:: Re: [DNG] Please Adopt Bastille Lin…
Página Principal
Delete this message
Reply to this message
Autor: chaosesqueteam
Data:  
Para: dev1fanboy
CC: dng
Assunto: Re: [DNG] Please Adopt Bastille Linux Security Script for Devuan. Please.
> Does harden-tools incorporate or improve on bastille?
No, not to my knowledge. Bastille still works and is quite well
supportive of
any normal linux. The new TCL version that debian adopted decided to
DEEPPRREEECCIIIAATTEEE
previously working code, because, you know, can NEVER have anything
stable about.
(Hi Perl6, nice new programming language you got there with completely
different syntax called Perl)

> Is the question then whether bastille needs to be placed in the Devuan
> archive or that
> hardenk-tools should be installed automatically?

The questions are 1) Why has Debian decided that security is not
important
(hence dropping bastille, and then adding systemd), and 2) is there

It almost feels like it was a 2 part operation:
First debian de-emphasizes security in version 7.
Then it forces systemd in version 8 (along with everyone else)
(Aka: might aswell be a rootkit-d)

During the same time that Windows deploys a keylogger for every
key you press (win10, and backported to win8 and win7) and nearly
every Intel chipset has a chipset level backdoor (VPro/AMT/whatever they
call it next)
with built in VNC server that pulls from the framebuffer aswell as the
ability
to upload the entire contents of ram (and always remotely re-enableable
while sitting
in a 1.2MB black box of proprietary code, cryptographically signed so
that it
must be used). (Many AMD have similar but less advanced in-built
backdoors,
but not all like intel)

Also windows now automatically uploads your crypto key to your HDDs to
microsoft servers,
systemd doesn't do that yet, but it makes sure root will be wide open
for anyone wishing
to hack in, and sometimes doesn't play nice with encrypted disks (unlike
debian 6 and 7 and 5,
all which worked great with encrypted discs)

Just all a coincidence, ofcourse.

Then when Security hardening script is mentioned here it's either
shouted down
"don't need that, real system admins do the 100 steps by hand every
time"
or met with crickets.

I notice the people who like to be blowhards on this list also don't
seem
to see the value in encrypted harddrives, almost saying "who uses
LUKS+volume" and thus
needs atleast some sort of intrid or initramfs (I'm sorry it's needed
too, but, it is what it is,
got to beable to mount root).

Yea, crazy fking thing there too!

They say NO to bastille.
NO ("who uses that??!") to encrypted discs.

Who's side are they on?

GoLinux: Remember when I was sgryphon and the VUA mentioned my arguments
as
a (perhaps small) portion of a fairly good explainition of the reasons
for starting something
like Devuan.
But now you don't like me so everything I say is false and worthless,
right?
Yea.
https://distrowatch.com/weekly.php?issue=20141027
> DistroWatch Weekly ..... However, if systemd is here to stay, the VUA
> has >declared their intention to ... Sgryphon explains it well in this
> thread.


> DW: Your website mentions the people involved in this potential fork do
> not have time to get involved with Debian's governance. What sort of
> governing body will the fork have?


>    VUA: It will be a governing body that puts the benefits of the users 
> first, not the mystification of a "doacracy" delivering all the power 
> to the package maintainers.


>    Originally, Debian was created as a universal operating system for 
> the users. The Free Software movement itself is there to defend users' 
> rights. Sgryphon explains it well in this thread.


>    We will likely reproduce the governing body of Debian to follow its 
> original mandate, with the advantage of starting small and more 
> focused, hopefully with less pressure from the interest of commercial 
> developers.



On 2016-01-03 20:07, dev1fanboy wrote:
> As far as I can tell there is no harden-tools in debian or devuan
> jessie nor harden-docs, those are missing too (was looking for them
> the other day). Maybe because most of it doesn't apply in debian with
> systemd, can't see any of that working there.
>
>
>
> On Sunday, January 3, 2016 6:03 PM, Haines Brown <haines@???>
> wrote:
>> On Sun, Jan 03, 2016 at 05:25:39PM +0000, Go Linux wrote:
>>> Great way to start the new year. Looks like Gregory Smith might be
>>> back. Ugh . . .
>>
>> Your frustration may be justified, but you are doing less
>> sophisticated
>> readers like myself a disservice. I've not thought about bastille for
>> many years, and this thread encouraged me to see what became of it. My
>> impression, right or wrong, is that bastille has been superseded by
>> the
>> harden-tools package.
>>
>> Does harden-tools incorporate or improve on bastille? Is the question
>> then whether bastille needs to be placed in the Devuan archive or that
>> hardenk-tools should be installed automatically?
>>
>> Haines Brown
>> _______________________________________________
>> Dng mailing list
>> Dng@???
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng