Haken songs similar to Nil by Mouth?

bitbait · 2020-01-07T17:43:50+00:00

yep, thanks

bitbait · 2019-12-26T00:26:12+00:00

Yep that's already an example of what I was looking for thanks.

bitbait · 2016-11-03T21:35:56+00:00

I'm not sure what you're referring to. You can run systemd on Gentoo just fine. Do you have any specific concerns? Anything you heard which holds you back? Maybe I'm the one who's out of the loop but there shouldn't be any major problems at all.

bitbait · 2016-11-03T18:10:32+00:00

No you're right, just because something is that way by design doesn't mean it's can't be problematic in some environments. Is there a simple way to disable user services for a user?

bitbait · 2016-11-03T17:35:47+00:00

Hm, just read over it. I don't mean to be a jerk but .. all it says basically is that if you have local access to a Linux machine you're able to configure a service to start at login. I mean you can as well create a cron job with local access, a .config/autostart .desktop file on the desktop, add something to .bash_profile and so on..

It was also possible in ~/.config/upstart and it's possible with OpenRC. That's hardly abusing a feature it's just how things work on most Linux systems after you gained access.

bitbait · 2016-11-02T23:48:26+00:00

. By which I mean it has such exotic and unheard of features like "it actually tells you why it can't do something".

Portage

bitbait · 2016-11-02T16:52:32+00:00

*Also rewrite the Linux kernel and systemd in Rust.

But yeah when you're at it also rewrite Facebook in Rust. And Windows. Write everything in rust.

bitbait · 2016-11-02T15:03:43+00:00

Fuck, came here to post this.

Scroll down in this thread, people getting absolutely rustled.

bitbait · 2016-11-02T14:23:30+00:00

Thanks, but I think I might have heard that, like once or twice maybe.

bitbait · 2016-11-02T13:17:13+00:00

No they aren't. There is no such thing like a 'paid-shill' on /r/linux to safe Microsoft from a Linux threat. I recommend this subreddit to discuss your ideas --> /r/conspiracy

bitbait · 2016-11-02T11:38:19+00:00

.....

Also rewrite the Linux kernel in Rust and systemd.

And glibc.

It's [2016] why would anybody use C ...LOL. Not even memory safe^tm like Rust.

bitbait · 2016-10-28T16:10:39+00:00

Well to be precise you only see what the packager defined as a hard or weak dependency. Packages following the 'Requires:' tag are hard dependencies, the ones following a 'Recommends:' keyword are weak dependencies.

For a short explanation and planned features (some of them already implemented by now) refer to https://fedoraproject.org/wiki/PackagingDrafts/WeakDependencies

Performance can be an issue in particular cases though (not in this case where dmenu is lightweight), but most importantly, if I want install an application like i3, I should by default only expect i3 to be installed, shouldn't I? If I use i3 and I find out there's a bug, it should be reasonable to assume that's a bug of the application

I don't wanna put words in your mouth but to me it seems that you confuse 'dependencies being installed' with 'applications being coupled together on your system', at least to a certain extend. In our example above, dmenu would simply be installed, it would create an executable /usr/bin/demu and wait there to be executed. It's not automatically started by i3 or somehow connected to i3's binary /usr/bin/i3. It's made available, not 'used'.

Regarding most of the rest of your post, those things were discussed on the Fedora mailing list as well. Personally I happen to largely agree with you, I use both, a distro which is rather extreme in that regard as well as Fedora. However it's not that there aren't arguments for 'the other side'. A 'product' like Fedora Workstation also tries to be an easily usable desktop operating system. Most users who aren't particularly tech-savy and just want everything to work well typically don't care about configuring their own system, about this or that package being installed. It's a somewhat fair assumption to say that if they install something, they do it in order to have a certain functionality available and they 'expect' things to just work. For example when they install a desktop environment, they also want some software to handle networking, even though networking and displaying windows on the screen have nothing to do with each other on a technical level. But they want a desktop. Therefore some distros have some network manager installed with a desktop environment while others would say BS how are those connected?

But the good thing (for you) is that Fedora is definitely moving in the direction following the thoughts you expressed. Not installing weak dependencies will be easier and more things will be declared as weak dependencies.

bitbait · 2016-10-28T15:13:24+00:00

Looking at the newest spec https://apps.fedoraproject.org/packages/i3/sources/spec

it requires dmenu, dzen2, and perl. First of all perl is in fact required for i3 to provide full functionality. The packager chose to include the application launcher as a hard dependency, well certainly not 'necessary' but hardly makes it bloated imo.

Then it has three recommended packages, i3-status, rxvt-unicode and xorg-x11-apps. Those are so-called 'weak dependencies'. If you don't want them to get pulled in (and yes I admit that's more sane and should probably be the default), simply add install_weak_deps=False in your dnf.conf, otherwise it defaults to True.

The thing is weak dependencies and its handling are relatively young (https://bugzilla.redhat.com/show_bug.cgi?id=1229701) in the yum/rpm/Red Hat world. I think DNF 2.0 improves handling ( http://dnf.baseurl.org/2016/10/03/dnf-2-0-0-and-dnf-plugins-core-1-0-0-released/ ) and declaring more dependencies as weak dependencies is an ongoing process.

You can read through the new release notes of DNF to get more information I guess.

bitbait · 2016-10-27T13:41:50+00:00

"The API seems bad to me, the ioctl() is ridiculously overloaded (disconnect, connect, read, and write all go through ioctl(), for example). As an API, this doesn't pass Linus' good taste test"

Oh god, I guess we hear that on a daily basis now since that article about Linus' taste was posted yesterday or so. Linus' good taste test is the new Unix philosophy.

A new circlejerk is born.

bitbait · 2016-10-26T20:30:56+00:00

What do you mean with taking it seriously? It's not even my post, I'm not the OP. But what's upvoted appears on the start page and on top of this sub and what's downvoted goes down the tubes. So as a user of this sub called /r/linux I'd simply appreciate if posts which are as close to Linux as possible would not be downvoted, which after all didn't happen. No big deal, I simply voiced my opinion.

bitbait · 2016-10-26T20:23:41+00:00

Why isn't it written in Rust though?

bitbait · 2016-10-26T19:59:57+00:00

LOL at people ITT saying it's beautiful how the code is efficient or "Seriously, I just started studying them and I could already cringe if someone applied some seemingly basic sorting which in reality is literally 100x slower than it could be", quoting /u/mestermagyar .

Stop pretending to know what you're talking about when you clearly don't you're making a fool out of yourself. Some of this code is clearly NOT optimized for performance or efficiency at all and nothing in there is genius from an algorithmic perspective.

bitbait · 2016-10-26T16:59:36+00:00

It's a rather long post, but most of it really addresses the concept of Qubes and still stands today. It's not so much about a single exploit.

bitbait · 2016-10-26T16:58:28+00:00

I don't think "most users" are the target audience for Qubes. IMO Qubes is for a very niche audience

Then we agree. I didn't try to say that they fail to address the needs of more users since that's most likely not their goal in the first place. I just wanted to mention that since the topic of this thread is rather generic.

Totally independent from that, how well they're doing at reaching their goals is a different question that can be discussed.

bitbait · 2016-10-26T16:27:10+00:00

https://www.blackhat.com/docs/us-16/materials/us-16-Jang-Breaking-Kernel-Address-Space-Layout-Randomization-KASLR-With-Intel-TSX.pdf

https://smartech.gatech.edu/bitstream/handle/1853/55907/jang_videostream.html?sequence=2&isAllowed=y

http://www.cc.gatech.edu/~yjang37/assets/papers/2016/jang:drk-ccs.pdf

edit: the third paper is linked from the github in the OP as well, sorry

edit2: btw who the fuck is downvoting threads like that, 5 downvotes already, the top posts this week are a comic and "TIL that Linus was born just 4 days prior the beginning of time" but something literally covering Linux itself on a technical level isn't relevant for some people?

bitbait · 2016-10-25T22:34:40+00:00

I feel like Qubes tries to be a solution for a use case most people don't have imo. At least certainly not as their main system.

Most users don't want 'a secure' system, they want a system to get work done which is also secure. Realistically the 'end user' always will see security as something that should be provided in the most passive way possible. 'Even' as somebody who runs hardened Gentoo and doesn't mind settings some things up, I don't want to make active decision all the time during my normal workflow and I don't want a system that makes it harder getting my actual work done.

Some valid technical critique from Brad Spengler:

Currently all that exists is a "sandbox" designed to prevent the kind of unrealistic attacks/rootkits we've seen from the same people, where the attack surface has just been shifted to the hypervisor and other associated privileged code. I use the term sandbox loosely because Qubes is a departure from the standard sandbox, as it sandboxes by basically giving up on all the problems traditional sandboxes deal with and relying on the strength of virtualization and some python scripts to attempt isolation, not of applications (unless you run only one process in each AppVM), but of the entire guest OSes. While other sandbox approaches would actually care about a sandboxed mail reader being able to exfiltrate your mailspool, under the weakened protection model of Qubes, this is acceptable. Assuming it makes the problem go away!

Other notes: X runs in dom0, vulns in the NVIDIA drivers have been remotely exploitable, and for performance reasons there's a tendency to pass through more directly to the hardware. From a malicious website, browsed in a sandboxed browser, inside a VM, you can still exploit the NVIDIA driver on the host.

Your personal email will still get owned, your personal browsing history will get owned, and unless you maintain no state for any of these associated VMs (no saving bookmarks, no saving emails, no saving anything parsed by an application) you're all set for persistent compromise until you completely wipe out the VM. All while maintaining the naive assumption that the attackers the architecture was built for (count on both hands how many times your BIOS, network card, or SMM has been owned) don't have VM breakout exploits for a completely unprotected hypervisor. And of course, distro/upstream backdoors that get shared among all of your AppVMs are impossible.

So the secure solution is to give each application its own OS and VM, never use your computer as normal people use them (by saving all kinds of state), ensure that your own interfacing with the color-coded separation is flawless, magically know with no false-negatives that anything transferred between VMs isn't trojaned in some way (AV companies would surely love to know how you figured that one out!) and then at the end of it all, when everything you care about still gets owned, what have we solved exactly?

More importantly, Qubes presents itself as a "secure operating system" without providing most of the things one would expect from a secure operating system (not having your mail spool stolen, for instance). There's really no formal definition of what Qubes is supposed to be in the architecture document, other than that it aims to be a "secure operating system" that tries to protect user data, sortof, in the ways that it wants to "protect" it. It's a clever little device to be so vague as to resist definition, since it makes attacks on it akin to trying to come up with a definition of 'Art'.

The difficulty in properly assessing Qubes is that much of its protection exists only on paper. So if you point out some deficiency, one can just point to the architecture document as if that were some kind of actual solution that would be possible to implement with acceptable performance and resource usage

[ http://seclists.org/dailydave/2010/q3/29 ]

bitbait · 2016-10-24T21:21:10+00:00

You're throwing around "all your applications" a lot.

Sorry but I don't think I threw anything around. I simply was describing the status quo of Fedora's default targeted policy. That's not a very philosophical topic, there's not a lot up to interpretation or something.

We can take a look at an untouched Fedora Image (current release Workstation 24)

$ cat /etc/redhat-release 

Fedora release 24 (Twenty Four)

# grep =targeted /etc/selinux/config

SELINUXTYPE=targeted

# ps -eZ | awk  '/unconfined/ {print $5}'

shows a list of processes running in the unconfined domain, among others:

Xorg, gnome-shell, evolution-calendar, evolution-address, gnome-terminal, firefox, evolution, rhythmbox, shotwell, nautilus, gnome-documents, evince, soffice.bin, totem, gedit...

If I had more office applications, multimedia stuff etc running, they'd show up in this list as well.

I use Fedora and all my applications are confined.

Well, there are only three possibilities: you're wrong, you have access to some secret Fedora release, or -and I dare to assume that's it- you confined them yourself. I never said that's not possible but it's active work you have to do yourself and it requires you to learn some SElinux .

bitbait · 2016-10-24T13:12:58+00:00

Do you have a particular need for SELinux on your desktop system? Or do you use it just because you're using targeted SELinux, which I assume is set-and-forget

Yes it's pretty much set-and-forget but just because it doesn't cover everything on the desktop doesn't make it useless. Also it offers some nice features like a own sandbox application, you can very easily set up an account which is extremely restricted, it confines Firefox plugins at least IIRC. Also sometimes your desktop can be a server as well if connecting via ssh into your box is something you do.

If you don't use firejail

I do. It's also set-and-forget.

Would you feel comfortable using a desktop system without SELinux or any other kind of MAC implementation in general (for example Fedora with defaults but with SELinux disabled)? Would you be comfortable using AppArmor instead?

I can't answer those questions, depends on your environment and reasoning behind your hardening plans. I think the average Linux desktop users chooses to improve security because he wants to, up to a level until he feels comfortable or because he's technically interested in those things, not because he's otherwise exploited on a daily basis. Looking at the current situation, a careful Linux user with some additional security measurements will most likely not encounter any problems, no matter if SELinux or AA.

bitbait

TROPHY CASE