Yes, this is exactly why I don't run any of this crap on my distro. No dbus, no polkit, no systemd, nothing. Computer security is already enough of a nightmare without all this crap added on and linked in to everything.
Some programs can be configured to run without it. Others require patching to remove it. Some patches are trivial, others not so much. I've done a lot of patching, with still more required to get other applications running that I want to use. At some point I'm planning to build a "dummy" dbus library that can be linked against but actually does nothing at all, but I haven't gotten around to it yet.
Has bugs, is way too complex for the given functionality, and is completely unneeded in the first place--yes, get rid of the damn thing. Unless of course you enjoy getting "your" system OWNED and dominated by bad actors.
My custom distro beats the brakes off junkware like Ubuntu and (lol) Windows in startup time and responsiveness, and has all of the functionality I need, with half the code and as a result much fewer gaping security holes.
Computer security is an absolute nightmare these days. Intelligent people should be simplifying things and stripping everything down to the bare minimum, instead of stacking more crud on top of endless crud.
Those who fail to SECURE their systems and workflows will one day in the near future be surprised as shit to find that the entire "cloud" has been hacked and destroyed by worms and their system trashed right along with it. At that time, the world will be divided into two camps: computer owners (me and my kind) and non computer owners (everyone else.)
Who cares? If you don't take computer security seriously, you won't be computing much longer. Before it's over with, mine will be the only opinion still in existence. It's called "natural selection."
>is way too complex for the given functionality, and is completely unneeded in the first place--yes, get rid of the damn thing. Unless of course you enjoy getting "your" system OWNED and dominated by bad actors.
This is a rather nonsense statement. Polkit (or something like it) is needed if you want to have those macOS-style "program A wants to have permission to access privileged resource B" security prompts in the GUI. It's about as complicated as any similar solution needs to be for that use case. Perhaps you find these to be annoying and you disable them so they always succeed, but with that you've effectively given every program permanent suid root access. Definitely simpler, but can you say it's less of a security nightmare? I wouldn't. Yes there are risks of vulnerabilities in any security layer, but without them you've got no security layer at all.
If those checks always fail, you've now lost that functionality to do anything requiring elevated permissions and made your system less useful. You could get it back by installing a suid root tool like sudo/doas but that opens the same hole again that elevates these problems from a crash into a CVE.
I don't want or need popup permission prompts. If something needs to run as root, I run it as root from the console, as God intended. In the process I am assuredly avoiding all sorts of potential security vulnerabilities, such as this polkit code which is not installed on my system. Now get off my lawn.
Computer security really isn't THAT much of a nightmare for an average user. How many people do you know that got hacked lately, for any reason other than not using 2FA, or installing random garbage?
If you don't own cryptocurrency(That is more critical because it can't be reversed), you're probably way more at risk for physical theft than cyber crime.
In fact I think we are more secure than ever before because browser sandboxing actually works worth a crap, unlike 10 or so years ago.
The more you strip out of a system, the more manual work you need to do, and the closer you get to just a fancy version of a pencil. Technically, every line of code is a security risk.
But a lot of things just... are barely worth it when ultra simplified, and you start spending more time than you save at a certain point.
This bug is pretty bad, and I could see distros getting rid of it, but only with plenty of thought and analysis and maybe a replacement. They clearly put it there for a reason. Lots of stuff seems to need it.
And unless you use sandboxing or multiple accounts for different things.... if you have attackers running as your user, you are already screwed.
You're part of the second group I mentioned: the one that won't be computing much longer.
> Computer security really isn't THAT much of a nightmare for an average user.
"Average user" and "common idiot" are one and the same. Common idiots never see danger coming until it's too late.
> How many people do you know that got hacked lately, for any reason other than not using 2FA, or installing random garbage?
It's not about what has happened, it's about what easily CAN happen, and therefore WILL.
By the way, 2fa being forced down everyone's throat is not for your benefit. Notice how they never will allow you to use a voip number for 2fa? How could TPTB track your every move via GPS if you use voip?
> If you don't own cryptocurrency(That is more critical because it can't be reversed), you're probably way more at risk for physical theft than cyber crime.
LOL. Crypto is a scam. Bitcoin is going to crash to zero, and you're going to lose everything. Next TPTB will introduce their own Officially Approved digital currency, which is specially designed so that your account can be locked or restricted or emptied with the click of a mouse button, and so that you cannot possibly ever avoid any taxes.
You've got some tough lessons to learn about how the world works.
Meanwhile my use of physical, hard currency will keep me free and at liberty forever.
