Announcement

Collapse
No announcement yet.

Canonical Developer Criticizes Linux Mint's Security

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by squirrl View Post
    Any operating system that presents me with a guest account to log into without a password is a comprimised system.
    I'd be interested in knowing why.

    Comment


    • #42
      Me too! XD

      I was thinking make a Ubuntu mate edition. Like the Linux mint mate edition, with the menu and taskbar on bottom, and compiz enabled by default. Called it Matebuntu. XD

      Comment


      • #43
        Originally posted by erendorn View Post
        Originally posted by squirrl
        Any operating system that presents me with a guest account to log into without a password is a comprimised system.
        I'd be interested in knowing why.
        Because it allows random people to anonymously perform far more actions than they can if not logged in, and there only needs to be one badly-thought-out interaction between two permitted actions to give them full access.

        Comment


        • #44
          Originally posted by hadrons123 View Post
          Mint is vulnerable -- Agreed. No doubt.
          Canonical is vulnerable too with kernel updates. They don't backport all the fixes done from kernel.org. Instead calling shots on Mint they should mind their own business of doing things right.
          Kamal Mostafa from Canonical is openly discussing Ubuntu Linux-3.8 stable tree on
          the kernel stable mailing list. They provide sources everyone can pick.

          They are doing their job.
          If derivative distros are not providing what it is known their upstream delivers, this attack against Mint was valuable transparency! Worth to know, thank you!

          Comment


          • #45
            Are you people for real?

            I'm looking through this thread and obviously there's waaaaaay too many Linux diehards in here. Are you people trying justify your delusions by saying that wikipedia has a long lasting bug that makes Canonical's Ubuntu more popular than your favorite distro? From the eyes of an outsider that joined Linux because of Ubuntu back in 2008, I have to wonder how you people are completely missing the point when it comes to marketing.

            Comment


            • #46
              Originally posted by prodigy_ View Post
              That's Canonical developers for you - only good at "developing" cheap PR. And their boss is their mentor.
              Lol, a couple of devs for one open source project complain about another set of devs of another open source project on a mailing list that about 5 people will see. PR, you keep saying that word, but I don't think it means what you think it means. Just a bunch of whiners whining about another bunch of whiners, while a bunch of whiners whine about it on the biggest whiner forum known to man.

              Comment


              • #47
                Originally posted by dh04000 View Post
                Lol, a couple of devs for one open source project complain about another set of devs of another open source project on a mailing list that about 5 people will see. PR, you keep saying that word, but I don't think it means what you think it means. Just a bunch of whiners whining about another bunch of whiners, while a bunch of whiners whine about it on the biggest whiner forum known to man.

                Originally posted by NothingMuchHereToSay View Post
                I'm looking through this thread and obviously there's waaaaaay too many Linux diehards in here. Are you people trying justify your delusions by saying that wikipedia has a long lasting bug that makes Canonical's Ubuntu more popular than your favorite distro? From the eyes of an outsider that joined Linux because of Ubuntu back in 2008, I have to wonder how you people are completely missing the point when it comes to marketing.

                Sadly, they are for real. Warped and twisted their minds have become. Everything they see is a plot or a conspiracy, or evidence to support their own bloated and diseased world view. Really, there is no news here, just FOSS dev complaining.

                Comment


                • #48
                  Its annoying once I mess up my posts, the edit limit takes away my ability to fix them.. :/

                  Comment


                  • #49
                    Here is the response from Mint

                    Hi Clem, can you look at this article http://www.phoronix.com/scan.php?pag...tem&px=MTUxNzY ? How serious is a Mint security problem from your point of view? Thakns for reply

                    Edit by Clem: We?re very happy with the filtering system (which you can configure if you?re not satisfied with the default settings). We explained why the Ubuntu update policy was not good enough for us and we consequently developed the update manager to solve that particular problem. That all happened in Linux Mint 3.1? in 2007. Do we need to explain it again in 2013, in the middle of an RC because somebody at Canonical doesn?t understand it? No, filtering doesn?t work the way that dev thinks. No, Firefox doesn?t come to you later in Mint than it does in Ubuntu (it?s a level 2 update). Yes, by default you get updates in Ubuntu for kernels and Xorg and not in Mint. Yes, there?s a very good reason for that.

                    Comment


                    • #50
                      Mint doesn't "disable" updates per se, they simply categorize updates in 5 levels, from 1 to 5. Each update is given a level from 1-5. Updates that are levels 1-3 are shown by default, and suggested to be installed (the checkbox comes pre-checked). Updates that are ranked at levels 4-5 are not shown by default, and when shown are not suggested to be installed (checkbox comes unchecked).

                      All of this behaviour is user-configurable, if you want ALL THE UPDATES (all of them) then all you have to do is go to the update settings and set all update levels to be updated by default.

                      This is to say, no updates get installed automatically in Mint. All updates require root perm?ssions (unlike in Ubuntu) to be installed (but you only have to enter the password once per session, which is a much more intelligent way of doing it than the Ubuntu way of not requiring a password at all). So the only difference between the levels is, which updates the installer suggests that you should install, that's all.

                      The reason for dividing updates to levels is that some updates have been known to cause instability in the system, so in Mint it is thought to leave it up to the discretion of the user whether to accept those updates and when. There aren't often any urgent security updates in the level 4-5 updates, almost all of them seem to be marked as "low urgency" when they come from Canonical, and relatively few of them contain actual security updates.

                      Comment

                      Working...
                      X