On Sun, 21 Nov 2021 04:19:36 +0000 "steph.tougard via Dng" <dng@lists.dyne.org> wrote:
> The right answer is to do whatever the customer asks, as stupid as it seems. > > If the customer was intelligent, he would not even ask a GNU/Linux system in > the first place, it's bloated by nature, kitrooted by default and uselessly > complicated (SystemD is just one more argument against Linux, not the worse > one). > > I've found that my own Devuan sends https requests to an apparently > unconfigured Windows server on Azure (all web browser were down). Is it > infected ? not by anything that usual tools can detect. What does that ? I've > no idea, so far I did not find (requests are rare and fast). I decided to put > my working PC (not the one I'm using to write this email, but the one used to > connect to my customers' servers) behind a firewall to shut any useless > access to the Internet down. I resign trying to find whatever software in the > thousands installed is hacking my data and sending them to the Internet. > > Is using a Devuan can be considered "safe" when litteraly thousands of people > build thousands of unaudited packages with thousands of unaudited softwares ? > OMG NO !!! Have you seen the world outside ? what makes you think a second > that there is no hacker in such a huge team and that all those people act > only for the best of things ? > > My Devuan is behind an OpenBSD. The OpenBSD has no software installed, it's a > pure system as release by the OpenBSD team, the code base is small, strongly > audited by a very small and known team. It can be considered safe, at least > safer. Much safer than any Debian based distribution. My network > configuration is so safe that I could safely store unencrypted Bitcoin > private keys on an unpatched Windows 98 without any risk if I wish. > > If the customer was intelligent, he would ask a small system strongly > audited, a code base as small as possible and that only very few software > compiled by hand are run and installed on it, everything behind a strong > firewall who not only filter what's coming in, but as well and more > importantly what's going out. SystemD is just the tree who hides the forest. > > Good luck with that. > This is the main recipe for disaster, thinking to be smarter than anybody else. Ciao, Tito > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > > On Saturday, November 20th, 2021 at 21:59, Steve Litt > <sl...@troubleshooters.com> wrote: > > > steph.tougard via Dng said on Sat, 20 Nov 2021 13:06:53 +0000 > > > > > The question is so stupid that it does not even call for an answer. > > > > Ad-homonym logical fallacy. > > > > > If an admin is unable to understand a Unix system without SystemD, > > > > > > he's not a sys admin. > > > > No True Scotsman logical fallacy. > > > > The OP had pushback from the customer. If the OP wants to install > > > > Devuan, the right answer is a path to reassuring the customer. > > > > SteveT > > > > Steve Litt > > > > Spring 2021 featured book: Troubleshooting Techniques of the Successful > > > > Technologist http://www.troubleshooters.com/techniques > > > > Dng mailing list > > > > Dng@lists.dyne.org > > > > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng > _______________________________________________ > Dng mailing list > Dng@lists.dyne.org > https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