> In fact I think we are more secure than ever before because browser sandboxing actually works worth a crap, unlike 10 or so years ago.
If by "secure" you mean "in Google's firm grasp", you are correct. If you really meant "in control over your own computer", no, you are not.
Try patching Chromium to remove all the spyware and malware as I have done, and note how you and your browser are now treated as Enemies of the State by the Big Corp controlled internet.
> The more you strip out of a system, the more manual work you need to do
Freedom isn't free, nor is security.
> But a lot of things just... are barely worth it when ultra simplified, and you start spending more time than you save at a certain point
How would you know? You've never even tried to escape from the Goolag.
My system beats the brakes off yours in virtually every metric, especially speed and security, and has been worth every hour spent working on it.
> if you have attackers running as your user, you are already screwed.
You mean like the attackers you willingly give root access to your machine by allowing them to regularly stream arbitrary binary code to "your" (their) computer, and regular user access via metrics and update checks and every other sort of outgoing network connection on their schedule and not yours, any one of which could trigger a buffer overflow and code injection event? Yes, you are screwed six ways from Sunday.
If the world ever gets bad enough that I have to hide from Google and TPTB, your customized system will probably be contraband. In which case, I wouldn't want something like that, because I... don't want to go to jail, and I am rather certain they could find out if they wanted to.
Probably by machine learning looking for houses with an absence of pings to certain servers and using old fashioned police work from there.
Keeping that scenario from ever happening is a political issue. Perhaps it is in part technical too, but ultimately, people should not have to live like fugitives. For the same reason they shouldn't have to wear a guy fawkes mask in public.
And if someone does need to, they probably don't consider themselves to be free.
I may have never tried to get away from Google, but we did grow up poor enough to not have the latest tech for quite a long time.
It would be nice if it was possible and convenient, but a lot of things are still way behind.
When you add up all the details... it's probably more of a luxury than being rich in the gilded age, and it's accessible even to people like me who don't even make minimum wage when you take into account all the Ubers and Lyfts and crap.
With simple technology, one mistake and it's all gone. It doesn't help you out at all. Remember how this stuff was done 15 years ago? Nobody ever would trust computers for anything important. We all used pens and paper every day.
Every person I know who cares about privacy seems to need tons more analog tech than I do.
Lose your phone? Too bad, there was no Google page with which to track it and remote control it. Lose your wallet? Hope someone turns it in. There was no Tile.
Cooking and need to set a timer? Better wash your hands first and be careful not to forget in the time it takes to do so, or you'll make a mess and transfer germs when you touch the timer.
It would be a LOT of work to set up replacements for all of this while preserving privacy.
These things are only a few minutes per day, but collectively they are a big lifestyle change.
Eventually, open source will catch up. But it is slowed down by the fact that the FOSS community.... likes to shit on such things and doesn't want them to exist at all, and prefers ongoing manual involvement, and shits on most zero conf stuff, because they're so absolutist about security and minimalism.
You don't have Firefox or any browser? How are you posting? W3m? I would imagine that these have an enormous amount of bugs and security issues if parts of basic Linux programs are riddled enough with them by your standards.
That's worked pretty well e.g. for OpenBSD. Their code isn't perfect, but they've evaded lots of bullets simply by removing things they don't deem necessary.
I think I've evaded many bullets exactly the same way.
More code and more complexity -> more bugs, more holes. It's pretty simple.
I make jokes frequently, and rarely get downvoted for them. They're rarely standalone. They're topical and non-obvious. Low-hanging fruit is punished here. Most jokes people happen to make are low-hanging fruit. It's like the reverse "lucky 10,000" effect: if you think something is funny, it's probably because it's novel to you. Meanwhile, the rest of us have seen that joke, on the internet, too many times already. Uninteresting comments go down. Also, delivery makes the joke: just like sarcasm, the medium isn't doing you any favors.
That's the sort of joke that you make and take your lumps for. Sometimes the feeling strikes you and you can't resist. Getting downvoted makes it funnier. The lowest you can go is -4 so it isn't even like you lose that many fake internet points for it.
I've seen enough of this crowd to not be surprised at any ridiculous thing that happens here. Like having a 50 page Very Serious argument back and forth about some minor, irrelevant detail, possibly having nothing at all to do with the actual article, but a simple joke gets downmodded because ZOMG HOW INAPPROPRIATE. Or lest we forget, the various articles about things this crowd clearly knows nothing about, like politics or economics, but everyone has an opinion about anyhow.
