this post was submitted on 20 Jun 2023
0 points (50.0% liked)

Linux for Leftists

1167 readers
1 users here now

A Community for all leftists wanting to join and being part of a community that talks about Linux, Unix and the Free Software Community

founded 3 years ago
MODERATORS
 

Linux is a branch of development of the old unix class of systems. Unix is not necessarily open and free. FOSS is what is classified as open and free software. Unix since its inception was deeply linked to specific industrial private interests, let's not forget all this while we examine the use of linux by left minded activists. FOSS is nice and cool, but it is nearly 99.99% run on non-open and non-free hardware. A-political proposals of crowd-funding and diy construction attempts have led to ultra-expensive idealist solutions reserved for the very few and the eccentric affluent experimenters

Linux vs Windows is cool and trendy, is it? Really is it alone containing any political content? If there is such what is it? So let's examine it from the base.

FOSS, People, as small teams or individuals "producing as much as they can and want" offering what they produced to be shared, used, and modified by anyone, or "as much as they need". This is as much of a communist system of production and consumption as we have experienced in the entirety of modern history. No exchange what so ever, collective production according to ability and collective consumption according to need.

BUT we have corporations, some of them mega-corps, multinationals who nearly monopolize sectors of computing markets, creating R&D departments specifically to produce and offer open and free code (or conditionally free). Why? Firstly because other idiots will join their projects and offer further development (labor), contribute to their projects, for "free", but they still retain the leadership and ownership of the project. Somehow, using their code, without asking why they were willing to offer it in the first place, it is cool to use it as long as we can say we are anti/against/ms-win free.

Like false class consciousness we have fan-boys of IBM, Google, Facebook, Oracle, Qt, HP, Intel, AMD, ... products against MS.

Back when unix would only run on enterprise ultra-expensive large scale systems and expensive workstations (remember Dec, Sun, Sgi, .. workstations that were priced similarly to 2 brand new fast sportscars each) and the PC market was restricted to MS or the alternative Apple crap, people tried and tried to port forms of unix into a PC. Some really gifted hacking experts were able to achieve such marvels, but it was so specific to hardware that the examples couldn't be generalized and utilized massively.

Suddenly this genious Finn and his friends devised a kernel that could make most PC hardware available work and unix with a linux kernel could boot and run.

IBM saw eventually a way back into the PC market it lost by handing dos out to the subcontractors (MS), and saw an opportunity to take over and steer this "project" by promoting RedHat. After 2 decades of behind the scenes guidance since the projected outcome was successful in cornering the market, IBM appeared to have bought RH.

Are we all still anti-MS and pro-IBM,google,Oracle,FB,Intel/AMD?

The bait thrown to dumb fish was an automated desktop that looked and behaved just like the latest MS-win edition.

What is the resistance?

Linus Trovalds and a few others who sign the kernel today make 6figure salaries ALL paid by a handful of computing giants that by offering millions to the foundation control what it does. Traps like rust, telemetry, .. and other "options" are shoved daily into the kernel to satisfy the paying clients' demands and wishes.

And we, in the left are fans of a multimilioner's "team" against a "trilioner's" team. This is not football or cricket, or F1. This is your data in the hands of multinationals and their fellow customer/agencies. Don't forget which welfare system maintains the hierarchy of those industries whether the market is rosy or gray. Do I need to spell out the connection?

Beware of multinationals bearing gifts.

Yes there are healthier alternatives requiring a little more work and study to employ, the quick and easy has a "cost" even when it is FOSS.

.

you are viewing a single comment's thread
view the rest of the comments
[–] maard@lemmygrad.ml 1 points 1 year ago (18 children)

what kind of telemetry is pushed into the linux kernel, exactly?

[–] iriyan@lemmygrad.ml 0 points 1 year ago (17 children)

wilco intel and possibly hidden amd There is also this INTEL IFS which is pushed as "good telemetry" or telemetry you want, as a super -enterprise admin to know when to replace equipment.

https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/blob/main/config

Many of those things didn't exist in pre-6 editions, they have crawled up dew to pressure by manufacturers. The current 6.xx kernels are more than double of what 5.10-lts was and nearly double of 5.15-lts .. Much of the firmware included is not even under production but alpha/beta versions of hardware under testing by manufacturers.

What do users commonly do? Seek to have the latest and newest published, without reading release and changelogs ever. "Continuous development and modern equipment and code are always better."

Critical abilities are characteristics of "toxic personalities", another capitalist buzz-word incorporated "not-critically" by the masses.

[–] rostselmasch@lemmygrad.ml 1 points 1 year ago (16 children)

I dont really understand your point. What is so bad about those telemetry drivers? Thay have to be loaded and there is no use for them for simple users.

[–] iriyan@lemmygrad.ml 0 points 1 year ago (2 children)

What is so bad about allowing a large corporation to voluntarily draw data out of your system? For one it is very much against the fundamentals and principles unix and foss were based. One the earlier days selling point for FOSS was to assure the user there was no "telemetry". One the other extreme the public through android and mac/os have been conditioned to allow telemetry pretty much with every application they ever installed.

