Systemd 1984 spookware subversion, we're fucked

Attached: 0928134702137678925782654912519023674832167134.png (759x394 5.89 KB, 45.17K)

Other urls found in this thread:

bleepingcomputer.com/news/security/systemd-bug-lets-attackers-hack-linux-boxes-via-malicious-dns-packets/
security-tracker.debian.org/tracker/CVE-2018-16864
security-tracker.debian.org/tracker/CVE-2018-16865
security-tracker.debian.org/tracker/CVE-2018-16866
without-systemd.org/wiki/index.php/Alternatives_to_systemd
twitter.com/SFWRedditVideos

Is there even a shred of evidence yet that SystemD sends your data to the glowinthedarks?

I've never seen any, but that would be China tier obvious anyway. If it's really intended as a gov't rootkit, they'd simply aim for it to be unexpendable and convoluted with a code base too big and too fast moving to be independently audited and implement a variety of bugs/backdoors.

OP is a disinfo shill, but if you unironically use a systemd distro you're an idiot

What gives you the reason to think it doesn't fucknut, it's completely unaudited and made by literal contract spooks who work with paranoid alphabet agencies.

Besides, we didn't even need systemd. You're acting as if it's the first time glowniggers has been funding "open source" projects. Systemd was forced into the community because of dependencies forced by udev etc.

How much are you willing to bet it's not a multistage approach to provide backdoors into linux? It's the last place where they don't have 6000000 ISATAP telemetry servers running 24/7 like on winblows.

>bleepingcomputer.com/news/security/systemd-bug-lets-attackers-hack-linux-boxes-via-malicious-dns-packets/

Attached: e4529a67b328e437abba6c3152ad0958ba9280057cd08e5ba579b20000549e9d.jpg (852x1024, 120.27K)

Lol how about you actually contribute to the thread tranny

Based on the fact that I can monitor who's connecting to my computer for myself. When I close out of my browser and run
watch -n 1 netstat
I don't see any IP addresses that are from Washington DC, Virginia, North Carolina, or California. In fact, I don't see any IP addresses at all. Nothing happens when I create a file, open a program, or spam espeak with FBI trigger words. How exactly is systemdicks sending out my information if it isn't talking to anyone?

WHY DON'T I SEE ANYONE IN MY HOUSE RIGHT NOW HUH?
I'M LOOKING AT MY LOCKS RIGHT NOW AND NOBODY ELSE'S KEYS ARE IN THEM
NO RF WAVES RIGHT NOW
I'M LOOKING ALL OVER THE HOUSE AND I DON'T SEE ANY UNUSUAL RF AT ALL

I don't think it's actively sending data to anyone, that said with all the know exploit and most probably all the unknown exploit, it would be possible for any glowing nigger to fetch what it wants.
Also knowing the people working on it could have received money for the sex change in exchange for some minute change in the code.

Depending on your definition of "key", the bad guys have "keys" into everyone's "house". If the government ever decides that they really want to get into a TempleOS machine, they'll get into it. My concern isn't being targeted, it's minimizing my exposure to mass surveillance.
Proofs?
Okay, if I ran watch netstat for a full week and piped the results into a big logfile and didn't find any suspicious IPs, what would you say?

You don't care about vulnerabilities. You just care about avoiding dragnets.
You don't care about vulnerabilities, but you're here arguing that the thing you don't care about, is also not a problem. You're attempting to persuade people to your position of "not caring about vulnerabilities" -- but not honestly, by arguing that people only care about dragnets, but dishonestly, by making 50IQ arguments about how obviously the systemd can't spy on you because it's not spying on your right now.

if you didn't find any suspicious IP after a week, I'd say your computer is not connected to the internet.
Anyone who's ever watched anything routable and watch suspicious IPs poll it all day, but again, you've dishonestly said
WOW LOOK NO IPS THAT SAY "CIA SPYING FACILITY" WHEN I RUN WHOIS

it does last time I checked. but the Heads operating system doesn't and is meant to be a free software only counterpart to Tails.

this is tricky due to dependencies. i know with gentoo you can filter out systemd and pulseaudio using make flags, but not everyone is going to be using gentoo...

also using no-systemd repos for ubuntu tend to break a lot of things because of the dependency problem, so at this point you have to jump to a non-systemd distro.

You can also try using BSD ;)

Let me shill this systemd-free distro again. Slackware-based, one application per task, lightweight, good documentation...Using it for like 6 years now (stopped my distrohopping).

Attached: salix.png (392x173, 34.93K)

what does this even mean?

By default, Salix has only ONE music player, one browser, one IDE, one IM program, etc. instead of the pointless clutter of other distros.

OK. But the pointless is still in the package manager, right? Fedora also comes with just Firefox, just your DE's music player, etc.

Well, of course you can install whatever you want in the end. Lots of stuff in the repos - that's a plus.

Didn't realize Fedora is one app per task? Don't think I've ever saw that advertised. But it has systemd anyway so doesn't fit this thread.

Also forgot to mention that the default repo has DEPENDENCY RESOLUTION, unlike base Slackware. And there's also a graphical installer...and a live version that easily fits onto an USB drive. It has lots of advantages, really. Salix should be way more popular than it is.

...

protip, you dumb nigger: starting your argument list with (((jews))) is very much not convincing, especially when talking about a system with multiple public vulnerabilities.
next time start with the actual, immediate, easily verifiable issues.

the question was not "is sytemd audited?", or "is systemd safe?", or anything like that, it was about evidence.
learn the difference.

Go fuck yourself tranny reprobate, becuase its the palestinians that run America currently right?

Attached: pullitt.mp4 (320x240, 1.93M)

You could have the literal divine truth in your hands and you wouldn't be able to convince anyone

Attached: 110d15b8938bc686ed4464b834db4bd9d71fb81d9df56aa50be960dcce833801.png (723x768, 384.11K)

...

Why do you think this sort of link is necessary for deliberate backdoors? You don't need to be an insider to start contributing to most libre software.
What's stopping the NSA from employing a highly skilled C programmer to submit useful patches to wpa_supplicant under an assumed identity until they've built up enough trust to get a subtle bug merged?
systemd's connection to the US government is a red herring. They wouldn't want to involve Red Hat in this if they could do it without letting any outsiders know.

Even more worryingly, why submit any patches if they can just audit the code yourself and tell no one about the subtle bugs they found?
Or they could only submit good patches to close easy to spot or excessively dangerous bugs, while not disclosing the few bugs they plan on exploiting.

if its good enough for feds then its good enough for me. they would not use something with backdoors on their own systems.

Whenever persistent kike shills show up it means we're onto something.

wpa supplicant and more so, NM is botnet

Interesting take, much like Tor you can at least be reasonably sure the government wouldn't leave itself open for attacks.

Highly skilled C programmers don't exist.

but it has like 3 web browsers

You people honestly think that the federal government, which spends extravagantly on defense and has access to the world's best computer talent, doesn't do any hardening before deploying the shit they're gonna use? Or do you really believe that they just use everything as-is without making sure it's squeaky clean when it's used for anything of value? Obviously none of our asses are ever going to have access to anything close to the sophistication of what the alphabet soup niggers are using, they have deeper pockets than anyone.

Attached: c4837d12f5d3548d3facd3347b200ac5a884faa25874715a6d15322d77ad4f3f.jpg (288x288, 16.43K)

You forgot the part where SYSTEMD is networked.

Oy vey! Always use systemd for the fastest boot time and muh service management! And the systemd vulnerabilities were all honest (((mistakes))) goy! Please! You got to believe me. RunIt/busybox init/Shepherd haven't ever existed, so don't go looking for them, you dumb goyim.

Government uses Red Hat because, like any organization above a certain size, they want guarantees they have support. Something breaks or updates are needed? Someone is contractually obligated to fix it. Governments like dependability, even over reliability. The nuance there is important. Having a fixed cost associated with something is much better than hoping for no major upsets down the road.
Add all of Red Hat's hardening and additional resources and it's not hard to see why any free software system for the government would quickly go to Red Hat. The only other company in the game is Canonical, but they specialize in a different type of client: end users. They're selling desktop software (well, services) not business machines.

