it may be the current political climate of the country I’m living it, but kernel level remote access makes me feel inherently less secure. Don’t get me wrong, I never intend to give up my dumb terminal as my only way to use my computer either.
Sure. It risks introducing vulnerabilities. It needs to be implemented very carefully. I think a built in version, with security in mind, is a lower risk than relying on users to implement their own solution, and risk them picking the wrong one or setting it up incorrectly.
Every user convenience introduces vulnerabilities. The users are the weakest link in every system. It’s a balancing act, and one I don’t think Linux has ever balanced well for usability. But server core has shown there’s no reason for the service to be on by default. There’s much more dangerous Linux features that are switched on by default configs, like root logins and password authentication, so let’s not pretend Linux has ever taken a hard line on this.
I wasn’t trying for any ‘gotcha’ moment or anything, my paranoia is just particularly high these days. I apologize if my open rambling about my personal distrusts has caused you undue stress.
Odd, I specifically find the concept of this disturbing.
Yeah, I know suggesting UI and user experience improvements spooks Linux diehards.
it may be the current political climate of the country I’m living it, but kernel level remote access makes me feel inherently less secure. Don’t get me wrong, I never intend to give up my dumb terminal as my only way to use my computer either.
Sure. It risks introducing vulnerabilities. It needs to be implemented very carefully. I think a built in version, with security in mind, is a lower risk than relying on users to implement their own solution, and risk them picking the wrong one or setting it up incorrectly.
Every user convenience introduces vulnerabilities. The users are the weakest link in every system. It’s a balancing act, and one I don’t think Linux has ever balanced well for usability. But server core has shown there’s no reason for the service to be on by default. There’s much more dangerous Linux features that are switched on by default configs, like root logins and password authentication, so let’s not pretend Linux has ever taken a hard line on this.
I wasn’t trying for any ‘gotcha’ moment or anything, my paranoia is just particularly high these days. I apologize if my open rambling about my personal distrusts has caused you undue stress.
I’m looking through my comment, and I can’t imagine what you would interpret as undue stress or emotion.