> It quotes the author of systemd to prove that the claim is made, but it does not give a link or say from where the quote was taken (so we don’t know the context or age of it, i.e. we don’t know it is still relevant).

I'm critical of the article also, but they in fact did. If you click the "Forward Secure Sealing (FSS)" it takes you to a G+ page with the quote on it from Lennart Poettering on Aug 20, 2012.

It was not stated that that was the source of the quote, and the link was not given anywhere near the quote, but I guess you are right that there was a link…

So this quote is from Aug 20, 2012. Has Lennart’s opinion of this changed during the more than two years that have passed since? Does the documentation of systemd make this guarantee? Did the documentation ever make the claim that FSS is an complete replacement for remote logging?

Now that I think about it, and have the context of the quote, I think that I (and the blog post author) maybe misunderstood Lennart. FSS is not a complete replacement for remote logging, but: Among other things, remote logging used to be the only way to get immutable logs. If this was your only reason for using remote logging, then FSS is a viable replacement.

EDIT: Now that I can actually read what Andrew Wyatt wrote and how he wrote it, I can see why he was blocked. He was condescending and vague on details, and (according to Lennart) Andrew had a habit of doing that. The comments to the blog post actually cover what I wrote in my previous paragraph, so there is no excuse to dig this up now, two years later, and deliberately misunderstand it in order to gain points with the systemd haters. This is FUD.

I found the comments from Andrew Wyatt - They're on the same G+ page linked in the article actually (Though it would be nice if the article pointed this out). Here's a full copy of the relevant comments:

Andrew Wyatt:

> Sigh.

Lennart Poettering:

> +Andrew Wyatt Sigh?

Andrew Wyatt:

> +Lennart Poettering I'm not going to waste my time explaining why.

Lennart Poettering:

> +Andrew Wyatt cool, then what you doing is not helpful, and just noise, and hence waste of time, and hence why do you post this at all? You are contradicting yourself there...

Andrew Wyatt:

> +Lennart Poettering I forgot that this wasn't a free internet, forgive me for sighing in public about something that doesn't really solve the problem that it aims to solve.

> One of the principle reasons to ship logs is not just to protect and preserve them, but to remove the control of the logs from the administrators of the systems - as sometimes the attack happens from the inside.

Lennart Poettering:

> +Andrew Wyatt Cool, I'll translate this for everybody else: +Andrew Wyatt has no clue what he is talking of, but is full of negativity, hence tries to spread FUD, and be as unspecific as possible, making wild claims he makes up of thin air, to just make this negativity stick.

Lennart Poettering:

> +Andrew Wyatt I never claimed that FSS tries to solve the problem of attacks from the inside. That is a fundamentally hard problem, since it is entirely against the protection model of Unix: the admin is in power, and this gives him the power to stay in power. If you want to fix that problem then an external log server won't help you at all. You need to change Unix from the ground up, and not just that as the untrusted admin problem is primarily a social problem that you can only do so much about solving technically.

Andrew Wyatt:

> +Lennart Poettering it is actually a pretty easy problem to solve, I should know as someone who has solved it. Log syslogd events including starts and stops, and ship every log message to a server or cluster of servers that administrators don't control. A good forensics auditor would know who was on the server when the syslog kill event occured, and if the nodes are configured right - at least some of the steps executed prior to.

Lennart Poettering:

> In case anybody wonders, I have blocked +Andrew Wyatt now. If people get personal I am more than happy to remove their comments, and ultimately block them.

So, in one fell swoop, Poettring demonstrates both his own immaturity as well as a practical example of not having an external log server--had that been the case, the comments couldnt've been deleted by a "disgruntled admin" (Poettering). :)

Why the hell would you trust a software community with this guy? He doesn't seem reasonable at all.

Granted, Andrew Wyatt was acting immature as well, but his last response was decently reasonable and seemed like a fair point. I could have understood ignoring him, but the fact that Lennart was clearly provoking him isn't what I'd want to see from a project leader. That's simply not a way to treat people who seem to have legitimate gripes. I could understanding calling him out for his 'Sigh' comment, but I don't understand claiming he has no idea what he's talking about and is just spreading FUD and 'making wild claims up out of thin air' after he explains his point. That comment was simply completely unnecessary and just Lennart being angry.

If Andrew did keep acting like he was at the beginning and Lennart answered all his questions/complaints, then I could understand either blocking him or discontinuing the conversation. But the fact that Lennart either never responded or removed all the responses after that is disconcerting, and honestly just annoying. If he had just answered it and left the responses up then most complaints would be gone and this article wouldn't even exist.

The last reply claims they removed some comments, so we don't really know what got said between those two posts (the last two). Maybe nothing, maybe something.

I've updated the article with a link, it's the same link as at the top of my blog post but originally it may not have been clear where I got this quote from.