Re: Four people decided the fate of debian with systemd. Bad faith likely
On Sunday, March 02, 2014 04:25:13 PM Scott Ferguson wrote:
> On 02/03/14 11:28, Ralf Mardorf wrote:
> > On Sun, 2014-03-02 at 10:55 +1100, Scott Ferguson wrote:
> >> Here's mine:-
> >> troll elsewhere - try rabbleRus.org or LetMeTellUWhat2Do.mob
> >>
> > :D
> >
> > We Arch users made a poll. Even if more users would have been against
> > systemd, the developers would have switched to systemd, but most users
> > wanted systemd. We, around 49% and me were against systemd, but around
> > 51 % were pro systemd. Nowadays it makes live easier for all of us who
> > use several different distros, when _all_ or at least the most important
> > distros will switch to systemd. To discuss pros and cons of systemd a
> > time machine is needed, to go back more than 3 years ago. To discuss it
> > in 2014 is a little bit to late.
>
> Same with Debian based on what I read, the vote was fairly evenly split,
> which is why it went to the Technical Committee, who were also fairly
> evenly split.
>
Which probably demonstrates why there's no hidden agenda going on surrounding
systemd and there were legitimate reasons why it was finally chosen.
> My concern is that it's a divisive issue that would be tempting for
> third parties to exacerbate and exploit. Commercial software vendors,
> and the companies that do their "marketing" and "public relation" might
> want to take advantage of the situation to reduce the market share they
> lose to Debian (and Linux as a whole). It wouldn't be that far from the
> sort of dirty tactics they've employed in the past.
Definitely reasonable concerns, though to be honest, Linux's detractors would
have looked for something else to latch onto if systemd wasn't divisive
enough. In a few more years I imagine most people opposed to systemd won't
have a problem with it being there after all after using it for a bit.
> And then there's NSA (and the companies they outsource to) - they *do*
> have an agenda that would be furthered by creating divisions and
> uncertainty in Debian. They've made large investments in software hooked
> to the existing init system - and while they'll have to retool to use
> systemd it doesn't mean they have the same access required to replace
> existing malware installations, additionally they would probably enjoy
> seeing less people use Debian.
>
The trouble is, how effectively can the NSA hook itself into open source
software? How easily could they get backdoors into something without upstream
noticing? Might be effective getting hooks into something downstream, but I
don't see the NSA getting anything into something upstream without someone
noticing, since patches are generally reviewed before integration.
To sum up my thought on that, the NSA needs cooperation from someone OUTSIDE
the NSA to get their hooks in. How likely is it a Debian package maintainer
would be compromised? Would someone else notice? Would the maintainer be
removed?
I'm not saying it's implausible so much as it doesn't sound like it'd last
long if they could get something in. Could you perhaps give me some insight
into ways the NSA could do this? I just don't see most upstream people
cooperating. Can the NSA force anyone to actually put backdoors in their own
code?
> I'm not saying the OP is a shill/disinformation/agent provocateur - just
> because it looks like a duck, paddles like a duck, and has it's head
> hidden, doesn't mean it is a duck. Could be just a decoy.
>
> Even though the spooks do like the French Guinea TLD and get their
> scripts from PsyOps... just a thought, probably paranoia on my part.
>
> Kind regards
Conrad
Reply to: