Now that Arch is a botnet, what is a good BSD alternative?

Now that Arch is a botnet, what is a good BSD alternative?

Attached: archbotnet.png (1200x500, 32K)

Other urls found in this thread:

itsfoss.com/nsas-encryption-algorithm-in-linux-kernel-is-creating-unease-in-the-community/
wiki.archlinux.org/index.php/OpenRC
wiki.archlinux.org/index.php/Runit
en.wikipedia.org/wiki/Dual_EC_DRBG
wiki.archlinux.org/index.php/SELinux
twitter.com/SFWRedditImages

Wha?

itsfoss.com/nsas-encryption-algorithm-in-linux-kernel-is-creating-unease-in-the-community/

mutts will defend this.

Arch is supposed to be simple, not secure.

Jesus Christ, are you going to make ten of these now until you're tired of being banned?

did ((they)) bring down the freebsd foundation with sjws just because it was so much better than linux?

You can 'block' the Speck module in the blacklist.conf file.

Not sure what you are talking about

Attached: sage.png (858x573, 53K)

just blacklist the module lmao

>spec turned on by default
>shipping systemd
Thank you based Arch

>It’s just a not-so-strong encryption algorithm from American agency NSA and it’s available as a module in Linux Kernel.

If it's not so strong then why even include it, must be a backdoor.


▲▲

Lmao Arch users BTFO

Attached: IMG_20180805_081808.jpg (1079x516, 63K)

>must be a backdoor.
precisely.

/thread

Yeah it can be disabled but it doesn't stop me from distrusting them. Why would I continue to trust a distro that willingly puts this bullshit in?

So how do you blacklist this module then?

Uh, kernel updates are present on all distros. Even on LTS kernel ones. This may be resolved until then or skipped.
It's even explained how to disable the module here. There's no one to trust or distrust. It doesn't even have to load on your machine.

I get that you fucking illiterate branlet.

I am saying that the maintainers of Arch willingly enabled Speck despite security concerns. That's why I don't trust them.

Why should people have to blacklist this module manually? By default it should be disabled. Stop making excuses for shit.

Install Crux

Attached: crux1.jpg (723x1024, 149K)

>I am saying that the maintainers of Arch willingly enabled Speck despite security concerns. That's why I don't trust them.
Jesus Christ... Arch maintainers are not responsible for kernel development and merging commits. And why does it even matter when it can be disabled? I don't believe you even use Linux, as someone being this illiterate and clueless shouldn't even be insulted.

It's meant for use on devices that have a hard time handling AES (embedded/IoT)

It's disabled by default except on Arch. As the in Arch maintainers enabled it. Learn to fucking read you retarded fucking ape.

>Jesus Christ... Arch maintainers are not responsible for kernel development and merging commits.
This has nothing to do with merging commits. This is a module that is disabled by default, EXCEPT on Arch. Because Arch's maintainers enabled it, despite the serious concerns surrounding it.

Found the NSA agents.

Attached: 27907992_951881871661391_5165946211433868105_o.jpg (960x1280, 149K)

>concerned about memes
>not concerned about very real systemd

>This is a module that is disabled by default, EXCEPT on Arch.
Source?

NSA agents who are telling you to disable a module they've developed. We sure are smart.

Literally the article posted at the top of this thread.

>very real systemd
Very real what? No audit confirmed anything. And it's never been about exploits, it was mainly about "design" philosophy and choices.

$ zgrep "SPECK" /proc/config.gz

>No audit confirmed anything. And it's never been about exploits,
There's never been an audit and it's ALWAYS been about exploits.

Returns CONFIG_CRYPTO_SPECK=m for me.

Alright, but what's with the outage if it can be disabled without breaking anything?
What exploits? How many reports of compromised systems because of those have been published?

I thought loonix was supposed to be safe out of the box?? Now I find out it's riddled with NSA malware.

>What exploits? How many reports of compromised systems because of those have been published?
What part of "There's never been an audit" did you not read?

The whole debate about systemd revolves around how it's too damn big and impenetrable for anyone to audit the thing without asking a pretty penny, and the maintainers have utterly refused to pay for an external audit because Lennart Poettering vetoes it every time. If somebody five years ago paid Poettering ten million dollars to put a backdoor in systemd we would not know about it now and it seems unlikely at this point that we will for a long, long time.

Third sentence in..
Before you panic or form wrong conclusions, you should know that Speck is not a backdoor.

Jesus Christ... Where do you people even come from? Do you just not read any articles before posting ever?
>If somebody five years ago paid Poettering ten million dollars to put a backdoor in systemd we would not know about it now and it seems unlikely at this point that we will for a long, long time.
So, what's the solution here? All of this is just speculation. Do any init systems function without breaking the whole system or causing software to be incompatible due to dependencies?

>so much FUD over an open source 300 lines implementation that nobody uses
are you also mad systems also ships with md5?

this is very real and scary but its extremely easy to disable for now

It's not a backdoor in the literal sense of enabling the NSA to access your computer remotely.

However, we know for a fact that the long-term weakening of commonly-used encryption algorithms is one of the TOP priorities of the NSA and has been for years. This encryption algorithm was rejected by the ISO for being too weak. Look at the bigger picture, my guy. This has no place in Arch, it has no place in Linux.

>If unsure, say N.
=n is the default setting

It is compiled as a module in your kenrel. You are probably using the default Arch kernel check proc version, Jow Forums wont let me post the command wtf

If you do not want this module to be used, either recompile a kernel with the option set to =n, or just blacklist it in a config in modprobe

>this is very real and scary
Maybe for the all the low-end ~100 Android Go devices, some of which aren't even available anymore or aren't available worldwide.

OpenBSD

>So, what's the solution here? All of this is just speculation. Do any init systems function without breaking the whole system or causing software to be incompatible due to dependencies?
Yes. There are a handful of alternatives. The big two right now are OpenRC, which is basically just a porting of modern systemd features to a "Layer 2" module around sysvinit. The developers see that as a much more unix-style development model then systemd. It's what Gentoo uses by default.
The other is GNU Shepherd, which is more systemd-esque in that it's monolithic but it's about one tenth the size of systemd despite also supporting critical features such as async startup and centralized logging. It's the default in GuixSD and a handful of other distros.

Historically the only roadblocks to dropping systemd were the fact that dbus and logind required it. They no longer do, thanks to the wonderful efforts of eudev (maintained by the Gentoo developers) and elogind (likewise) which both provide drop-in replacements for those libraries without systemd dependencies.

If you like bloat, it's even possible to use OpenRC as a wrapper around Shepherd. But that kinda misses the point.

The only systemd feature not supported by these systems is systemd-boot. GRUB should suffice.

>not mentioning Runit

I've blacklisted it in the modprobe conf section as the article recommended. How should I cause this to take effect? Wait for a kernel update?

..and put in the kernel anyways at the behest of google so they could have encryption on their low powered phones. The article also tells you how to blacklist the module if your tinfoil is triggered.

>How should I cause this to take effect?
Just reboot and confirm if the boot was successful.

Just reboot

Wow I completely forgot about runit. Not quite sure how. Most of my personal experiences with runit have been in combination with OpenRC but yeah I know a handful of people irl who use Void as their main os and it seems pretty decent.

Are there any guides for Arch?

Ever heard of a thing called the Arch Wiki?

wiki.archlinux.org/index.php/OpenRC
wiki.archlinux.org/index.php/Runit

>bsd
>good

Attached: 1339550542744.jpg (894x801, 118K)

Everything is botnet user
The Eye is called All-seeing for a reason

Often lackluster. Doesn't hurt to try after a backup.

Keep in mind that Arch doesn't play nice with non-systemd boot systems for a handful of reasons. You can get it to work fine, but it'll be a lot of effort. You're probably just better off using Void, Gentoo, or GuixSD if you don't want to use systemd.

Is there any reason why I ought to not use OpenBSD?

no software support, package manager will delete you eventually.
also anyone with physical access can get root access without a password.

Just a reminder that this cancer (as well as systemd) isn't in Artix.

artix is nonfunctional trash though, unfortunately.

Works on my machine. Just get the base iso and you're good to go.

Different user, I added the blacklist.conf to /etc/modprobe.d, regenerated the intramfs image and rebooted, the module still appears active when using mkinitcpio -v

oh shit here we go

>iso comes with a broken pacman mirrorlist

Attached: 1532214738285.jpg (222x227, 7K)

so I guess OpenRC was audited?

The base iso with runit should be fine.

>Now that Arch is a botnet
WHAT HAPPEN

>this is very real and scary
>being scared of an encryption algorithm added to the kernel for Google
>being scared of something that is not used at all throughout the rest of the kernel
>being scared of an optional module

I swear Jow Forums is tech incompetent.

Yes, Gentoo maintains an independent security team that checks all commits for security concerns before they get distributed.
It's also worth noting that OpenRC itself is not a PID1, it just uses sysvinit for the actual boot stuff. sysvinit has been extensively vetted over the course of the last five decades and can safely be regarded as secure.

>WHAT HAPPEN
Archlinux - NSA project include built-in kernel SPEC module for hard spying end-to-end users.

zgrep "SPECK" /proc/config.gz
# CONFIG_CRYPTO_SPECK is not set

AM I SAFE?????

yeah, for now.

didn't know buzzfeed writers browsed Jow Forums

Yep, you are safe

They added an OPTIONAL encryption module made by the NSA to the Linux Kernel, which might or might not contain a backdoor (hint: it contains a backdoor)

It doesn't affect Arch specifically, but all rolling releases and eventually anything that uses Linux.
But it won't affect you unless you explicitly decide to use it instead of one of the more secure encryption modules.

Arch enables it by default and has for awhile, that's the point of this thread. I verified this on my own machine.

Arcucks BTFO.

Glad I use Manjaro.

Attached: pepe.png (1280x1280, 150K)

Manjaro is based on Arch. What is the output of this command when you run it?

>what is a good BSD alternative?

macOS

Literally the only people to answer OP's question.

Quality website you've got here, user

Attached: Screenshot_20180805-130804.png (1080x1920, 760K)

>Not using an adblocker

found the gook

Attached: --지유- 우왕우왕ㅎㅎㅎ아육대 다들 보셨나요-- 지유의 리듬체조ㅠㅠㅎㅎ--- (567x810, 566K)

Found the nigger

Attached: 1532464320426.png (402x317, 216K)

CONFIG_CRYPTO_SPECK=m

fugg

I blocked it using what it said in the article, and after restarting my computer I still get CONFIG_CRYPTO_SPECK=m, am I fucked? Should I switch to Artix Linux? No systemd and they have it disabled.

just rebuild the kernel with it turned off

Attached: mods are fags.png (1746x876, 236K)

how? i'm new with this.
m-mom, get my win7 back! this is a fucking nightmare!

cringe & reported for shitposting

>botnet
it's an algo that was neither confirmed to be safe or unsafe.
people speculate that it's backdoored because of this previous incident: en.wikipedia.org/wiki/Dual_EC_DRBG

>backdoor
it's an encryption algorithm so the only thing that could be "backdoored" is the data that you encrypt with it

>enabled by default
it's a loadable module. not even loaded from the disk until you run a program that requests it

>b-but muh botnet
if you are really that desperate then blacklist the module or compile the kernel without the CONFIG_CRYPTO_SPECK option

>Posting about a potential breach in kernel security is now considered shit posting apparently.

Don't you have some brown people to watch Mr. NSA?

There's also ArchBang.

Do you consider SELinux a security breach too?
Made by the NSA and surprise, it's been part of the kernel for 20 years.

Some new encryption algorithm that isn't being used anywhere is not a security breach. Don't use it if you care so much

>Made by the NSA and surprise, it's been part of the kernel for 20 years.
wrong
wiki.archlinux.org/index.php/SELinux

ftfy

btw i use arch :^)

Attached: 1533481536766-or8.png (1200x500, 13K)

>It's not a backdoor in the literal sense of enabling the NSA to access your computer remotely.
which is has been in win since win 95