This is crucial time for my continuing the work, hopefully, or not (which I would not like if that had to happen, and which will certainly not immediately happen, as I wrote a few days ago here) with this Debian GNU/Linux Tips page on Grsecurity.
There is very little opportunity, other then with some determined hard work, for a Debian newbie to gain true understanding of what this is really about, because of the strong and merciless propaganda from the systemd-impositioners side, and if that continues to be so, the losing party will be the freedom itself.
The freedom will be the losing party, in its brightest and most beautiful quality: the privacy.
There is no privacy without security, and the only true security nowadays in GNU/Linux is where the two honest geniuses, Spender and Pax Team, and developers associated with them, work on fixing the holes in the kernel: the Grsecurity.
That is my view, and it is absolutely legitimate for me to say that here. However, if you want more on that, study my other posts, recent and earlier, as I can not indulge in it here, reasons also being too much, and often flaming, opposition from the systemd-supporters' side.
On that flaming and invading opposition though, proofs aplenty in the link that I will give next in this current post. And some of it is of the worst kind. Some of it is downright trolling, on me:
How to avoid stealth installation of systemd?
Some of you, readers and users of my script-guide for beginners that this topic you're reading features, can perfectly understand me if I tell you:
There will be no more room left, not really, for us who want that aforesaid true security if the systemd becomes the sole way to go in Debian GNU/Linux, no there will not really be any more!
If the few dishonest people (remember there's a very very tiny minority who own the majority of world's resources generally, and into those tiny group these few of our concern belong)...
No, I'm not an insider nor an investigative journalist with sources to know about those few, I only reserve the right to deduce it logically from the big picture.
And the big picture, what is the big picture? Read, first, this mail by [IIUC] a Debian Developer:
https://lists.debian.org/debian-devel/2 ... 00143.html
> Can we get over this now and start making Jessie the most awesome stable
> release we've ever prepared together?
For some of us there will never be an awesome Debian release that at it's core contains systemd. It's core developers, Lennart Poettering and Kay Sievers, work for a company that has multi-billion dollar contracts with NSA. It is your choice to assume good faith on their part. It is our choice not to.
Please respect our decision to stay away from systemd and still be Debian users. If possible, please, don't resist changes that make our lives easier.
You can also find plenty of discussion on who brought up those changes (and the few I mentioned are the movers and shakers of some of those companies that did bring about those changes) in, so far, probaly the best (public) discussion in the GNU/Linux world to be found on the issue:
When (and if) Gentoo will switch to systemd?
That's all I base my statement on. That Gentoo Forums discussion. However, is a very hefty read, and I am not sifting through it again just to provide details lto support n my claim. What I said, and referenced, suffices for my argument here. Check it out yourself, anyone, before potentially blaming me for bringing in a lame argument. That argument is not lame, just read that aformentioned voluminous Gentoo Forums discussion to check it.
In light of the above, my next thought. Actually I deployed the above reasoning for it.
My next thing to do regarding yours and mine true freedom, dear reader, which, again, there is none without what every and any in the world democratic country claims is the guarantied right of their citizens: the right to secrecy in their communications, which translates to: privacy (yes privacy is: secrecy when you want it), which there is none, no privacy/secrecy there in computing, without security.
And do you really believe that spy agencies can provide you that security, which Debian has as default: the NSA's SELinux?... And I don't trust any other "security" either.... but only Grsecurity [for my privacy, and so for my freedom]...
But my next thing to do was a Tip in these forums on how to deploy Gradm, for full Grsecurity protection, because the sole installation of Grsecurity is fine, and protects you from most of the attacks, from almost all, but, alsa, not all..
Not all... There is a little left to do to gain full protection, which little cannot be done through patching the GNU/Linux kernel (which Grsecurity is: it is a set of patches to the kernel), and that little which still remains missing when Grsecurity patched kernel is installed in your system, can be done with Gradm:
for which pls. see:
the Download page
Grsecurity on Wikibooks page
(in both of which find Gradm)
But Gradm is much, much harder to deploy on poetteringware-ruined (IMO) systems, of which poetteringware the systemd is (IMO) the absolutely most detrimental to GNU/Linux as we have known it by now.
Do you get my point, dear reader?
There have been reports and complaints on, I don't remember now exactly, but either systemd or some of its precursors/kindred like the *kits (consolekit, policykit), or somesuch, how Gradm cannot be properly/easily installed/configured on Grsecurity-patched Gentoo kernels, these things being hard or not doesn't depend of which distro we're talking.
What I mean, deploying Gradm and getting true privacy for your box (which your country's Constitution probably guaranties for you) is going to be much harder if we don't get systemd-free option for our Debian machines.
So dear reader, if you understan my points, and I'm sure some of you readers do understand me quite well, then please don't allow trolls to drown my new topic which I deployed to address the issue of getting for ourselves a systemd-free GNU/Linux Debian, the:
How to avoid stealth installation of systemd?
(link given nearer to the top of the post)
Don't allow it to be drowned. Instead, study the issue and try to help. You can help even if you just have honest questions, maybe on the methods to choose, which there are two there, and none contains complete advice in regard either from me or from some advanced user or developer, or with more relevant information, if you have any, if you are an advanced user or developer truly looking into these posts to help.
==== cut this line and all underneath if verifying hashes ====
File corresponding to this file, Deb_Grsec_140816.txt,
has Publictimestamp # 1238462
publictimestamp.org/ptb/PTB-21385 sha256 2014-08-16 12:01:45
CORRIGENDA 2014-08-17 23:34 CEST:
Replace: "from almost all, but, alsa, not all"
With: "from almost all, but, alas, not all"