Show more
GNU/r000t boosted
GNU/r000t boosted
GNU/r000t boosted
GNU/r000t boosted
GNU/r000t boosted
@cowanon @11112011 @BroDoYouEvenDrift @Creepella @Jdogg247 @Nonetrix @Oblivia @SandiaMesa @anornymorse @bagofshit @bootersmchooties @cowanon @endchannel3 @fluffy @georgia @jack @jasonl8446 @jyushimatsu @leyonhjelm @matrix @mrmcmayhem @pasture @r000t @sjw Ha, I didn't realize the question was real, it looked like those systemd persecution complex questions.

A real answer is it is broken by design. The lead dev (also responsible for PulseAudio and D-Bus) has a habit of responding to reports of security vulnerabilities and random crashes with "why do you dickheads care about this you just hate progress and you persecute me". It's of dubious value, and the main defense he presents (still!) is just a laundry list of problems with sysvinit. (Everyone knows the problems with sysvinit and this, of course, does not mean that systemd is good, or even better. More importantly, EVERYONE KNOWS THE PROBLEMS WITH SYSVINIT, and thus a new thing has to be worth the trouble of learning a new set of failure modes which, it turns out, are even worse and more numerous.) Attached is a text file I squirreled away for an occasional laugh, named lennart_poettering_is_sad_and_you_should_be_nice_to_him.txt, and which contains some "they sent me death threats" and some "the problem is straight white males".

The reason there are so many bugs is that the thing is absolutely massive. According to sloccount, sysvinit is 8,324 lines and depends on nothing. systemd is 265,666 lines and depends on libcryptsetup, PAM, zlib, curl, microhttpd, rfkill (YES IT WANTS TO INITIALIZE YOUR WIFI), Python (build time *and* runtime), dbus, FUCKING XKBD, and so on. It includes a web server and an HTTP client. It includes a DNS server and client. It doesn't attempt to replace /sbin/init, it attempts to take over the management of everything: log files, DNS resolution, /dev, everything. It's impossible to audit and all of it runs as root because it's all in pid 1. All this shit in one address space that runs as root in an impossibly huge codebase with a massive list of dependencies (each of which exponentially increases the complexity of the codebase from a security perspective, as a library can hand you a pointer and whatever you do with it may be secure in one version or subtly corrupt memory in another).

In short, it is an absolute shitshow that nobody asked for and we have all now somehow received, except those of us that use good distros or that don't use Linux at all (an option that is sensible and getting more sensible by the day).

:tinfoil: Now, one might ask why an init system, which has the job of starting up a handful of daemons, should need to talk to the network at all, or why it should default to using Google's DNS and NTP servers, which are set at compile-time. One might ask why one year nobody was using systemd and suddenly the next year all of the distros (except Slackware and CRUX) had replaced their init systems with systemd. One might wonder how (or *if*) the developers of systemd expected this to be secure and reliable while tossing in servers and clients for several disparate network protocols and parsing XML. One might wonder exactly why Lennart gets so angry about security vulnerability reports and starts screeching when someone affixes a CVE number to a bug report. One might openly speculate about the very cozy relationship that IBM (which owns RedHat) and Google (which suddenly became the default DNS and NTP server for billions of systems globally) enjoy with DARPA and the Pentagon.

:tinfoilsmug: If someone then considered what might be the unifying factor behind all of these mysteries, they might wonder aloud, "Hey, do you think this software glows in the dark so you can run it over with your car?" :terrymad:

...And they might accidentally wander into the train tracks if they said that close enough to an Alexa device.
lennart_poettering_is_sad_and_y…

QUICK, SOMEONE GET THIS MAN A MASTODON INSTANCE!!!

(actually says REEEE multiple times!)

GNU/r000t boosted
GNU/r000t boosted

The "quantum" marketing hype machine is here.

An upcoming Samsung phone is reportedly using "entropy from a quantum source" as an RNG for certain cryptographic operations. And this makes it "the first phone with quantum technology"

forbes.com/sites/daveywinder/2

r000t: Asks what everyone hates about jojo
Fedi: Describes r000t almost exactly
r000t:

GNU/r000t boosted
@cowanon @bagofshit @11112011 @BroDoYouEvenDrift @Creepella @Jdogg247 @Nonetrix @Oblivia @SandiaMesa @anornymorse @bootersmchooties @cowanon @endchannel3 @fluffy @georgia @jack @jasonl8446 @jyushimatsu @leyonhjelm @matrix @mrmcmayhem @pasture @r000t @sjw

> what is up with the systemd h8?

If you gotta ask that question about a pantload dropped on us by the giantest of manbabies, a guy that can't cope with a bug report that says "If there's a number at the beginning of the username, they get root" and he throws a fit says "Well, if you put a number at the beginning of the username, they should be root", if you you gotta ask that about someone that sees sysvinit and says "You know what this is missing? A webserver and an XML parser, because exposing shit to the network needlessly and parsing XML are not the main attack vectors", if you gotta ask that question, I say if you have to ask that question about this skidmark that says "I never ran Linux on a server, just my laptop", then please just go buy a goddamn Mac.

also, the SRRIs ain't doing shit, the 5-HTP ain't doing shit, time to break out the "I Wasn't Asking"

Cocaine.

I've been on the cool side of fedi for almost a year and I still can't figure out why everyone hates jojo

and at this point I'm afraid to ask.

GNU/r000t boosted
GNU/r000t boosted
GNU/r000t boosted
Show more
ligmadon

A silly domain for test deploys, now has a mastodon instance. A place for memes as shitty as the name. Zero bullshit tolerated.