Announcement

Collapse
No announcement yet.

Canonical Extending Ubuntu 14.04/16.04 LTS Support To Ten Years

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Canonical Extending Ubuntu 14.04/16.04 LTS Support To Ten Years

    Phoronix: Canonical Extending Ubuntu 14.04/16.04 LTS Support To Ten Years

    Canonical is announcing this morning they are extending the Ubuntu 14.04 LTS "Trusty Tahr" and Ubuntu 16.04 LTS "Xenial Xerus" releases to a ten year lifespan...

    https://www.phoronix.com/scan.php?pa...6.04-Ten-Years

  • #2
    I am not sure that very long support (>6 years) is really a good idea. Most software aren't supported for that long, and Canonical can't do all the work themselves to maintain all their packages. They can't either update to newer versions, since they have modern dependencies. That means that these LTS will end up with numerous unmaintained software that may have security issues. Also, keeping very old software running can cause compatibility issues with newer systems. Having long term support to prevent too frequent updates is good, but there is a limit. Customers should update their software rather than relying on extended support.

    Comment


    • #3
      This is for industrial manufacturing machines, places where they are on the network so they need security but they are not updating anything unless they have to. Yes a lot of the packages will be old but they don't care, they need the machine to just run. This is not for general users who are playing games and surfing the web unless they are the "I don't want anything to change on my computer, ever." people. You could try and help them but they will just yell at you to get off of their lawn.

      Comment


      • #4
        In many industrial situations, ppl still use Windows XP/2000/NT. I think that is reasonable to believe we have many old Debians/Ubuntus/RHs in the wild that are in the same situation: it just works, and the computers doesn't need to be connected to the internet. Why would you upgrade them?

        Comment


        • #5
          Originally posted by evasb View Post
          Why would you upgrade them?
          yes, why ?

          https://www.theverge.com/2017/5/14/1...ry-cyberattack

          Comment


          • #6
            spirit
            That example is for machines that were internet facing, yet the person you quoted was making the point that old machines could simply not be connected to the web.

            Either you didn't read or you didn't understand.

            Comment


            • #7
              Originally posted by spirit View Post
              Those were connected to the internet and were the target of state sponsored hacking...North Korea in that case... Both staying as up to date as possible and keeping off the internet unless necessary are rather moot when state-level agencies are after your data.

              Random hackers and viruses? Sure.
              Hacker Agencies operating out of America, Russia, China, North Korea, Germany?

              This is for mostly off-line systems and, like any other OS, is still gonna be vulnerable to the NSA or North Korea (especially if they have boots on the ground).
              Last edited by skeevy420; 21 September 2021, 09:26 AM.

              Comment


              • #8
                Originally posted by dh04000 View Post
                spirit
                That example is for machines that were internet facing, yet the person you quoted was making the point that old machines could simply not be connected to the web.

                Either you didn't read or you didn't understand.
                I mean, It's ok for machines without any network connection (no local network connection, not only internet), or even usb port (hello stuxnet)
                I don't known if they are this kind of machines in industry without any local network remote monitoring for example.

                Comment


                • #9
                  Agreed with ALRBP. Even a period of 5 years of so-called LTS is BS for the vast majority of projects out there (for simple resource reasons), so this is a step in the wrong direction... It can only give an illusion of security to technically illiterate management, marketing and financial types, and that's dangerous. For most use cases, if security were actually a priority, a much higher rate of change would be embraced.

                  Comment


                  • #10
                    Originally posted by ALRBP View Post
                    I am not sure that very long support (>6 years) is really a good idea. Most software aren't supported for that long, and Canonical can't do all the work themselves to maintain all their packages. They can't either update to newer versions, since they have modern dependencies. That means that these LTS will end up with numerous unmaintained software that may have security issues.
                    Red Hat and Suse both already do this without a problem and they backport fixes instead of rebasing to newer versions. So Canonical is at a competitive disadvantage if they don't.

                    https://access.redhat.com/support/policy/updates/errata

                    https://www.suse.com/lifecycle/

                    Comment

                    Working...
                    X