100% you should be skeptical of systemd, Red Hat, IBM or any other large technology corporation, and of course the government. None of these guys care about the ecosystem beyond how it can help them further their own goals. But there isn't a massive conspiracy to bake spying tools into systemd; it's just a mediocre init system for people too lazy to maintain proper scripts, and it can supervise some of the more complex software that government entities are using on their servers.
The fact that it's not just the NSA or intelligence branches using it should be the clue you need. Navy and Air Force aren't going to install something with known back doors. Government agencies spy on each other all the time, but they're also all paranoid.

It's stuff like this that makes us look like paranoid degenerates who don't know anything precisely because you're spouting-off half-baked theories. If you want to prove there's a problem, audit systemd's source code and test to see if any major distributions have altered it. Monitor your network traffic and see if systemd does anything suspicious. You'll probably just bolster its popularity when it comes back relatively clean. I hate systemd with a passion but "it's a government surveillance tool" is unfounded.

Attached: 8d84bfd41eeb874654acd3eea1bab4b0d5670da2a762cff4d8fee5f172b335a3.jpg (1074x1076, 159.78K)

Leaving existing backdoors in is dangerous, if they can find them so can opposing actors.
Creating your own backdoors and fixing the rest disrupts the opponent's work and improves your spying capabilities at the same time.
Just look at the physical backdoors the NSA installed on intercepted hardware, why go through all that trouble if they had known backdoors?

All those claims, and not a single link to back them up.
JC Denton intensifies.

Did you actually read my full post?
I didn't say the US government would never try to compromise something like systemd. I said that they don't need a formal connection to do so, because it's much easier and safer to impersonate a volunteer instead.

...which defeats the point of Tails. If you're a whistleblower running from the law/FBI/NSA or whatever, you're not necessarily going to have the luxury of being able to procure a Libreboot autismpad or whatever other special snowflake hardware works with Linux-libre. You might have to take what you can get (random bestbuy lappy purchased with cash, whatever you can get your hands on, etc). In that situation, you need your shit to work so you can communicate with whoever you need to be communicating with.
Now for home use, where you have the luxury of carefully choosing your personal hardware, Heads might make sense, but on the go you want reliable compatibility.
Or at least that's how I see it.

systemd units are so easy tho. even a retard can easily learn how to write them. the shell scripts that other init systems use arent that easy.

and they both should do the same thing..

Attached: initd.png (404x241 47.29 KB, 4.72K)

You expect the zero-sources nu/pol/ refugee to know how to read?

Who the fuck was stupid enough to think having an actual full program as init was a good idea?
Jesus christ, of course systemD keeps spreading if those crayon eaters are the alternative.

That sounds familiar. Remember when PRISM/Mass surveillance was "degenerate theory" strectching for 10+yrs as well? And who is "us" exactly? This is an user imageboard, anyone with an internet connection can post here. There is no "us" just a bunch of random people having discussions, or at least attempting to in the midst of trash that do not contribute to the discussion.


Then you can start by proving OP's suspicion wrong at any given time. Instead you felt the need to ease potential concerns, and why is that? The fact that systemd has never been audited but reached mass adoption since 2014 is more than enough for concern.


Except that they do not use consumer grade computing, everything from OS, LAN, servers, access systems, is tailored depending on security level. Their IT people are more talented than 98% of this small board, since they hired and tend to hire or contract many of the phreaker and hacking moguls. Further even entertaining the thought that they shit where they eat is such a ridiculous concept.

Attached: afw21314532553.png (1398x877, 194.39K)

an admin. The people that manage servers. bash will always be flexible enough for what you need to do (because you can always easily ask a better language to do some work for you). configuration files will always require a separate compilation step just to crudely hack in a configuration option that isn't available.
The only consistent admin failure is terrible "is the daemon already running?" handling. The solution for that should've been better tooling, a /bin/isrunning and libc support for grades of "yeah there's a process there / and it responds to signals / and its was-alive-at mtime is from 0s ago".

