Thanks for the update and the hard work. You all rock!
But it only makes sense to have those notifications.
Maybe in your mind it makes sense. Going for ease of use rather than security is not something that OpenBSD would quickly do. If you read some more about what "jwz" has to say about all the screensaver bugs in Linux, like here : https://www.jwz.org/blog/2021/01/i-told-you-so-2021-edition and realize what a mess that Linux maintainers are making again and again, and then have a look at Debian and their packaging of xscreensaver. Guess what ? Debian added some systemd thingie to xscreensaver. 🤯
I like Debian since a long time and I use it. But the tinkering of Debian package maintainers and always wanting to do things the Debian way is not something I am always very pleased with. Remember the OpenSSL Debian fiasco ? That shows a problem with Debian which may still exist. Too many packages, not enough maintainers with enough spare time, and no coherent team work of a security team.
You didn't follow the XZ-utils story ? The malicious actor worked for years on that XZ backdoor that targeted the fact that some Linux distributions were modifying their openssh package to enable systemd notifications.
Gentoo, Slackware and Devuan can be used without svchost for linux.
https://nosystemd.org has a list for more choice for readers.
Thanks for that write up. Made my day! 😄
This is great. Not having the attack surface of sudo (and not even being a SUID binary) certainly are great additions.
And I hope people realize that systemd is not one large thing, but a (large) collection of tools.
XZ-utils rings a bell ? It was among others Debian wanting to pull in part of a systemd tool into openssh and that almost turned into a world wide disaster :(
Glad to see PoetteringOS has still not infected the *BSD family members /s And I'll gladly use Doas on Linux if need be, thank you.
Let me just say I am happy with the R-exodus.
Now get the hell off my lawn.
We are in a public community on the open Internet here where the following is written in the sidebar :
Tor was created by the USA military and the USA government has funded with millions of dollars. Many years ago Tor had a negative word association to it. But not so much anymore. Countless volunteers run Tor nodes from home, and Tor is not that slow anymore as it used to. I use Tor myself because I strongly dislike all the tracking, snooping and scandals by large and even small companies. The Clearnet Internet has become a disastrous place :(
Here's a tl;dr : https://github.com/KFearsoff/nix-drama-explained
If you're looking for a TL;DR of the situation, here it is:
- Nix community had a governance crisis for years. While there has been progress on building explicit teams to govern the project, it continued to fundamentally rely on implicit authority and soft power
- Eelco Dolstra, as one of the biggest holders of this implicit authority and soft power, has continuously abused this authority to push his decisions, and to block decisions that he doesn't like
- Crucially, he also used his implicit authority to block any progress on solving this governance crisis and establishing systems with explicit authority
- Eelco wrote a response that largely dismisses the issues brought up, and advertises his company's community as a substitute for Nix community
And a not too long read : https://dataswamp.org/~solene/2024-04-27-nix-internal-crisis.html
Cool, thanks for sharing!
One of the comments reads : Actually, we will probably never figure out, was it man or woman. but I thought this comment of the professor was an interesting eye opener. https://mastodonapp.uk/@MarkHoltom/112070436760917344
https://mastodon.world/@loadingartist/111929362787565991
(bonus panel in the thread!)
I guess lots of people can relate to this on Tw(X)tter. After it was bought by mister X. it went downhill. Still a lot of left leaning people are on it with the idea to fight from within (or because they think "everyone is on it" or "important people are there". Personally I think it is a lost cause and would leave as soon as possible. Apart from that do not underestimate how you can be influenced if you don't do fact checking. A person I know told me year ago that they liked to read on a far right forum years (for fun or something) and is now like "yeah, I also think migration is a bit of problem". Go figure :(