Ultimately, the problem is much bigger than /etc/machine-id since there are dozens of hardware IDs on any PC that can be used by malicious telemetry to silently to uniquely identify and track you, and the only solution to this problem currently is to make sure you really trust any software you use.
Systemd, in particular, acts a lot like malware for Linux because if you try to reset your machine-id a long list of stuff that breaks in in it. You could make a cron script to reset /etc/machine-id every day, but machine-id is so deep in the stack that you’d also have to reboot to ensure it’s updated.


I’ve read enough mailing lists and issue trackers to know that they are far more complex than they look on the surface, so I definitely won’t claim authority about them.
Take this one that I found recently: https://bugzilla.mozilla.org/show_bug.cgi?id=1618257
It’s a bug report about Firefox’s favicon cache. They started looking into it, but found out that if they fix this bug, it creates fingerprinting risk, so they have to address that as well. And so the issue gets stuck in limbo for like 10 years, and is still open till today.
Regarding systemd, it had to be built on top of the existing architecture, and more importantly, had to appeal to the Linux community to be adopted, so it couldn’t change too much. I assume they have their reasons for depending on machine-id. It might not even be a direct dependency. Maybe it allowed easier adoption by the big players.
I don’t know, and honestly, I don’t really care about digging into every single fingerprinting vector (of which there are probably tons more), when I can just use containers. And while using containers might feel like a hack or workaround, if we look at Flatpak, it seems like containers are becoming the framework for app isolation on Linux, similar to what already exists on Android. So it may very well become the official solution to privacy and security on Linux.
My point is that systemd did not have to be built at all. It’s an abomination that goes directly against the original philosophy of Linux creating a monolithic monstrosity to replace individual and composable programs that used to be the way init works. Now, everything is tied to it and it’s become like a cancer in a linux system that’s inoperable. The whole system-id problem is just one example of why this is a terrible design.
amen and try sharing this view on c/linux or c/privacy. lol
i struggle to understand why both communities are such fervent systemd and proton supporters when other similar communities on other lemmy instances aren’t.
Yeah, I have a hard time understanding the justification for systemd. The only real argument I’ve seen is that it standardizes the process, but that could’ve been done as a spec where you define a common config format, lifecycle, etc., and then keep the actual utilities decoupled from each other, but behaving in a uniform way.
After reading through this whole comment thread, reading this was the last straw. I’ve been planning my exodus for a while.
Soon, I shall say “I use Artix, btw”.