[–] maard@lemmygrad.ml 1 points 1 year ago (1 children)

Couldn't you just as well recompile your own kernel without these telemetry issues, with Gentoo for example ? The fact that you can do this and can't at all with Windows is a pretty big factor to me.

[–] iriyan@lemmygrad.ml 0 points 1 year ago (1 children)

For sure FOSS is night/day improvement over closed non-free binary blobs, for all we know Win 11 may be linux in drag to look like windows. But the anti-MS-win identity is too short sighted for people on the left at least. How often do you see similar behaviors among linuxers be for/against intel/amd, when in the recent and more distant past, they have both be caught red-handed from forcing backdoor systems into the market discovered long after and silenced by the corpororate press. One of them a few years ago was shortly adopted into the linux kernel before it was flushed. speck is one I readily remember. It was nsa code google suggested it is added to the kernel.

[–] Prologue7642@lemmygrad.ml 1 points 1 year ago

I would say that especially leftist Linux users are against every corporation. But there are reasons why Linux users prefer AMD to Nvidia. They are more FOSS friendly. If you want to argue for free hardware, I 100% agree, but unfortunately that is basically impossible nowadays.

If you want to be alarmed about what your computer is doing, I would much more worry about things like Intel management engine and AMDs version of that. Or the binary-blobs that you load just to use these devices. Those are actual issues that we should be focused on.

[–] rostselmasch@lemmygrad.ml 0 points 1 year ago (1 children)

It is beeing used in datacenters. You load the module, you can aggregate your dara and then visualise it.

This as an example. I couldnt find anything how something is beeing sendet to Intel.

This is kind of telemetry which is usefull: The collected monitoring data is exposed to user-space via a new XML format for interested tools to parse.

And this for those wilco stuff. Also look here. I could not found anything, that it is going to be send to a corporation.

What is wrong if i have a bunch of servers and I want to collect telemetry data for them? I can collect them whereever I want.

[–] iriyan@lemmygrad.ml 0 points 1 year ago (2 children)

if you can collect them others may be able to as well, and if there is a way to collect one thing this is a vehicle to access other things. As Snowden says, before his activism it was conspiracy theory, but the world "did change" since then. Or did it?

[–] rostselmasch@lemmygrad.ml 1 points 1 year ago (1 children)

No they cant. What are you talking about? Its like an agent writing specific things to /var/log. Telemetry means, that data is collected for your usage. Not for corporations. Intel PMT gives you the ability to access data. You can collect them and do stuff with them.

Have ever seen software which helps you to see how your assets are doing? Look at Nagios. This thing collects data from your assets and visualise it. And this is a kind of telemetry. With Nagios you can see when its time to replace your harddisks on a server because the SMART values are bad. This is all telemetry. And here you have a possibility in a driver to access certain stuff. No stupid workarounds, direct access. Access which is under your control. Have you ever seen a datacenter or worked somewhere, where you have to manage a bunch of servers? You can check every instance one by one or simply collect data and see whats going on.

You are simply misunderstanding the word "telemetry".

[–] iriyan@lemmygrad.ml 0 points 1 year ago (2 children)

First of all, for people on the left as the community states, the use of running datacenters and enterprise networks is minor and rare (unless you are an admin of the party or federation of unions headquarters). This means the machine has the ability to serve data to others, to the network, and to the admin collecting it. Telemetry is a way for machines to passively allow another to collect data. Any chance this can be exploited? Why have it if your intention is a sole user/admin of a single machine?

With the complexities of a self regulated system as systemd such abilities can't be controlled or audited by a user, but look at what most users of linux have. The collaboration of all those subsystems doing such things are expanding the surface of a machine's presence on any network to be exploited.

For non-industrial use no telemetry is needed or should be allowed. But you pick up on a detail of what the original post is aiming to state to discredit it on a technicality that is meaningless. There are hundreds of parts of a linux system where such discussion can be exploited.

The point is DO NOT let your anti-windows rhetoric blind and confuse users that this is an easy and safe alternative that provides security, privacy, and other goodies, when 99% choose windows that is just as automated and "user friendly" as windows.

You tell me if your average linux user (especially those using gnome and plasma) know where, how, and why to disable kernel modules. Whether those modules are optionally disabled, enabled, included in the kernel, or awaiting someone to trigger them. Look at forums and boards, people mess up their boot-loader or fstab and their ms-win reaction is to format the disk and reinstall something like ubuntu.

[–] Prologue7642@lemmygrad.ml 1 points 1 year ago

You still seem to misunderstand the distinction. The fact that something has a word telemetry in it doesn't mean it sends any data anywhere. Would you also say that checking your hard drive status with SMART is bad? I would guess not, and that is also a form of telemetry, it just doesn't have the word telemetry in it. How about checking how full your disk is, also a telemetry. All of these have exactly the same security implication as these kernel modules.

No one is saying that just by using Linux, you are automatically 100% secure and nothing can ever happen to you and no one can spy on you. That doesn't mean that it is so much better than Windows. Everyone should ideally use Linux, is it perfect, no but there are currently no better alternatives.