By the way, given the frequent gasps of horror which are heard here when people are confronted with the horrifying suggestion that Microsoft is an evil corporation and people should use Linux or BSD instead, along the lines of "but I might have to compile my own wifi drivers tho! egads!", or those who are appalled at the idea of system startup using shell scripts ("the barbarity!") or the frequent snarky remarks that C is a terrible, horrible, no-good "unsafe" language that is unsuitable for any use (despite virtually everything else in the world depending on it), etc, etc, it's quite charitable to describe this as being a forum for "Hackers." In many cases, it's more like just a bunch of pretenders and wannabes.
I read your comment profile, and know exactly what you mean about the "cancel culture." This is the first profile I've had here where I've actually managed to get a little positive 'karma' built up and avoid immediately getting downmodded into oblivion and run out on a rail. My very first account here a couple years ago, as a bright eyed noob, was literally shadowbanned within 15 minutes, which absolutely blew my mind.
The moderation system here is seriously broken, and has the effect of creating a toxic echo chamber of humorless trigger-happy goons. I've read a lot of complaints about it in various articles over the years, by names who no longer seem to be around. The response always seems to be EWONTFIX.
Indeed. The issue I had here was not that there was a joke in a place of solemnity, but that it was an old and low-effort joke that also didn't add to the discussion.
I think appetite itself has a lot to do with the nutritional density of what you're eating. I can eat 1000kcal of gummy worms and just be getting started, but 1000kcal of ground beef and I can't look at food for a few hours. Or in other words, it seems like your body will keep giving you hunger-signals regardless of volume, until it gets what it needs (e.g. protein, minerals, vitamins).
The real problem here is self-control and self-discipline, or the total lack thereof.
It's just like the people I see on here who have some bad habit, like browsing Facebook or HN all day when they should be doing something more productive. They will do things like set up a special program to lock themselves out of the computer or out of the web browser--using some technical hack rather than the correct approach: which is to simply DECIDE not to do these things and WILL oneself not to do it, in the process developing self-control and self-discipline.
The reason an obese person has such a raging hunger is because they are in the HABIT of eating so much. Habits are hard to break, because it takes willpower and dedication, which the average person in our corrupt society has been brainwashed and trained from birth not to have. In this society, we are trained to be weak, passive consumer drones, to indulge every feeling and craving foisted upon us by media "influencers"; to always give in to impulse, to never to make own decisions or say NO to anything, and if we try, to quickly give up and make excuses for failure. And look what destruction it has wrought.
One might slip up at first and not perfectly follow through on the decided agenda, especially after a lifetime of being trained to just give up and give in, but the correct response is to note when one is slipping up and CONSCIOUSLY take corrective action, rather than give up and blame "luck" or whatever--which is a loser mentality, like the cigarette smoker who "just can't quit" as he takes another drag, until he dies of lung cancer.
I was not myself born as a perfect snowflake who never got into bad habits or screwed up in life. I have done plenty of both. The difference is I CHOSE to give up the bad habits and live differently, for the long term benefit. Once the good habit is locked in place, doing the right thing is effortless.
If a fat or obese person decides to make a change, they will. If they quit eating garbage and cut back on portions, they will crave it for a time, but over time the cravings will lessen, and then disappear entirely. It's simply a matter of breaking old habits and forming new, better ones.
There was a time I used to drink soft drinks and eat fast food and Doritos like the typical fat ass does. The very conveniently placed vending machines at the government-owned school, with all the conveniently located fast food establishments, helped and encouraged me to develop these habits. Now after breaking the habit, none of this junk appeals to me AT ALL. There is ZERO appeal. From the outside, now I can see it to be what it actually is: JUNK. It is repulsive.
In time, as people change their habits, not only will much of this JUNK no longer appeal to them at all, but if any of it still does to some degree, they can indulge in it a little without harm--because they have developed the SELF-DISCIPLINE to control themselves.
While you are not wrong about self-discipline being an important factor, there are also genetic components to things like ghrelin and leptin levels and responsiveness.
Not to mention also that the willpower to override your habits is a limited resource and not everyone has the ability to apply it to this aspect of their lives.
The genetics of the human population have not shifted nearly as fast as weights have increased. Genetics may play some role in weight, but other factors are far more determinant.
> If you refuse to understand this obvious truth, then perhaps you're right about yourself: you are mentally and genetically defective. For obvious reasons, we can't afford to have genetic defectives giving shitty advice that will enable others to ruin their lives,
"Genetically defective" - who determines this? And how are we to know that you yourself are not 'defective'?
Hmmm...how about the fact that I don't engorge my piehole with mass quantities of junk food, become obese, then make pitiful and pathetic excuses for my lack of self control?
How about the fact that at 41 years old, I am much healthier than 95% of the U.S. high school graduating class of 2022, many of whom are too fat to see their own feet without a mirror?
How about the fact that my conscious CHOICES have kept me healthy and free of sickness for all of my adult life, despite society's attempt to brainwash me to become an unhealthy, disgusting lard ass?
Do you think any of that might indicate some form of superiority?
Do you agree with the other idiot that these poor, helpless obese people can't possibly do anything to help themselves? Then you are also genetically defective, and striving hard to bring down as many others as you can.
The idiot himself admits he is defective. Isn't that the entire point of the "but I just can't help myself" excuse? I tried to help him see reason and overcome his poor mindset, but he steadfastly stuck to his "I'm just defective and can't help myself" excuse. So I guess in the end I am forced to agree with him.
I guess that just proves my point about discipline being a limited resource. You appear to have put of yours into bettering your physical health and none into interpersonal relationships or compassion.
Here is my own experience and advice about health and physical fitness, shared in hopes it will encourage and help people who are living unhealthy lives, because they have been misled by society. I'm typing this on a touch screen, which sucks (I'm more of a Model M kind of guy), so I'll make it brief.
I have always been active, always moving around, exploring the woods and climbing up and down hills, that sort of thing. I do sit in front of the computer a lot, but also get up and move around plenty, and do work outside on sunny days. (I live out in the country.) I'm not hesitant to walk or run a long distance, and in fact last year I walked about 10 miles to get a spare vehicle when the battery on my truck literally exploded at the post office. Was sore as hell on arrival, but did enjoy the scenery, plus the knowledge that I'm one tough mother fucker.
Physical activity is of major importance to staying healthy. Some people are always taking shortcuts, trying to do as little as possible. That road leads to death. Note: I DO NOT work out at the gym. That sort of thing can have its use, but working on the FARM (or similar type of work) is much better overall.
I used to drink soft drinks. I do not anymore, and it has been one of the best changes I ever made. The sugar is bad and will make you fat. The acidity destroys one's teeth. The caffeine intake, in quantity, is IMO unhealthy.
I eat a variety of pure and natural foods. Examples: whole milk, eggs, cheese, butter, wheat bread, bacon, homemade hamburger, homemade pizza, salad, baked potato, vegetables of all kinds, oatmeal, rice, beans, beef, chicken, fish. Yes, I add sugar and salt to flavor, and not to excess. I DO NOT eat processed junk like TV dinners, or load up on sweets or the substance euphemistically called "ice cream." I do eat these things on occasion, if called for, but not regularly.
I quit fast food restaurants like McDs, Burger King, Taco Bell. They're all garbage. The only "fast food" I eat these days is healthy stuff like authentic Mexican food from a family owned restaurant, or Chick-Fil-A, and in moderation because it's cheaper and better to eat home cooked meals at home.
I have a garden every year and am often eating fresh fruits and vegetables during the summer. I also can some things for winter, or make big batches of canned soup for eating over time.
I don't continually stuff myself with food. Some days I take a break and just drink milk, or water. I believe fasting is very important to long term health. The more I eat, the more active I am. The less active I am, the less I eat. Because I have muscle, and stay busy, and don't overeat, or eat JUNK, I don't get fat.
I drink a little (homemade) alcohol, but in moderation, and not daily. I also occasionally smoke homegrown tobacco, and frequently smoke home grown WEED.
I get a full night's rest, every night. This is of critical importance. I also refuse to work a stressful, shitty corporate job, preferring instead to be DIRT POOR rather than destroy my life, health, and sanity like that.
I don't take any medicine at all. I also don't ever get sick, period. The last time I ever got sick was over 25 years ago, when I was a boy.
90% of health advice from the mainstream is total bunk and is in fact purposely designed to KILL you. For example, veganism. Want to be a weak, unhealthy soyboy? Be a vegan.
I saw one guy on here commenting the other day about his vegan girlfriend who is in ill health, with serious problems including joints getting stiff and locking up, steadily going downhill. The idiot "doctors" had no advice other than "stop eating meat"--which is exactly the problem in the first place, but this guy didn't make the connection and was at his wit's end. Stay the hell away from these quacks!
Yes, I fully agree that the Western meat industry is horrible and evil, but the solution is to make friends with decent farmers and butchers who treat their animals humanely, not deprive yourself of vital nutrients.
