Originally posted by dee.
View Post
Announcement
Collapse
No announcement yet.
Canonical Developer Criticizes Linux Mint's Security
Collapse
X
-
-
Originally posted by Goddard View PostSaying DistroWatch is a bad source is just like when my teachers would say Wikipedia is a bad source. It always felt like a discrediting statement especially when I would write papers sourcing the material, but say it came from an encyclopedia. In other words it may not be as good as getting a piece of software on every single Linux system reporting which distro they are using, but it is as good as it gets.
Originally posted by prodigy_ View PostYes, it's a pure coincidence that the most popular distros are on top of the list.
On the Mint issue, with information I've found on this thread I changed my mind. I thought this was a serious problem in general, because it sounds like they don't dispatch the updates, not like they are optional. If the user knows what he/she's doing, Mint is as secure as their upstream, Ubuntu, is. It is not so moron friendly as Ubuntu, though, having the user to think about the updates.
Leave a comment:
-
Originally posted by FLHerne View PostBecause it allows random people to anonymously perform far more actions than they can if not logged in, and there only needs to be one badly-thought-out interaction between two permitted actions to give them full access.
Also, there only need one security breach in your browser for allowing remote code execution, so by that reasoning, any system with a browser is a compromised system.
Leave a comment:
-
I don't give a fuck of any of the bullshit that I'm reading. The only thing I know is that my server in production with Ubuntu 12.04 got fucked up from this Linux kernel exploit once an hacker got into a shitty Joomla installation: http://blog.zx2c4.com/749
Leave a comment:
-
Mint doesn't "disable" updates per se, they simply categorize updates in 5 levels, from 1 to 5. Each update is given a level from 1-5. Updates that are levels 1-3 are shown by default, and suggested to be installed (the checkbox comes pre-checked). Updates that are ranked at levels 4-5 are not shown by default, and when shown are not suggested to be installed (checkbox comes unchecked).
All of this behaviour is user-configurable, if you want ALL THE UPDATES (all of them) then all you have to do is go to the update settings and set all update levels to be updated by default.
This is to say, no updates get installed automatically in Mint. All updates require root perm?ssions (unlike in Ubuntu) to be installed (but you only have to enter the password once per session, which is a much more intelligent way of doing it than the Ubuntu way of not requiring a password at all). So the only difference between the levels is, which updates the installer suggests that you should install, that's all.
The reason for dividing updates to levels is that some updates have been known to cause instability in the system, so in Mint it is thought to leave it up to the discretion of the user whether to accept those updates and when. There aren't often any urgent security updates in the level 4-5 updates, almost all of them seem to be marked as "low urgency" when they come from Canonical, and relatively few of them contain actual security updates.
Leave a comment:
-
Here is the response from Mint
Hi Clem, can you look at this article http://www.phoronix.com/scan.php?pag...tem&px=MTUxNzY ? How serious is a Mint security problem from your point of view? Thakns for reply
Edit by Clem: We?re very happy with the filtering system (which you can configure if you?re not satisfied with the default settings). We explained why the Ubuntu update policy was not good enough for us and we consequently developed the update manager to solve that particular problem. That all happened in Linux Mint 3.1? in 2007. Do we need to explain it again in 2013, in the middle of an RC because somebody at Canonical doesn?t understand it? No, filtering doesn?t work the way that dev thinks. No, Firefox doesn?t come to you later in Mint than it does in Ubuntu (it?s a level 2 update). Yes, by default you get updates in Ubuntu for kernels and Xorg and not in Mint. Yes, there?s a very good reason for that.
Leave a comment:
-
Its annoying once I mess up my posts, the edit limit takes away my ability to fix them.. :/
Leave a comment:
-
Originally posted by dh04000 View PostLol, a couple of devs for one open source project complain about another set of devs of another open source project on a mailing list that about 5 people will see. PR, you keep saying that word, but I don't think it means what you think it means. Just a bunch of whiners whining about another bunch of whiners, while a bunch of whiners whine about it on the biggest whiner forum known to man.
Originally posted by NothingMuchHereToSay View PostI'm looking through this thread and obviously there's waaaaaay too many Linux diehards in here. Are you people trying justify your delusions by saying that wikipedia has a long lasting bug that makes Canonical's Ubuntu more popular than your favorite distro? From the eyes of an outsider that joined Linux because of Ubuntu back in 2008, I have to wonder how you people are completely missing the point when it comes to marketing.
Sadly, they are for real. Warped and twisted their minds have become. Everything they see is a plot or a conspiracy, or evidence to support their own bloated and diseased world view. Really, there is no news here, just FOSS dev complaining.
Leave a comment:
-
Originally posted by prodigy_ View PostThat's Canonical developers for you - only good at "developing" cheap PR. And their boss is their mentor.
Leave a comment:
-
Are you people for real?
I'm looking through this thread and obviously there's waaaaaay too many Linux diehards in here. Are you people trying justify your delusions by saying that wikipedia has a long lasting bug that makes Canonical's Ubuntu more popular than your favorite distro? From the eyes of an outsider that joined Linux because of Ubuntu back in 2008, I have to wonder how you people are completely missing the point when it comes to marketing.
Leave a comment:
Leave a comment: