privacyguides/privacytools.io
Archived
1
0
Fork 0
Code Issues 304 Pull Requests 47 Activity

Software Removal | OS with systemd #2261

New Issue
Closed
opened 2021-04-16 23:35:16 +00:00 by claudiojulioferraz · 4 comments
claudiojulioferraz commented 2021-04-16 23:35:16 +00:00 (Migrated from github.com)
Copy Link

Description

We must replace operating systems that use init Systemd for security reasons.
Read this article: https://unixsheikh.com/articles/the-real-motivation-behind-systemd.html

Why I am making the suggestion

In summary Systemd should not be used because:
RedHat's hidden manipulations and intentions;
disregard for serious security bugs;
maybe the bugs are a backdoor.

The alternatives should be:
Debian -> Devuan
Ubuntu -> Trisquel
Arch -> Artix
Fedora -> PC Linux
NixOs -> Guix System
Ubuntu Touch -> PostmarketOS
Tails and Whonix -> I don't know yet.

My connection with the software

No connection to any cited software.

  • I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
## Description We must replace operating systems that use init Systemd for security reasons. Read this article: https://unixsheikh.com/articles/the-real-motivation-behind-systemd.html ## Why I am making the suggestion In summary Systemd should not be used because: RedHat's hidden manipulations and intentions; disregard for serious security bugs; maybe the bugs are a backdoor. The alternatives should be: Debian -> Devuan Ubuntu -> Trisquel Arch -> Artix Fedora -> PC Linux NixOs -> Guix System Ubuntu Touch -> PostmarketOS Tails and Whonix -> I don't know yet. <!-- Anything you would like to tell us about the software? --> ## My connection with the software No connection to any cited software. <!-- Are you the author? Competitor? Just hating the software with passion for some reason? --> - [x] I will keep the issue up-to-date if something I have said changes or I remember a connection with the software.
lynn-stephenson commented 2021-04-17 02:00:10 +00:00 (Migrated from github.com)
Copy Link

We could consider alternatives, but there is no alternative to Whonix, and thus will not be removed.

We could consider alternatives, but there is no alternative to Whonix, and thus will _not_ be removed.
dawidpotocki commented 2021-04-17 08:38:52 +00:00 (Migrated from github.com)
Copy Link

stoopid proposal

Fact 1: systemd is from Red Hat

Oh no, guess who is developing your kernel?

Fact 2: The primary reason for developing systemd is Red Hat's business interests in embedded devices

Who cares?

Fact 3: No, it's not a myth, systemd is truly a huge monolith
The fact is however, that many of these so-called individual binaries has functionality that simply will not work without other systemd components.

Well… not really, look at elogind. You will likely have use it on non-systemd Linux distros… oh wait… would that mean that you are using systemd? NOOOOOOOOOOOOO. Btw you do not have to use these systemd tools on systemd systems.

Fact 4: Privacy concerns
systemd-resolved has hard coded fallback DNS servers for Cloudflare, Quad9 and Google. Even if you turn these off, a bug might cause these to be used anyway (which actually happened at one point).

They made this trade-off that in case your DNS server from DHCP is broken, it will fallback to something that will probably work, so you do not have a broken network connection. In case you did not know, bugs can happen everywhere.

Let's look at some links they listed

https://github.com/systemd/systemd/issues/6237

I do not see how it's an issue, you provided an invalid name so it ran it as a root, which is… the default and there is no other default possible that would make sense. You need a root privs to do that… so I really do not see the issue.

Most of this blog post is about Red Hat, not systemd as a software.

Now if we look at your alternatives…

  • Devuan - takes a long timeeee to rebase on a new Debian release
  • PC Linux - u want to replace Fedora with… a distro that is "So cool ice cubes are jealous" and a website looking like something straight from XP era or earlier?
  • Trisquel - lmao (EDIT: I checked on DistroWatch and it seems to be using systemd, good job OP)
  • postmarketOS - Did you ever use it? I have a PinePhone and pmOS is… not great.

And no… I'm not a Red Hat or systemd fanboy. I used Void Linux for over a year on my laptop and I'm using Alpine on my VPS. Runit it pretty simple and nice… but at some point you might notice that you need something more powerful and something that is more unified etc. Writing services for OpenRC is a pain in the ass, I hated every single moment of doing that. I could do what I wanted to do on systemd (I did not succeed on OpenRC) in a minute without any previous experience.

stoopid proposal --- > Fact 1: systemd is from Red Hat Oh no, guess who is developing your kernel? > Fact 2: The primary reason for developing systemd is Red Hat's business interests in embedded devices Who cares? > Fact 3: No, it's not a myth, systemd is truly a huge monolith > The fact is however, that many of these so-called individual binaries has functionality that simply will not work without other systemd components. Well… not really, look at `elogind`. You will likely have use it on non-systemd Linux distros… oh wait… would that mean that you are using systemd? NOOOOOOOOOOOOO. Btw you do not have to use these systemd tools on systemd systems. > Fact 4: Privacy concerns > systemd-resolved has hard coded fallback DNS servers for Cloudflare, Quad9 and Google. Even if you turn these off, a bug might cause these to be used anyway (which actually happened at one point). They made this trade-off that in case your DNS server from DHCP is broken, it will fallback to something that will probably work, so you do not have a broken network connection. In case you did not know, bugs can happen everywhere. --- Let's look at some links they listed https://github.com/systemd/systemd/issues/6237 I do not see how it's an issue, you provided an invalid name so it ran it as a root, which is… the default and there is no other default possible that would make sense. You need a root privs to do that… so I really do not see the issue. --- Most of this blog post is about Red Hat, not systemd as a software. Now if we look at your alternatives… - Devuan - takes a long timeeee to rebase on a new Debian release - PC Linux - u want to replace Fedora with… a distro that is "So cool ice cubes are jealous" and a website looking like something straight from XP era or earlier? - Trisquel - lmao (EDIT: I checked on [DistroWatch and it seems to be using systemd](https://distrowatch.com/table.php?distribution=trisquel), good job OP) - postmarketOS - Did you ever use it? I have a PinePhone and pmOS is… not great. --- And no… I'm not a Red Hat or systemd fanboy. I used Void Linux for over a year on my laptop and I'm using Alpine on my VPS. Runit it pretty simple and nice… but at some point you might notice that you need something more powerful and something that is more unified etc. Writing services for OpenRC is a pain in the ass, I hated every single moment of doing that. I could do what I wanted to do on systemd (I did not succeed on OpenRC) in a minute without any previous experience.
👍 2
rusty-snake commented 2021-04-17 09:01:29 +00:00 (Migrated from github.com)
Copy Link

Here's a list of projects in which RedHat has done a big part of development: https://en.wikipedia.org/wiki/Red_Hat#Programs_and_projects

  • KVM
  • GNOME
  • systemd
  • PulseAudio
  • LibreOffice
  • Xorg

and even more:

  • Linux (the kernel)
  • NetworkManager
  • Wayland
  • Flatpak
  • libvirt / virt-manager

There is no Linux w/o RedHat today.

Here's a list of projects in which RedHat has done a big part of development: https://en.wikipedia.org/wiki/Red_Hat#Programs_and_projects - KVM - GNOME - systemd - PulseAudio - LibreOffice - Xorg and even more: - Linux (the kernel) - NetworkManager - Wayland - Flatpak - libvirt / virt-manager There is no Linux w/o RedHat today.
freddy-m commented 2021-04-17 11:36:11 +00:00 (Migrated from github.com)
Copy Link

See former team member @dawidpotocki's reply.

See former team member @dawidpotocki's reply.
This repo is archived. You cannot comment on issues.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
🔍🤖 Search Engines
approved
approved, waiting for a PR
dependencies
Pull requests that update a dependency file
duplicate
feedback wanted
high priority
I2P
The Invisible Internet Project (I2P)
iOS
low priority
OS
Operating Systems
Self-contained networks
Social media
stale
A label for stalebot if it gets added
streaming
Anything related to media streaming.
todo
Tor
Anything covering the Tor network
WIP
active work in progress, do not merge or PR (yet)!
wontfix
Issues or bugs that will not be fixed and/or do not have significant impact on the project.
XMPP
Extensible Messaging and Presence Protocol
[m]
Matrix protocol
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
Browser Extension related issues
enhancement
software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
Correction of content on the website
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
Firefox & forks, about:config etc.
💻 hardware
🌐 hosting
🏠 housekeeping
Anything primarily related to site cleanup.
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
Virtual Private Network
🌐 website issue
*Technical* issues with the website.
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
Domain Name System
🗨️ instant messaging (im)
🇦🇶 translations
Anything covering a translated version of the site
No Label
software removal
Milestone
No items
No Milestone
Assignees
Clear assignees
jonah
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: privacyguides/privacytools.io#2261
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?