Does harden-tools incorporate or improve on bastille?
No, not to my knowledge. Bastille still works and is quite well
supportive of
any normal linux. The new TCL version that debian adopted decided to
DEEPPRREEECCIIIAATTEEE
previously working code, because, you know, can NEVER have anything
stable about.
(Hi Perl6, nice new programming language you got there with completely
different syntax called Perl)
Is the question then whether bastille needs to be placed in the Devuan
archive or that
hardenk-tools should be installed automatically?
The questions are 1) Why has Debian decided that security is not
important
(hence dropping bastille, and then adding systemd), and 2) is there
It almost feels like it was a 2 part operation:
First debian de-emphasizes security in version 7.
Then it forces systemd in version 8 (along with everyone else)
(Aka: might aswell be a rootkit-d)
During the same time that Windows deploys a keylogger for every
key you press (win10, and backported to win8 and win7) and nearly
every Intel chipset has a chipset level backdoor (VPro/AMT/whatever they
call it next)
with built in VNC server that pulls from the framebuffer aswell as the
ability
to upload the entire contents of ram (and always remotely re-enableable
while sitting
in a 1.2MB black box of proprietary code, cryptographically signed so
that it
must be used). (Many AMD have similar but less advanced in-built
backdoors,
but not all like intel)
Also windows now automatically uploads your crypto key to your HDDs to
microsoft servers,
systemd doesn't do that yet, but it makes sure root will be wide open
for anyone wishing
to hack in, and sometimes doesn't play nice with encrypted disks (unlike
debian 6 and 7 and 5,
all which worked great with encrypted discs)
Just all a coincidence, ofcourse.
Then when Security hardening script is mentioned here it's either
shouted down
"don't need that, real system admins do the 100 steps by hand every
time"
or met with crickets.
I notice the people who like to be blowhards on this list also don't
seem
to see the value in encrypted harddrives, almost saying "who uses
LUKS+volume" and thus
needs atleast some sort of intrid or initramfs (I'm sorry it's needed
too, but, it is what it is,
got to beable to mount root).
Yea, crazy fking thing there too!
They say NO to bastille.
NO ("who uses that??!") to encrypted discs.
Who's side are they on?
GoLinux: Remember when I was sgryphon and the VUA mentioned my arguments
as
a (perhaps small) portion of a fairly good explainition of the reasons
for starting something
like Devuan.
But now you don't like me so everything I say is false and worthless,
right?
Yea.
https://distrowatch.com/weekly.php?issue=20141027
DistroWatch Weekly ..... However, if systemd is here to stay, the VUA
has >declared their intention to ... Sgryphon explains it well in this
thread.
DW: Your website mentions the people involved in this potential fork do
not have time to get involved with Debian's governance. What sort of
governing body will the fork have?
VUA: It will be a governing body that puts the benefits of the users
first, not the mystification of a "doacracy" delivering all the power
to the package maintainers.
Originally, Debian was created as a universal operating system for
the users. The Free Software movement itself is there to defend users'
rights. Sgryphon explains it well in this thread.
We will likely reproduce the governing body of Debian to follow its
original mandate, with the advantage of starting small and more
focused, hopefully with less pressure from the interest of commercial
developers.
On 2016-01-03 20:07, dev1fanboy wrote:
As far as I can tell there is no harden-tools in debian or devuan
jessie nor harden-docs, those are missing too (was looking for them
the other day). Maybe because most of it doesn't apply in debian with
systemd, can't see any of that working there.
On Sunday, January 3, 2016 6:03 PM, Haines Brown <[email protected]>
wrote:
On Sun, Jan 03, 2016 at 05:25:39PM +0000, Go Linux wrote:
Great way to start the new year. Looks like Gregory Smith might be
back. Ugh . . .
Your frustration may be justified, but you are doing less
sophisticated
readers like myself a disservice. I've not thought about bastille for
many years, and this thread encouraged me to see what became of it. My
impression, right or wrong, is that bastille has been superseded by
the
harden-tools package.
Does harden-tools incorporate or improve on bastille? Is the question
then whether bastille needs to be placed in the Devuan archive or that
hardenk-tools should be installed automatically?
Haines Brown
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
_______________________________________________
Dng mailing list
[email protected]
https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
