into the Apache distribution.
A well designed exploit will be undetectable since it will not be different from normal system processes. With the exception that many of the best designed exploits, if they are discovered at all, often have no observable functions, and will often self destruct after a period of time. My personal guess is that they are used as capsids to inject into hardware.
All modern CPUs have special execution bits designed to enable *outside* agencies to take control of the system. The user has no access to these functions. An example of this explained is at:
https://www.youtube.com/watch?v=4kCICUPc9_8
Systemd enters into the fray, as Redhat's primary customer is the US military, and it is certainly reasonable to suppose that they would want ultimate control over their systems without operator awareness. we will never see those exploits, as they would be regarded as Top Secret. This article:
https://igurublog.wordpress.com/2014/02 ... your-life/
Mentions how Redhat and M$ software have had certain anomalies over long period of time, that may be more than 'bad programming' - especially when such bad programming can generate overflow/race conditions that can compromise the system.
There have been plenty of security patches already issued for systemd:
/www.suse.com/support/update/announcemen ... 346-1.html
Is just one. The problem is that as the program grows within Linux, and its complexity increases, that major exploits become not just probable, but apparently inevitable. Just look at Linux itself, after having suffered quite a few major embarassments in the past few years.
Plus there is the fact that any software used by the US military would be a primary target in any international cyberwarfare as part of a pre-emptive first strike: Command, Control, Communications.
I certainly do not believe that non-systemd systems would be safe in such a scenario - only *safer*.
SO at least by current technology available to general users like us - absence of evidence is not evidence of absence.
The scary part is *trends*, which is the main objection to systemd, and similar 'technologies' that attempt to usurp the traditionally independent parts of the general system.