steph.tougard said on Sun, 21 Nov 2021 04:19:36 +0000 >The right answer is to do whatever the customer asks, as stupid as it >seems. > >If the customer was intelligent, he would not even ask a GNU/Linux >system in the first place, it's bloated by nature, kitrooted by >default and uselessly complicated (SystemD is just one more argument >against Linux, not the worse one). > >I've found that my own Devuan sends https requests to an apparently >unconfigured Windows server on Azure (all web browser were down). Is >it infected ? not by anything that usual tools can detect. What does >that ? I've no idea, so far I did not find (requests are rare and >fast). I decided to put my working PC (not the one I'm using to write >this email, but the one used to connect to my customers' servers) >behind a firewall to shut any useless access to the Internet down. I >resign trying to find whatever software in the thousands installed is >hacking my data and sending them to the Internet. > >Is using a Devuan can be considered "safe" when litteraly thousands of >people build thousands of unaudited packages with thousands of >unaudited softwares ? OMG NO !!! Have you seen the world outside ? >what makes you think a second that there is no hacker in such a huge >team and that all those people act only for the best of things ? > >My Devuan is behind an OpenBSD. The OpenBSD has no software installed, >it's a pure system as release by the OpenBSD team, the code base is >small, strongly audited by a very small and known team. It can be >considered safe, at least safer. Much safer than any Debian based >distribution. My network configuration is so safe that I could safely >store unencrypted Bitcoin private keys on an unpatched Windows 98 >without any risk if I wish. > >If the customer was intelligent, he would ask a small system strongly >audited, a code base as small as possible and that only very few >software compiled by hand are run and installed on it, everything >behind a strong firewall who not only filter what's coming in, but as >well and more importantly what's going out. SystemD is just the tree >who hides the forest. > >Good luck with that.
Sigh. I thought we had dispensed of BSD people dissing Linux decades ago, but apparently not. My response then is my response now: http://troubleshooters.com/linux/snarf.htm SteveT Steve Litt Spring 2021 featured book: Troubleshooting Techniques of the Successful Technologist http://www.troubleshooters.com/techniques _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