In closing, let me share an anecdote with you I read the other day, which should help you understand humans and the world we live in a little better:
"Funny story: I have a friend who works for a social media influencer (with 1 million followers) who does health fitness. This person says she's vegan and does just yoga, pushing lots of powders, etc. She is in incredible shape and has a million women following her and wondering why they don't look like her, and they keep paying more to try. Well the big deception is she actually is keto/carnivore, and when doing her real workouts she is definitely not doing yoga.
She was elevated because she would push the agenda. The deception runs deep."
In my experience, yes. Try discussing in an impassioned manner something of importance to the human race, or of life and death importance to the human you are speaking to, and watch how quickly people will change the subject to whining about your "attitude" or fixating on some curse word you used, rather than the important subject at hand.
> I genuinely don't see what's so complex about a service unit file
It't not the unit file that's the problem, it's the mountains of junk, low quality C code written by an obnoxious, arrogant twit named "Linux Puttering" who has proven for 15+ years he couldn't care less about code quality or system reliability.
Besides the anecdotes shared by others over the years about the horrible experiences they've had with systemd, I have one of my own to share. When developing my own distro to escape the bloated, laggy hell that is Ubuntu, I started the build on my existing Ubuntu system. I found out the hard way that accidentally double mounting virtual filesystems on the target volume causes systemd to crash the system after about 60 seconds, with no possible way to recover. On MY system, with no junky ass systemd, making this error harms nothing at all and can be easily fixed.
The people who talk about "buggy, hacky" shell scripts appear to be some of the same type of people who shrink in horror from the idea of compiling their own kernel, or working at the command line. (i.e. not really "hackers" at all.) There is nothing at all wrong with using shell scripts for startup. It is in fact the simplest, and IMO most elegant way of doing the job, and no it isn't buggy or hacky in the least. The file system is the database and unit file and the already existing shell is the interpreter.
My system starts much more quickly than Ubuntu and is much faster and more responsive in daily use also, so the "startup time" excuse is a myth, and practically all of the other contrived examples people use to justify the use of systemd can be done BETTER using shell scripts in conjunction with small, light weight, single purpose utilities built the UNIX WAY.
On my desktop I run with no swap, overcommit disabled, and earlyoom. I frequently do heavy work with it including such things as Chromium builds and it's trouble free. See above for the tweaks I've made to ensure perfect responsiveness under all loads.
For a long time after creating my own Linux distro, I had the same kind of problems also. It turns out the Linux kernel is horribly tuned by default. After a number of tweaks and adjustments, I finally got all those bugs ironed out. Now my (four core) desktop is perfectly smooth and responsive under all loads, even playing video and running multiple builds while copying files around. Here's the important parts of what I've done:
* set disk i/o schedulers to 'bfd' for spinning drives and 'deadline' for solid state, and 'none' for nvme, by creating a file in /etc/udev/rules.d . kernel must have deadline and bfd schedulers compiled in.
* turned on SCSI block multiqueue in kernel config. requires kernel command line option scsi_mod.use_blk_mq=1 to actually enable it. this helped, but did not completely cure the disk i/o problem.
* patched kernel source file ./block/blk-mq-sched.c to hard limit number of queued block device requests to 2, instead of default which is like 32. this absolutely cured the problem. no more disk i/o dragging the system down. doesn't seem to have a major effect on throughput.
* kernel is configured for full preemption, with 1000hz timer frequency.
* for architectures which will boot using the muqss cpu scheduler patch, i enable that with a 100hz timer freq instead.
* overcommit is disabled, as well as swap, and i use earlyoom to ensure process destruction proceeds in a controlled manner in event of memory exhaustion.
That's the bulk of it. No real magic involved; just un-fuck-ifying the default kernel config, which is garbage even for server use IMO.
(This is on a 4.x kernel btw, and I have no plans to downgrade to the 5.x series.)
The fact that these some or all of these tweaks aren't done by default would seem, along with other evidence, to support my belief that Linux is actively being sabotaged by people who don't want it to succeed.
Software have a hard time keeping up with hardware architecture, mostly because of backwards compatibility...
Imagine running a restaurant, normally you can take 32 orders and have the customer sit and wait. One day you get new chefs that can make food 100x faster, but now you can only take one or two orders before the chefs have the food ready and you have to give it to the customer that ordered it. So despite the chefs being 100x faster it now takes much longer to place an order, and the waiting line can grow long with impatient customers.
