[–] Voopin__Voopin 0 points 1 point 1 point (+1|-0) ago (edited ago)
Good article. From a linux noob perspective, it looks like i could get debian, or a derivative, and then put cinnamon on it and be more secure. The article says mint blacklists updates or apps or some shit because they arent compatable with mint, but that they are compatable and secure when installed in debian or ubuntu.
What my actual question is, is what is GNOME? i see the term a lot, but have no idea what it is. Would that be the reason to install mint instead of debian + cinnamon?
[–] 4390089? 0 points 1 point 1 point (+1|-0) ago
Being a professional developer means admitting that your code sucks. It is the only way to develop better code.
Your web site hacked does not mean that your Linux is bad, but it indeed does expose a problem in the quality of the code. Who is going to check that your source code is not compromised now? They have the passwords of the forum, who know that the developer uses the same login name and password to the release builds servers?
[–] CatInTheHat 0 points 1 point 1 point (+1|-0) ago
That's a pretty common problem with most distros and open source projects, especially hobby and smaller projects.
[–] HoocOtt 0 points 4 points 4 points (+4|-0) ago
The actual security issues seem pretty minor to me. Namely the switching of the isos and the forum info. First with the iso it was caught very quickly and you should be checking the checksum anyway. Second the forums seems minor as well. What personal info do people put on their forum account? If it is any you should rethink how you interact with social media in general.
One thing I think is going on is Mint has accrued lots of enemies. By just being successful all the other distros (and thier advocates and user basees) are of course envious. Specifically mint is eating Ubuntu's lunch. Also I am sure them forking gnome and lots of gnome applications with cinnamon has made more then a few enemies. Then there is the elephant in the room Microsoft windows 10. Lots of businesses and consumers are taking a good hard look at linux and any faltering of any distribution will be latched on by the Microsoft mafia.
I think there are more then a few people and articles which when they saw weakness they took out the long knives and started flinging shit.
This hit peice i think is one of those such articles.
The red hand of guilt can be found with this:
Linux Mint has the somewhat peculiar design decision of not updating the kernel using the graphical update manager.
This is not a security problem but a criticism of the distribution's desktop. Plenty of distros update the kernel from the command line.
The fact this is snuck in there is telling in regards to the writers motivation for why he wrote this hit piece.
[–] CatInTheHat 0 points 1 point 1 point (+1|-0) ago
Not updating the kernel from the graphic interface could be a security issue for non technical savy users that mint attracts. If these no savy users don't get a kernel update ever that leaves those users open to vulnerabilities in old kernels. The GUI updater should probably update after whatever amount of time and testing is needed to make sure it doesn't break everything. I have never used mint so I might be completely off base with how their updaters work.
[–] DownloadedYourCar 0 points 2 points 2 points (+2|-0) ago (edited ago)
If you set it to do level 1-5 updates, which I as a novice several years ago was able to figure out fairly easily, is just allowing the same updates as Ubuntu but with out the kernel updates, but the kernel headers still come through to inform you that a new kernel is available.
From there you just click on "Linux Kernels" in the Update Manager and it gives you an easy to understand list of kernels, indicating which ones are installed & which one is loaded. Then you just click on the new one you want and click install. Not as simple as Ubuntu which just does it all at once, but it's not a cryptic thing to do.
If these no savy users don't get a kernel update ever that leaves those users open to vulnerabilities in old kernels.
True, it's not ideal.
[–] eldorann ago
TLDR;
When can we download current ISOs?