Boy am I glad Slackware chose not to go with systemd... and its backdoors/viruses
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Has nothing to do with systemd other than the name of it's process? Sounds almost like most politics these days. Doesn't matter what you choose. Lots of yelling, arguing and throwing blame around. None of it has any actual substance behind it. Just sounds good to get people lit up for an imaginary reason.
Day by day Linux is becoming less and less appealing. It's not just systemd; it's also the hijacking and monopolisation of the desktop, of the browser, and of the conversation itself. People are forced out of positions because they commit the crime of wrong speak. At the moment there are enough options to stick with Linux. The old window managers still work, and Vivaldi tries to break the grip of the monopolies (yes, you included, Mozilla) on the browser. How long that will last, with wayland now being imposed by our superiors as a superior solution which we, the underlings, should accept without a murmur, is anyone's guess. All I know is that when it happens I will be only too happy to dump Linux, let the lemmings have the stage all to themselves, and move elsewhere.
I've tested on my own skin the Zero Security of X11, around a year ago.
I've discovered the malware after the twin security factor from my bank asked on my phone to confirm a $100 payment to a super-market from Kiev, Ukraine. A quite strange payment from his prepay card, for someone living on north of China.
Looking carefully on system, I discovered something similar with what LC described as user-side defacement, and later some friends of mine from another forum concluded that the malware program (which I preserved several months) was a keylogger, which stolen my card data.
In those days I've learned that any X11 program once started can watch the keyboard, mouse and any other input devices as it likes. And I started to be interested by Wayland, while stopping buying on-line even dog-food.
Yes, the X11 is a utterly security disaster and any other solution would be better than it. Even as user-side usage. Unwillingly I tested this myself.
Last edited by ZhaoLin1457; 05-01-2021 at 03:10 AM.
I tested on my own skin the Zero Security of X11, around a year ago.
I discovered the malware after the twin security factor from my bank asked on my phone to confirm a $100 payment to a super-market from Kiev, Ukraine. A quite strange payment from his prepay card, for someone living on north of China.
Looking carefully on system, I discovered something similar with what LC described as user-side defacement, and later some friends of mine from another forum concluded that the malware program (which I preserved several months) was a keylogger, which stolen my card data.
In those days I've learned that any X11 program once started can watch the keyboard, mouse and any other input devices as it likes. And I started to be interested by Wayland, while stopping buying on-line even dog-food.
Yes, the X11 is a utterly security disaster and any other solution would be better than it. Even as user-side usage. Unwillingly I tested this myself.
That's all very well, but x11 is 30+ years old. What's wayland going to look like in 30 years' time? The exact same - a mess of patches on top of patches on top of patches. Nobody here is disputing that newer software, written with security in mind, probably in a language other than C, is going to be better and safer. The problem is that nobody is looking at what the new "vaccine" software is going to cost us when it's as old and hoary as that which it so loftily replaced.
Do you remember the days when, to get Red Hat Certification, you had to do everything through SeLinux. Security Vulnerabilities killed that.
selinux! Wow that's a blast from the past.
I remember back around 2003 or 2004 there was a member of the local LUG who had a Debian machine running selinux. He issued a "try and hack me" type challenge to all on the mailing list. Soon after, he announced that the machine was being taken offline. It, and the challenge, never came back... and it's memory slowly and surely faded away.
That's all very well, but x11 is 30+ years old. What's wayland going to look like in 30 years' time? The exact same - a mess of patches on top of patches on top of patches. Nobody here is disputing that newer software, written with security in mind, probably in a language other than C, is going to be better and safer. The problem is that nobody is looking at what the new "vaccine" software is going to cost us when it's as old and hoary as that which it so loftily replaced.
I agree mostly. The fact is that the early unix (or internet) protocols were designed to be completely open (which we learned meant "not secure"); ftp, telnet, finger, dns, x11 and all others. Later http. Even later the dreadful javascript.
Since then we have learnt that evil people and governments (note the distinction) spy on us and those protocols are in a slow process of being replaced by secured protocols: ssh, sftp, ftps, https etc.
If Wayland is actually secure I cannot say. But I don't think it is fair to say that the "secure" protocols will look like the old ones in 30 years time.
@Zhaolin1457 did you discover how or come up with a "best guess" as to how the keylogger got on your system?
As a general comment, perhaps the OP's offering does present a good counter example to the "Standardization Argument". Although I doubt I would pick up the .local/** in user, I likely would notice and investigate a systemd-daemon running in root.
I've tested on my own skin the Zero Security of X11, around a year ago.
I've discovered the malware after the twin security factor from my bank asked on my phone to confirm a $100 payment to a super-market from Kiev, Ukraine. A quite strange payment from his prepay card, for someone living on north of China.
Looking carefully on system, I discovered something similar with what LC described as user-side defacement, and later some friends of mine from another forum concluded that the malware program (which I preserved several months) was a keylogger, which stolen my card data.
In those days I've learned that any X11 program once started can watch the keyboard, mouse and any other input devices as it likes. And I started to be interested by Wayland, while stopping buying on-line even dog-food.
Yes, the X11 is a utterly security disaster and any other solution would be better than it. Even as user-side usage. Unwillingly I tested this myself.
Good points, do you think the malware would be able to get through with this via a system proxy server?
Code:
iptables -A OUTPUT -o eth0 -m owner --gid-owner 100 -j DROP
Lunduke: The most desperate irrelevant techhead on the internet. Even Linus Tech Tips is more useful.
I never thought I'd say it, but bring back Nixie Pixel.
Quote:
Originally Posted by Gerard Lally
Day by day Linux is becoming less and less appealing. It's not just systemd; it's also the hijacking and monopolisation of the desktop, of the browser, and of the conversation itself. People are forced out of positions because they commit the crime of wrong speak. At the moment there are enough options to stick with Linux. The old window managers still work, and Vivaldi tries to break the grip of the monopolies (yes, you included, Mozilla) on the browser. How long that will last, with wayland now being imposed by our superiors as a superior solution which we, the underlings, should accept without a murmur, is anyone's guess. All I know is that when it happens I will be only too happy to dump Linux, let the lemmings have the stage all to themselves, and move elsewhere.
Very good post. It's no wonder that many seasoned *nix users end up going to Mac or Windows. Sure, you may not be able to solve every problem yourself, but one phone call to India can be better on your time and mental health than arguing for several pages on a forum over the latest open source non-issue.
Last edited by Lysander666; 05-04-2021 at 03:56 AM.
I know this thread started about systemd, but I feel the two main uses of linux might be getting confused.
Console based Linux servers effectively using the Gnu OS and play a large part in running the internet
User & media systems which add X, browsers, and a whole drawer-full of less secure stuff.
I don't feel the first group is going anywhere too fast. There is huge priority on fixes for these machines, rigorous maintenance and I don't see any better alternatives except console based BSD.If a major exploit was discovered, teams of programmers would rapidly close it, and possibly do a fundamental rewrite.
We can say that about linux (and console based bsd, but no other system. Systemd has a limited role here.
Now make a user system out of linux, with X, window managers, eye candy & monolithic "do everything" software suites, and security exits stage left.
But I was under the impression that systemd, like the new naming convention for network devices, came from the server world and we home users were expected to just put up with it. After all Red Hat invented it and they're basically a commercial server support service.
Lunduke: The most desperate irrelevant techhead on the internet. Even Linus Tech Tips is more useful.
I never thought I'd say it, but bring back Nixie Pixel.
Very good post. It's no wonder that many seasoned *nix users end up going to Mac or Windows. Sure, you may not be able to solve every problem yourself, but one phone call to India can be better on your time and mental health than arguing for several pages on a forum over the latest open source non-issue.
A few years ago I became more than a little fed up with the Google tax on my Android phones, and with the manufacturers, even of mid- to high-end Androids, shoving FB, Twitter, Insta and all the other unwanted cr@p on my phone with no option to remove. I also disliked intensely Google's refusal to implement standard CalDAV and CardDAV on Android. Then I did what I thought I would never do -- I bought a secondhand iPhone to try it out. Straight away I was in love. And have never stopped marvelling at the engineering brilliance of iOS since. I added an iPad to the mix 18 months ago. and plan to get one of those new M1 Macs soon. All I can say is that Apple's software, whatever about the hardware, is light years ahead of all the competition in many respects, unless tinkering is something you like (and I actually do like tinkering, which is why I will be sticking with Slackware).
For people who aren't interested in or as good at programming and sysadmin, iOS and MacOS are far, far better than Windows, Plasma, Xfce and (splutter) Gnome. It's not even close. Linux has had 30 years to get its desktop act together, and they're still f@rting about around the edges, breaking and reinventing things that Fvwm had 30 years ago. Gnome 40 came out recently and they're making a big song and dance about how workspaces can now be switched horizontally? Seriously?
I'm getting increasingly sick of it, which is not a criticism of the brilliant developers who gave us Fluxbox, Openbox, Fvwm, Awesome, and the rest, but absolutely a criticism of all those monopolies and corporations and organisations who have taken over Linux and imposed their vision of it on the rest of us.
A few years ago I became more than a little fed up with the Google tax on my Android phones, and with the manufacturers, even of mid- to high-end Androids, shoving FB, Twitter, Insta and all the other unwanted cr@p on my phone with no option to remove. I also disliked intensely Google's refusal to implement standard CalDAV and CardDAV on Android. Then I did what I thought I would never do -- I bought a secondhand iPhone to try it out. Straight away I was in love. And have never stopped marvelling at the engineering brilliance of iOS since. I added an iPad to the mix 18 months ago. and plan to get one of those new M1 Macs soon. All I can say is that Apple's software, whatever about the hardware, is light years ahead of all the competition in many respects
I've hardly used a Mac, so I can't comment. All I can add to the discussion is that I too used to use an earlier version of Android, it was 3 or 4, on an HTC. I don't remember much about Android then other than the fact that the whole thing felt awkward and clunky.
In the last month I got myself a new smartphone with Android 10, and the difference is almost immeasurable. It's a gorgeous operating system. Smooth, good-looking, mature, intuitive and it isn't bundled with Twitter, Instagroan etc. I imagine iOS is even better by comparison - but for what it's worth, Android is much improved these days.
Last edited by Lysander666; 05-04-2021 at 09:16 AM.
I've hardly used a Mac, so I can't comment. All I can add to the discussion is that I too used to use an earlier version of Android, it was 3 or 4, on an HTC. I don't remember much about Android then other than the fact that the whole thing felt awkward and clunky.
In the last month I got myself a new smartphone with Android 10, and the difference is almost immeasurable. It's a gorgeous operating system. Smooth, good-looking, mature, intuitive and it isn't bundled with Twitter, Instagroan etc. I imagine iOS is even better by comparison - but for what it's worth, Android is much improved these days.
I upgraded my Sony Xperia to 10 and sold it to my brother. Certainly better, but still too many telltale signs that Android is put together by or for gamers and enthusiasts. iOS is clearly an engineered and thus a designed operating system, with Apple's 40-year pedigree behind it, and it shows.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.