The officially official Devuan Forum!

You are not logged in.

#1 2018-04-10 09:04:59

Fernando Negro
Member
From: Portugal
Registered: 2018-04-08
Posts: 31  

Why I think that "systemd" is something very bad

Writing as a user, that has adopted GNU/Linux in order to have more security on his computer, the following are (besides the very good principles of diversity in evolution - that should also be applied to "init" systems, and other pieces of the GNU/Linux operating system - to allow us to compare which ones are the best results that better suit each particular situation) the reasons why I really don't like "systemd".


First of all,

Whenever I hear of "unification" and "uniformization" applied to human organizations or development (in situations where they are not needed, for practical reasons, and don't make people's life better) I raise my guard. Because, it automatically makes me thing of the same principle applied to bigger/political organizations.

The more centralized the power of decision is, the less democratic it becomes. Since that, it makes it much harder for minority voices to be heard, and doesn't allow for different groups to follow each one their own path.

(When I speak of this happening in "bigger/political organizations", just look at the example of small Iceland, where the people easily changed their own government when they realized that it was corrupt, and compare that to the situation in the EU, where this super-state repeatedly imposes its will on whole different countries, and doesn't allow them to do things their own way.)

And, I've heard part of this same principle being discussed by the people who criticise the uniform adoption of "systemd" by the major GNU/Linux distributions.

But, the main problem I see with the adoption of "systemd" is (not even this one - but) one that relates to security.

(Important note: The following, is something that I'm writing as a mere user, with limited knowledge of how GNU/Linux works. And, therefore, I might be wrong concerning some of the details of what I describe. But, the general principle of such concern of mine, is something that I believe to the undoubtedly true...)

And, what I mean by this is,

(From the limited knowledge I have of what the different "init" systems do - and, knowing that "systemd" is not now responsible for everything yet,)

If you want to install a piece of malware on a computer, that surveils/controls the different aspects of its operating system...

1) In a pre/non-"systemd" environment, in order to surveil/control all those same different components, you will have to build a piece of software that does that altogether, including possibly at the same time - which results in a rather complex piece of software whose (complex - and, therefore big) activity might be spotted by the operating system or its user.

2) While, on the other hand, if you already have a daemon running, that controls all those same different aspects/components of the operating system, if you want to install a surveilling/controlling malware, all that you have to do is "stick" to that same daemon. That is, if you want to surveil/control the different aspects/components of the operating system altogether, there's no need to go any further than infecting (or remain connected to) one single daemon. Which,

    a) not only reduces greatly the complexity of such malware - and, by that,

        I) reduces greatly the probability of it being spotted, from its reduced size and activity, or

        II) makes it possible for it to operate within certain limits/restrictions - like those of a small chip implanted on your hardware (ex: https://libreboot.org/faq.html#intel) - but also

    b) serves as a perfect hiding place and, above all, *cover* (that couldn't be used before the existence of "systemd") for the activity of such piece of malware - because, if a knowledgeable user notices something odd and asks "What is this active program that is surveilling and controlling all these different aspects of my computer?" his/her reaction now will be "Oh, that's just 'systemd'...".

Last edited by Fernando Negro (2018-04-11 07:59:18)


Have no concerns with using proprietary software. Enjoy the "love" from some of this forum's administrators. And, above all, pay no attention to the fact that Dyne.org receives money from the European Commission to fulfil the latter's political projects.

Offline

#2 2018-04-10 09:43:55

Fernando Negro
Member
From: Portugal
Registered: 2018-04-08
Posts: 31  

Re: Why I think that "systemd" is something very bad

It's a similar security risk as the one created by the "zeitgeist" daemon, whose development is sponsored by Canonical...

If you have a daemon that already keeps a log of all of the user's most important activity,

You don't even need to have a piece of malware installed on the computer, all the time, to know what the user is up to.

All that you need now, is to somehow read that same log, whenever you can - like, when a user decides to try out one of the many proprietary programs that Ubuntu encourages people to, on its "Software Centre" (and, more specifically, one that behaves like this: http://linux.slashdot.org/story/07/08/2 … ox-profile) - and there goes a whole log of the user's activity into the hands of Big Brother.

Last edited by Fernando Negro (2018-04-10 11:28:34)


Have no concerns with using proprietary software. Enjoy the "love" from some of this forum's administrators. And, above all, pay no attention to the fact that Dyne.org receives money from the European Commission to fulfil the latter's political projects.

Offline

#3 2018-04-13 13:56:31

siva
Member
Registered: 2018-01-25
Posts: 186  
Website

Offline

Board footer