Are there blobs in antiX and what can be done about it?
antiX / MX LinuxThis forum is for the discussion of antiX and MX Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Let's say you make an exception and you include one non-free driver. But you do it in a virtual machine. Can it change the CPU microcode and affect all virtual machines and the host?
I don't think we thought to ask but what hardware are you giving up? Even on laptops you can sometimes switch hardware if there's not a free one available; If you'd worry about the Bios being free you may need to remove the chip and flash it.
Anyone know what they call spy hardware, embedded in your system from whatever shady offices of the world or is it still just plain old spyware? Using one right now...
Not giving up any hardware yet. I was concerned your script might have a fixed set of packages that it knows to be nonfree and removes them. But it seems that instead you get the list of what to remove with an invocation of apt and then remove them one by one with other invocations of apt. How do we know this list produced automatically is really the complete list of packages that have blobs? What's to stop spooks from forcing debian to include a blob in an update without telling you the updated package is now nonfree?
No because LFS is about teaching, not a production distro. I wonder why no one is promoting a production distro that is fully built from the sources automatically.
Not giving up any hardware yet. I was concerned your script might have a fixed set of packages that it knows to be nonfree and removes them.
That is how you would do it, yes.
Quote:
But it seems that instead you get the list of what to remove with an invocation of apt and then remove them one by one with other invocations of apt.
That is another example of roughly the same thing, done slightly differently.
Quote:
How do we know this list produced automatically is really the complete list of packages that have blobs?
That's how these things are typically done.
Quote:
What's to stop spooks from forcing debian to include a blob in an update without telling you the updated package is now nonfree?
Speaking in the long run? Deterministic builds.
As someone else mentioned, the only other way to be sure is to build all the binaries yourself.
But that has two flaws-- one, it doesn't address hardware problems. I don't mean driver issues, I mean if your goal is to be as spook-free as humanly possible, you have to delve into hardware issues regardless of drivers (stuff like ME and CPU vulnerabilities.)
For that, there really isn't a distro-- just ongoing research and paying attention to Black Hat conferences, etc.
Removing non-free software and non-free drivers is a great start, but you also probably have hardware with its own operating system on-board to worry about. Such as your CPU running Minix.
The other issue is that even free software can have what's called "bug doors." Linus Torvalds has talked about those.
They are all pretending to be open source and the exceptions that seriously try to eliminate blobs do the building themselves. Instead, I was talking about the end user having the option of automatically building everything at installation time, not following complex instructions but just waiting however long it takes.
Freemedia, where do I download the antix or devuan version of your script?
Let me help you here. First, I've made this script before. It works-- it produces a bootable iso that is modified from the original version of antiX. I've used it to do things like replace systemd in Trisquel with Upstart, even in the Live version. I've used it on several distros including antiX. Look what it says on the left <- for "Distribution".
Using it to do exactly what you want was a goal at one point, but to give you a script to download I would have to spend at least a day or two (not all of a day) updating that work to do what you want.
I've joined the forums and I may well work on that anyway.
With that said, it doesn't sound like you're going to be happy with anything-- not even LFS. That doesn't mean I refuse to work on this, rather it means that I want to be sure what you want before I take the time to do this in a hurry. It's likely I will work on it either way, but I want to be sure what your needs are before I make it my top priority-- you know? A lot of people here have asked some good questions, and I'm not sure even you know exactly what you're looking for. But I'm still watching the thread with interest. Keep in touch, don't be a stranger. You'll find me here or the antiX forums if you need me.
Last edited by freemedia2018; 11-22-2019 at 11:36 PM.
I was talking about the end user having the option of automatically building everything at installation time, not following complex instructions but just waiting however long it takes.
There are automated LFS derivatives that do that. What you install is basically a script and it downloads source code and builds your system. I think Arya Linux works like that.
Freemedia, definitely do NOT make it a priority, it is only a convenience as far as I can tell, one can always follow the instructions in this thread and come back here for help if they get stuck.
Make one thing clear. Is the blob-free antix we are talking about as secure and privacy respecting as devuan or more? Antix's ability to run on older hardware is an attractive feature when you want it for both the host and guests in virtualization, as low ram and cpu usage are greatly appreciated when you run lots of VM's. Also the stability of a debian derivative like antix is attractive. But my core motivation in this thread is security and privacy. Without sacrificing ease of use.
Antix is also attractive because it is perceived as a people's distro, as opposed to a corporation-serving one. But then I have no idea who finances its development and decides things. Who does?
Antix is also attractive because it is perceived as a people's distro, as opposed to a corporation-serving one. But then I have no idea who finances its development and decides things. Who is?
As far as I know, "anticapitalista" makes the final decisions, but cedes to trusted volunteers, if that tells you anything.
I am going to guess that antiX and Devuan are on similar levels in terms of being secure. I would take the one that has non-free binaries removed over the one that doesn't. Neither remove those by default.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.