Systemd in Embedded Systems: Don’t Listen to the Hatemob

systemd, the (init?) system that everyone loves to hate, needs no introduction. It’s pretty ubiquitous today — to the point where you can find it, for example, in Yocto.

When it comes to its use in embedded systems, the (vocal) community response is either that it’s too bloated, or that it’s probably a fringe case where systemd is actually useful because it can speed up booting. Since the notorious optimum-in-the-middle — rule 8 in my favourite set of rules ever — is pretty hard to figure out in the climate of systemd-related online discussions, I figured I’d offer my non-flamebait take on the topic.

Fresh out of the oven, from someone who really does work on embedded systems — some of them systemd-infenabled.

Continue reading Systemd in Embedded Systems: Don’t Listen to the Hatemob

Lessons From the apt Remote Code Execution Vulnerability

Well, it’s happened before, so it was bound to happen again: a remote code execution bug was found in APT. And it’s particularly interesting in the context of an age-old debate that has been dragging on in Debian-related circles about the use of HTTPS – a question that has been asked often enough that the answer has its own website now.

How bad was it? What is there to learn from this? And what does it tell us about the importance of HTTPS in package management security?

Continue reading Lessons From the apt Remote Code Execution Vulnerability