:: Re: [DNG] system administration of …
Forside
Slet denne besked
Besvar denne besked
Skribent: Steve Litt
Dato:  
Til: dng
Emne: Re: [DNG] system administration of non-systemd distros and releases
steph.tougard said on Sun, 21 Nov 2021 04:19:36 +0000

>The right answer is to do whatever the customer asks, as stupid as it
>seems.
>
>If the customer was intelligent, he would not even ask a GNU/Linux
>system in the first place, it's bloated by nature, kitrooted by
>default and uselessly complicated (SystemD is just one more argument
>against Linux, not the worse one).
>
>I've found that my own Devuan sends https requests to an apparently
>unconfigured Windows server on Azure (all web browser were down). Is
>it infected ? not by anything that usual tools can detect. What does
>that ? I've no idea, so far I did not find (requests are rare and
>fast). I decided to put my working PC (not the one I'm using to write
>this email, but the one used to connect to my customers' servers)
>behind a firewall to shut any useless access to the Internet down. I
>resign trying to find whatever software in the thousands installed is
>hacking my data and sending them to the Internet.
>
>Is using a Devuan can be considered "safe" when litteraly thousands of
>people build thousands of unaudited packages with thousands of
>unaudited softwares ? OMG NO !!! Have you seen the world outside ?
>what makes you think a second that there is no hacker in such a huge
>team and that all those people act only for the best of things ?
>
>My Devuan is behind an OpenBSD. The OpenBSD has no software installed,
>it's a pure system as release by the OpenBSD team, the code base is
>small, strongly audited by a very small and known team. It can be
>considered safe, at least safer. Much safer than any Debian based
>distribution. My network configuration is so safe that I could safely
>store unencrypted Bitcoin private keys on an unpatched Windows 98
>without any risk if I wish.
>
>If the customer was intelligent, he would ask a small system strongly
>audited, a code base as small as possible and that only very few
>software compiled by hand are run and installed on it, everything
>behind a strong firewall who not only filter what's coming in, but as
>well and more importantly what's going out. SystemD is just the tree
>who hides the forest.
>
>Good luck with that.


Sigh. I thought we had dispensed of BSD people dissing Linux decades
ago, but apparently not. My response then is my response now:

http://troubleshooters.com/linux/snarf.htm

SteveT

Steve Litt
Spring 2021 featured book: Troubleshooting Techniques of the Successful
Technologist http://www.troubleshooters.com/techniques