Page 1 of 1

Thanks Clem (and helpers)

Posted: Sat Sep 01, 2012 8:38 am
by anon_user
After becoming very concerned by the direction of Ubuntu and distro hoping for a while, I found a solution to my needs in LMDE. I still had to do some tinkering, but it was a much better starting point.

I just wanted to say that I noticed a few changes, including changes in the dependency tree.I am not sure if this was all the devs here or if some of it was upstream, but these changes were noticed and appreciated.


I am still feeling my way through this most recent installation. According to synaptic systemd is not installed in LMDE by default? Personally I think it is better if it is not. For the average user it probably speeds up boot time without a whole lot of difference to their security. Personally however, I want control over my daemons and do not care if it takes a few more seconds to boot. Normally I just use DE level settings and the terminal to control my daemons, but I have been getting increasingly security conscious after recent events. I personally do not like the idea of daemons 'calling home' before I my DE even loads. Most people do not go and manually edit their config files like I do or set up firewalls behind routers, but those who do probably want the extra control more than they want a faster boot time.

I am probably not a typical user. I go out of my way to make sure Avahi, remote login, even things like ntp are all disabled until I call on them. As a blogger and activist and privacy advocate, I need to take additional precautions against malicious activity. I include government and corporate spying to be part of healthy civilian threat model. I do not run a server or have any user for remote login, so I just assume negate these vulnerabilities rather than secure them.

I recently tried out Ubuntu-Main just to see for myself after noticing some unwanted changes in some other Ubuntu offshoots downstream....I was a little shocked to see features included like 'Allow remote users to control my desktop' and even commercial services that are paid to take root access of your machine. :( Stuff like that should not be 'one-click', and that level of user logging should not be something you have to opt OUT of. Even Google says that some of the default settings are security threats and are blacklisted in Gobuntu, though it would not surprise me if they benefited from some of the user logging.

I am very glad that LMDE exists. It makes debian more accessible to new users, but without dumbing down the interface and hiding advanced options like Ubuntu is doing in Unity. I hope the project can continue as it has been. My biggest concern is that when distros get big they are increasingly influenced by corporate interests. Getting paid for adds and searches is pretty benign and unobtrusive, but beyond that it is important to feel confident that your distro maintainer is looking out for your privacy and security. So far I feel pretty good about LMDE.