That's not the problem. The problem is that systemd is intentionally creating vulnerabilities that allow malicious parties access to systems they previously couldn't access. Best example I have is Poettering not sanitizing input and allowing root access if you can make a username that starts with a number, and going
Having systemd installed is a huge security liability. It's not sending your data to the government. It's giving them the keys to the entire house if they want to get anything from it.
This isn't overly relevant though, you should be using Gentoo with openrc anyways. Unless you fell for the "I'd rather have 4 faster cores than 8 cores that are 10% slower" marketing meme. In which case, if you think a few extra fps in your gaymes are worth the convenience of having a more secure system, you deserve whatever glowniggers do to you.

You can't prove a negative, and the OP is so vague and subjective it's hard to make any argument against it.
There's no "systemD does this specific bad thing" or "systemD has this specific potential backdoor" to verify or deny, it's all (((implications))) and (((self evident claims))), aka untestable ramblings.

My point is, init scripts should not include program level config, let alone actual logic.
Ideally an init script is a minimal config file that gives config to the init system to allow it to start the specific program correctly, then that program's config is in its own config file (its location and name may or may not be sepcified in the init script), adn that program's logic is kept within the program and does not bleed out all across the filesystem

Gentoo had RCE as root go unfixed for more than TEN years, with comments such as "if you want, make a pull request".

So far I only see one suggestion for a distro free from systemdicks . Anyone have other suggestions?

Void Linux. I've been using it as a daily driver for ~3 years now. Yes it's still maintained, yes it's still secure, and no it's not going away (preemptively addressing possible FUD).
The install is easy; however, if you need encrypted setup, you have to run cryptsetup and then continue with the installation as normal. There are tutorials for this on the wiki and if you need help besides that there's IRC or I can help you here.
I've heard good things about Salix so you should probably give that as well as Void a try in a VM and see which one you like more.

Lol @ "there's no proof" systemd has never been audited hence the discussion. You could easily look up the existing and found vulns, which are indeed very convenient

security-tracker.debian.org/tracker/CVE-2018-16864
security-tracker.debian.org/tracker/CVE-2018-16865
security-tracker.debian.org/tracker/CVE-2018-16866

((("The bugs exist in 'journald' service, tasked with collecting and storing log data, and they can be exploited to obtain root privileges on the target machine or to leak information. No patches exist at the moment.")))

Qualys’ team said they found that “if we pass several megabytes of command-line arguments to a program that calls syslog(), then journald crashes.

(((“To the best of our knowledge, all systemd-based Linux distributions are vulnerable” they emphasised, (bar, well, SUSE Linux Enterprise 15, openSUSE Leap 15.0, and Fedora 28 and 29, as their user space is compiled with GCC’s-fstack-clash-protection).)))

This crap has been around for a couple of years undiscovered already w/o remedy, you should rftu or stfu.

Attached: 0888f7524ce47d2470d9088b8f9738bae12a20822fe1a38a513c8bb777de2bdf.png (943x1023, 11.49K)

These (((echoes))) you frequently use throughout your post really make it look immature and fucking unreadable. It feels like I'm told to think (((this particular thing))) is bad and and that's a very Jewish thing to do.

journald the time sync thing and the dns thing arent required. just compile without those or disable them if you want to use something else.

How about OP does his job?
Had OP started the post with your 3 links, I wouldn't have criticized it as much.
In any case, LOL at linux having worse memory protection than windows.

1. Tap the entire internet (they admit to this)
2. Deliver malicious code via one of the various systemd vulns
3. Replace your pc's encryption code (libssl etc.) with intentionally buggy one
4. You have all the traffic.

Of course, but then you'd have to be informed of this which is the main issue, it's too much to ask for most people to waste time reading security trackers, because most people don't give a fuck. Redhat is a billion dollar company. They are regarded as experts, if they didn't know how to program they'd get instantly hung by their customers. Leaving this in for yrs as well lmao. Coincidence much? Systemd smells like shit. i.e the shill office.

lmao "but but... op is wrong it's not as bad as we tho- *snorts* *inhales* REEEEEEEEEEEEEEEEEEEEEEEEEEEE at least its not windbloooze d000d, we're secure and free d00d"

Attached: hqdefault.jpg (480x360, 8.79K)

Except when they hoard fully functional exploits for Windows and Linux systems and other critical software used by countless government agencies? Forgot about the shadow brokers leaks, or wikileaks publishing on the zero days? Or when fbi exploited zero days on tor browser? They even admit they hide zero days.