[–] rostselmasch@lemmygrad.ml 1 points 1 year ago

It has the same possibility to serve data to others as the SMART function of your hard serve does, if you use it together with a monitoring system.This is telemetry. You still dont understand what telemetry is, dont you?

This means the machine has the ability to serve data to others, to the network, and to the admin collecting it

You can activate the function to collect specific data, which can be send to somewhere else, if you wanrt so. You decide what happens. I am getting mail reports about my OPNsense Firewall if something is not going well. This is also telemetry. Those drivers simply can give you the possibility to access data natively. You have a direct API and you can work with it. Its same for SMART. It is the same. Even the information the sensors on your computer are showing to you, are exposed through a driver. Look here. You have to load modules. This modules are getting data. Telemetry.

And to answer what you wrote first:

Telemetry is a way for machines to passively allow another to collect data. Any chance this can be exploited? Why have it if your intention is a sole user/admin of a single machine?

Telemtry is away to collect data. Those "another" can probably be youself. So whats about lm_sensors, does the average user need the information how the voltage is? Answer it for yourself.

And also not everyone is a sole user/admin of a single machine. Even as a developer I am depending on log files which can be collected, so this all is quite handy. You still dont have a point.

With the complexities of a self regulated system as systemd such abilities can't be controlled or audited by a user, but look at what most users of linux have.

Dont switch the topic. Tell me what is bad about lm_sensors and SMART.

For non-industrial use no telemetry is needed or should be allowed.

dmesg not allowed anymore? Try "ip a" or "ifconfig". Be ready to receive some collected data.

But you pick up on a detail of what the original post is aiming to state to discredit it on a technicality that is meaningless.

No. The claim that the Linux kernel is likely to send collected data to large companies is a huge accusation. This would have tremendous implications. Back then there was already an outcry with a Linux distribution because the internet connectivity was checked by a ping to 8.8.8.8. And now the Linux kernel is sending telemetry data to big companies? Do you understand what this would mean? And also rust. But the rust thing has alreary been pointes out by an other user.

The point is DO NOT let your anti-windows rhetoric blind and confuse users that this is an easy and safe alternative that provides security, privacy, and other goodies, when 99% choose windows that is just as automated and "user friendly" as windows.

Never used anti-windows rhetoric.

You tell me if your average linux user (especially those using gnome and plasma) know where, how, and why to disable kernel modules. Whether those modules are optionally disabled, enabled, included in the kernel, or awaiting someone to trigger them. Look at forums and boards, people mess up their boot-loader or fstab and their ms-win reaction is to format the disk and reinstall something like ubuntu.

Stop pretending that those modules are collecting and sending something. You clearly dont understand what you are talking about. This is not a problem, but you pretend to understand it and repeat it over and over again. Those modules are not doing something bad. If you dont like that data is collected, try to remove /var/log somehow. And also disable dmesg somehow.

There is nothing wrong with being wrong and you can ask. But you are stating things as facts that are absolutely not true. You are absolutely stubborn (sorry, I have to say that) about telemetry. You don't understand the difference between data that is sent to a company and data that is made available through an interface. Telemetry for you means that somehow data is collected and then sent to Microsoft. And because the module in Linux has the word "telemetry" in its name, it is the same for you. You also don't understand that all monitoring programmes use telemetry, even htop. gkrellm has the possibility to connect externally, that is already telemetry that is sent.

You are also wrong about rust. Supply chain attacks are indeed a problem. This applies to every programing language and there is only little you can do about. Who said, that the rust developer even use modules from random third party? Thats the point.

You can say "Ok, I am wrong with that all, but my point about security still applies, because everything is complex and systemd etc". But stop insist on things that are obviously wrong.

[–] Prologue7642@lemmygrad.ml 1 points 1 year ago (1 children)

I mean, sure, but that is true for literally every single info on your computer. If you can read data from these modules, you can read data from anything else. You can read entire memory, query your file system, do basically anything you want. At that point, the issue of whether someone can query the capabilities of your intel CPU is not something I would worry about.

[–] iriyan@lemmygrad.ml 0 points 1 year ago (1 children)

I can read from my machine, but I can only read from your machine in the same lan only if you have telemetry on. If I can read yours and this lan is on a wider net then "it is possible" that someone across the universe can as well.

[–] Prologue7642@lemmygrad.ml -1 points 1 year ago (1 children)

Again, no, you can't. All these modules do is provide options to read data from user space applications. That is it. No, it doesn't automatically provide your data to any machine on the LAN or anything like that. It just lets you have an application on your machine that reads those data, that is it.

[–] iriyan@lemmygrad.ml 1 points 1 year ago

The same machine reading its own data is not telemetry, or it would have been a severe violation of the use of the term. The ability of one machine to feed another with data is telemetry. As we all know those abilities can be manipulated by 3rd parties. It is also easier to manipulate something you have helped designed a specific weakness to exploit, which others may never find. How often was this discovered in FOSS in recent years?

The next ones to be discovered are already in effect.

load more comments (13 replies)
load more comments (13 replies)
load more comments (13 replies)