I don't give a fuck of any of the bullshit that I'm reading. The only thing I know is that my server in production with Ubuntu 12.04 got fucked up from this Linux kernel exploit once an hacker got into a shitty Joomla installation: http://blog.zx2c4.com/749
Announcement
Collapse
No announcement yet.
Canonical Developer Criticizes Linux Mint's Security
Collapse
X
-
Originally posted by FLHerne View PostBecause it allows random people to anonymously perform far more actions than they can if not logged in, and there only needs to be one badly-thought-out interaction between two permitted actions to give them full access.
Also, there only need one security breach in your browser for allowing remote code execution, so by that reasoning, any system with a browser is a compromised system.
Comment
-
Originally posted by Goddard View PostSaying DistroWatch is a bad source is just like when my teachers would say Wikipedia is a bad source. It always felt like a discrediting statement especially when I would write papers sourcing the material, but say it came from an encyclopedia. In other words it may not be as good as getting a piece of software on every single Linux system reporting which distro they are using, but it is as good as it gets.
Originally posted by prodigy_ View PostYes, it's a pure coincidence that the most popular distros are on top of the list.
On the Mint issue, with information I've found on this thread I changed my mind. I thought this was a serious problem in general, because it sounds like they don't dispatch the updates, not like they are optional. If the user knows what he/she's doing, Mint is as secure as their upstream, Ubuntu, is. It is not so moron friendly as Ubuntu, though, having the user to think about the updates.
Comment
-
Originally posted by NothingMuchHereToSay View PostI'm looking through this thread and obviously there's waaaaaay too many Linux diehards in here. Are you people trying justify your delusions by saying that wikipedia has a long lasting bug that makes Canonical's Ubuntu more popular than your favorite distro? From the eyes of an outsider that joined Linux because of Ubuntu back in 2008, I have to wonder how you people are completely missing the point when it comes to marketing.
Because that's what those WP stats say, and your dismissal is based on the premise that they're accurate.
Comment
-
Originally posted by Pajn View PostUbuntu requires super user permissions to install updates. Ubuntu doesn't have a root account by default.
Do you mean you need root permissions? If so: Are you required to enter your root password? Or is there no password at all? Or do you have root privileges all the time? If you say no to the first and/or yes to the second/third question Ubuntu is a very insecure distro.
BTW: All that questions are serious, I never used Ubuntu for myself.
Comment
-
Originally posted by FLHerne View PostAre you suggesting that Ubuntu really has 50x more users than any other distro, and that twice as many people use tiny distros than the combined userbases of all well-known distros including Ubuntu?
Because that's what those WP stats say, and your dismissal is based on the premise that they're accurate.
I think Wikimedia can accurately detect Ubuntu. They probably cannot accurately detect other distros besides Android, and those hide in the "Linux Other", which lumps together the various desktop and mobile distros. Let's make an uneducated guess that there is a 50/50 split between desktop (ChromeOS etc.) and mobile (Maemo/Meego, WebOS, OpenEmbedded etc.) in "Linux Other". This means that Ubuntu has maybe 50% share of the desktop market, which kind of agrees with other available numbers.
For the cloud market, on Amazon EC2, we have Ubuntu at around 52% share, along with a generic 25% "Linux" lump: http://thecloudmarket.com/stats#/totals
An older survey was done as part of Linux.conf.au 2010, a conference for Linux professionals, and it showed Ubuntu at 69.3%, twice as much as the next distro Debian, which was used by 35.5% (multiple distros could be named by respondents).
I think it is plausible that Ubuntu runs on more than half and less than two thirds of all non-mobile Linux computers. Not 50x more share for sure.
Comment
-
Originally posted by TAXI View PostAre you required to enter your root password? Or is there no password at all? Or do you have root privileges all the time? If you say no to the first and/or yes to the second/third question Ubuntu is a very insecure distro.
There is no password for the root account set by default. Before you can use the root account, you need to set a password (but it is not necessary as described above).
Comment
-
Apparmor is still in repo, you will notice this if you are USING it
Originally posted by monraaf View PostThe update defaults in Mint made me leery. Finding that they remove AppArmor for no good reason meant it was not going to be my main OS.
Mint favors useability/appearance over everything. Not that I fault them but it shouldn't surprise anyone that Mint isn't an Enterprise OS.
Ubuntu on the other hand claims to be an Enterprise OS and doesn't backport all security patches. Care to explain this Mr. Shuttleworth?
Mint does not claim to be a specialized security distro, Tails it is not and need not be. Webservers are another specialized use, requiring maximum security. Since Mint differs from Ubuntu mostly in the DE, why would anyone need a "mintserver" installer anyway?
Comment
-
Originally posted by Mike Frett View PostThe truth is, if you are using anything other than a main distro and are focused on security; you're using the wrong distro. Things like Mint are for experimentation and hobby purposes.
It might be a good idea to point Ubuntu -> Mint changers to this difference in default setting (so they can decide how conservative they want to be), but thats all, why this whole drama about it?
...And WTF took that Canonical guy to pretend that Mint (not talking about LMDE by the way) does not get Browser updates at the same time as Ubuntu
Comment
Comment