You too, how naive.

shoo

Attached: 995d73b0fe536cdc404243b7c124aafa60909c2504d78b785d81d687498ab96c.jpg (620x420, 36.14K)

So OpenSUSE is secure even through it uses kikedick?

I'm pretty sure the US government doesn't give a damn whether or not Russia/China/whoever has access to your average neckbeard's collection of gay porn and natsoc pdfs. The point is that the average end user has no guarantee that just because they happen to be using similar software to what the government has, they are protected. Whatever they use they secure on their own on the downlow and they don't give a fuck if that means the end user is vulnerable to anyone with the resources of the state, because they can protect themselves. I'm talking about subtleties that it would take a group of professionals to find and exploit. When it comes to those a company like Red Hat doesn't have to worry about disclosure. A group of skiddies isn't going to come find them and do meaningful enough damage to important enough clients for it to warrant fixing. Much better for them to take the government's shekels so that they can patch up what they need to, than if they fix it for every jerkoff using their products 4free.
Do you think that in 2019, the people the US cares about spying on are dumb enough to use American software? The FSB literally is back to using typewriters, and bin Laden had Achmed drive three towns over and buy a burner phone to give out orders. As for civilians, it's not that hard to compromise them. Even the Silk Road guy got caught because he was dumb enough to consistently use Wifi from a place near his house IIRC. And most people aren't even close to that guy's level of sophistication.
Because when it comes to high-value targets, having failsafes is important.

openSUSE is not secure. Distros that don't use systemd are not secure. OpenBSD is not secure. If you want computer security, stop using computers.

There is literally nothing wrong with systemd, Lennart Poettering seems like a nice guy.

He fucks kids. it's confirmed info

It's better to use Windows, it doesn't have SYSTEMD

unironically this

systemd is bad enough on its own, you don't have to be schizo about it

Attached: 1498535129295.gif (200x293, 1.75M)

Thanks, user. I've seen Void and Devuan suggested in other threads. I'll try out Void with full disk encryption.

transmitter would have to be recording 24/7 anyway, otherwise it wouldn't hear the three soft knocks.

If something has systemd, don't use it. Plain and simple. They're upset everyone switched so they said "aha lets put windows in linux now, haha we piss in their pool!" whoever made a linux OS and allowed systemd into their OS is working for (((them)))

...

ls -akbar

Attached: 3ff9c17f5300647b4e35569acc49ae4b1e3a49f9ac330820546638e562e1bf13.png (1024x750, 17.92K)

Attached: 1519889194626.gif (480x270, 2.69M)

wew

destroy (((islam))).

and of course, (((he))) chose the most complicated looking init out there to make (((systemd look easy))).

there are far easier inits.

I love runit. It's literally AUTOEXEC.BAT with process supervision. Barely gets any simpler than that. No hidden surprises. You set it up once and then you forget about it.

From the latest (2017) edition of "The Unix and Linux System Administrator's Handbook".
btw they also portray UEFI and GRUB2 as waaaay better than their predecessors

Attached: systemd.png (475x358, 66.79K)

That you're stuck with using whatever program the distro pre-chose for you.

Those sceptical of systemd are literally being portrayed as analogue of something like trying to cling on to DOS/Windows 98 while the world has moved to NT etc.

Choose your poison. No choice with IME and UEFI though, as those botnets are already mandatory on any new or newish motherboard.

We should roll our own Linux distribution

Here are some alternatives to systemd.

Attached: pollinux.png (1920x1080, 584.09K)

Sorry forgot to post link. Alternatives to systemd.

without-systemd.org/wiki/index.php/Alternatives_to_systemd

lmao

Pure brain damage.

Lul

most implementations are proprietary and some of them can have network access too

...

Not stuck, just that there is no clutter by default. You can always install whatever you want from the repos.