Re: Challenge to you: Voice your concerns regarding systemd upstream
On Sat, Sep 27, 2014 at 8:08 AM, Ric Moore <wayward4now@gmail.com> wrote:
> On 09/26/2014 05:08 PM, green wrote:
>>
>> Ric Moore wrote at 2014-09-26 14:18 -0500:
>>>
>>> Change is certainly needed when any pimple face kid can edit and hide his
>>> doings from a text log with nano. I think the change is necessary to
>>> harden
>>> up our systems. Otherwise, Microsoft will become the only secure server
>>> OS,
>>> as they don't mind hiding things at all.
>>
>>
>> So, all other things being equal, binary logs are more secure than
>> plain text logs. Is that actually what you are saying?
>
>
> Yes. The benefit of using a binary log is the lesser vulnerability to an
> external attack from an intruder.
So attackers have access to pico but not hexedit?
Editing log files with hexedit is not that much of a skill level above
pico. Of course, dealing with checksums is a minor skill level above
editing, likewise timestamps, but neither of those are made more or
less difficult by making format binary or plaintext, at least not for
the unskilled intruder.
Some skilled intruders have said binary is actually easier, but they
assume their bots carry certain tools with them.
> That huge security flaw was mentioned on a
> recent PBS video
PBS? Well, okay, PBS is better than many commercial news sources, but
surely you were aware of the problems before you saw that video?
> regarding the new day Hackers and how simply they
> removed/edited text-log files to hide their tracks of what they did.
Have you never practiced this on your own system, just to get an
understanding of where to find telltales or (better) how to set up
whatever program you use to check for modified logs?
> When I saw that mentioned the light bulb went off, since every major
> commercial server distro has already changed over.
And you complain about jumped-to conclusions of people who see conspiracies.
Considering all the things that are happening at once, it's as easy to
conclude a malevolent conspiracy as a beneficial one.
But that's all not really relevant. Look at the tech itself.
> So, on that point alone,
> I'm switching our Debian Wheezy Proxmox cluster servers to systemd, toot
> sweet. I guess that means I'll have to get some more edumaction.
edumaction? I saw that and checked the headers, because what you are
writing here seems a bit out of character. If this is a spoof, the
headers are done better than I want to bother checking, unless you
tell me so.
> I'm also making the positive assumption that there may be something going on
> above our pay grades.
This might indicate a fundamental difference between you and me.
> I find that more comforting than all of the wailing
> and gnashing of teeth.
I gave up on comfort long ago, perhaps a bit before I recognized that
most people aren't out to get me, either.
Fortunately, there are some people willing to help each other in the
world, if they can. Unfortunately, there are others willing to take
what they can for their own gain, if they think they can hide their
actions. Higher pay grade seems to favor the latter at least as much
as the former, over all.
> Keep in mind that the NSA wouldn't sign off on
> RedHat's use of systemd if it made a server less secure.
Less secure against whom?
Remember Clipper?
> I tend to think
> that they may have a hand in it's development. :) Ric
I find neither comfort nor threat in that thought at this point.
Business as usual. But I am not planning on using systemd on any box I
plan to access my bank from, if I can help it. People going bad in the
NSA may or may not be as rare as people going bad in the banks, but it
is not just the NSA I'm worried about.
--
Joel Rees
Be careful where you see conspiracy.
Look first in your own heart,
and ask yourself if you are not your own worst enemy.
Reply to: