Comment by getcrunk

Comment by getcrunk 5 days ago

8 replies

View on Hacker News

systemd solved/improved a bunch of things for linux, but now the plan seems to be to replace package management with image based whole dist a/b swaps. and to have signed unified kernel images.

this basically will remove or significantly encumber user control over their system, such that any modification will make you loose your "signed" status and ... boom! goodbye accessing the internet without an id

pottering recently works for Microsoft, they want to turn linux into an appliance just like windows, no longer a general purpose os. the transition is still far from over on windows, but look at android and how the google play services dependency/choke-hold is

im sure ill get many down votes, but despite some hyperbole this is the trajectory

mariusor 5 days ago

> the plan seems to be to replace package management with image based whole dist a/b swaps

The plan is probably to have that as an alternative for the niche uses where that is appropriate.

This majority of this thread seems to have slid on that slippery slope, and jumped directly to the conclusion where the attestation mechanism will be mandatory on all linux machines in the world and you won't be able to run anything without. Which even if it would be a purpose for amutable as a company, it's unfeasible to do when there's such a breadth of distributions and non corpo affiliated developers out there that would need to cooperate for that to happen.

Reply View 2 replies
  • 4gotunameagain 5 days ago

    Nobody says that you will not have alternatives. What people are saying, is that if you're using those alternatives you won't be able to watch videos online, or access your bank account.

    Eventually you will not be able to block ads.

    Reply View 1 reply
    • mariusor 5 days ago

      > Nobody says that you will not have alternatives

      Maybe you want to reread through this thread.

      > Eventually you will not be able to block ads.

      That's so far down the slippery slope and with so many other things that need to go wrong that I'm not worried and I'm willing to be the one to get "told you so" if it happens.

      Reply View 0 replies
jcgl 4 days ago

Immutable, signed systems do not intrinsically conflict with hackability. See this blog post of Lennart's[0] and systemd's ParticleOS meta-distro[1].

I do agree that these technologies can be abused. But system integrity is also a prerequisite for security; it's not like this is like Digital "Rights" Management, where it's unequivocally a bad thing that only advances evil interests. Like, Widevine should never have been made a thing in Firefox imo.

So I think what's most productive here is to build immutable, signable systems that can preserve user freedom, and then use social and political means to further guarantee those freedoms. For instance a requirement that owning a device means being able to provision your own keys. Bans on certain attestation schemes. Etc. (I empathize with anyone who would be cynical about those particular possibilities though.)

[0] https://0pointer.net/blog/fitting-everything-together.html

[1] https://github.com/systemd/particleos

Reply View 0 replies
dust42 5 days ago

Linux is nowadays mostly sponsored by big corporations. They have different goals and different ways to do things. Probably the first 10 years Linux was driven by enthusiasts and therefore it was a lean system. Something like systemd is typical corporate output. Due it its complexity it would have died long before finding adoption. But with enterprise money this is possible. Try to develop for the combo Linux Bluetooth/Audio/dbus: the complexity drives you crazy because all this stuff was made for (and financed by) corporate needs of the automotive industry. Simplicity is never a goal in these big companies.

But then Linux wouldn't be where it is without the business side paying for the developers. There is no such thing as a free lunch...

Reply View 0 replies
TacticalCoder 5 days ago

> this basically will remove or significantly encumber user control over their system, such that any modification will make you loose your "signed" status and ... boom! goodbye accessing the internet without an id

Yeah. I'm pretty sure it requires a very specific psychological profile to decide to work on such a user-hostile project while post-fact rationalizing that it's "for good".

All I can say is I'm not surprised that Poettering is involved in such a user-hostile attack on free computing.

P.S: I don't care about the downvotes, you shouldn't either.

Reply View 1 reply
  • noisy_boy 5 days ago

    Does this guy do anything that is user-friendly and is as per open source ethos of freedom and user control? In all this shit-show of Microsoft shoving AI down the throat of its users, I was happy to be firmly in the Linux camp for many many years. And along come these kind of people to shit on that parade too.

    P.S: Upvoted you. I don't care about downvotes either.

    Reply View 0 replies