Forgot your password?
typodupeerror
Ubuntu Linux

Canonical Developer Warns About Banking With Linux Mint 206

Posted by samzenpus
from the family-fight dept.
sfcrazy writes "Ubuntu developer Oliver Grawert does not prefer to do online banking with Linux Mint. In the official mailing list of the distribution, Ubuntu developers stated that the popular Ubuntu derivative is a vulnerable system and people shouldn't go for online banking on it. One of the Ubuntu developers, Oliver Grawert, originally pointed out that it is not necessary that security updates from Ubuntu get down to Linux Mint users since changes from X.Org, the kernel, Firefox, the boot-loader, and other core components are blocked from being automatically upgraded." Clement Lefebvre, the Linux Mint project founder, has since made a statement and confirmed that Oliver Grawert seems "more opinionated than knowledgeable" adding "the press blew what he said out of proportion."
This discussion has been archived. No new comments can be posted.

Canonical Developer Warns About Banking With Linux Mint

Comments Filter:
  • by X0563511 (793323) on Monday November 18, 2013 @06:31PM (#45458587) Homepage Journal

    Nice job Oliver - we really needed more ammunition in the Everyone vs Canonical battle.

    • Re: (Score:3, Funny)

      by Anonymous Coward

      Reminds me of the http://xkcd.com/435/ [xkcd.com] but wtih plain vanilla Debian instead of Mathemeticians.

    • by Eggplant62 (120514) on Monday November 18, 2013 @07:05PM (#45458867)

      This is the stupidest thing I've ever read. Not only is it a blow to Mint, but to free software in general. I just got done crowing to friends that Linux isn't full of NSA backdoors, and then this pops up on newsfeed. Sheiss.

      I suppose our developer doesn't understand that one can go with slightly more intelligent tools, like apt-get on the CLI, to get those packages upgraded? If so, he's no developer I'd give a shit about.

      • by exomondo (1725132) on Monday November 18, 2013 @07:20PM (#45458975)

        I suppose our developer doesn't understand that one can go with slightly more intelligent tools, like apt-get on the CLI, to get those packages upgraded? If so, he's no developer I'd give a shit about.

        He likely does, but that's not really the point is it? It's whether the average users know to do this.

        • by Dishevel (1105119)
          No. The point was for him to slam Mint.

          That is what he did. That was all he did. The internet is not one bit safer after he said that. In fact his statements will move a few of the stupid moo cows back to Windows. So the internet is a little worse now.

      • by donaldm (919619)
        From the follow-up article [muktware.com]:

        This claim appears to be mostly based on the fact that Linux Mint, by default, does not install certain updates, because they form a danger to the stability of the system.

        While I don't use Debian based distros I would assume that all packages would be updated when their updates become available unless you explicitly forbid this in the apt-get configuration file (yum can do this as well). I can understand blocking a package if it is suspect but a better way would be to remove it.

        If the developers don't like Firefox then send out a warning not to use it although it would IMHO make them lose credibility unless they could point to security issues t

        • While I don't use Debian based distros I would assume that all packages would be updated when their updates become available unless you explicitly forbid this in the apt-get configuration file (yum can do this as well). I can understand blocking a package if it is suspect but a better way would be to remove it.

          Yes, but a Debian-based distro does not point apt-get to the main Debian repository. It has its own repository. Ubuntu has an Ubuntu repository, and Mint has a Mint repository. If they don't put an

          • by X0563511 (793323)

            Except that Mint has both Mint repositories and Ubuntu's in it's configuration. What am I missing?

    • Everyone versus Linux. That's the ammunition he gave out for everyone outside the Linux world.

    • Redhat is Microsoft. Cannonical is Apple.

  • by Anonymous Coward on Monday November 18, 2013 @06:39PM (#45458661)

    if you can't say how good your product is. tell everyone how shitty everyone elses product is.

  • Too bad i use sudo apt-get dist-upgrade!
    • by Ash Vince (602485) *

      Too bad i use sudo apt-get dist-upgrade!

      Exactly. In all other aspects I think Linux Mint is great but their retarded attitude in not allowing this or making it easy is just a pain in the arse.

      I understand their perspective as I have been using Linux for decades but I do not agree with it and probably never will. Let those of us to who want to have a quick way of doing an in place upgrade of important packages do so then just resolve any shit that crops up later. Even if the system fails to boot then most of us are used to resolving those issues a

  • The guy is obviously lacking in basic social skills. Sadly the Ubuntu developers and forum admins are alienating themselves rather than doing anything useful for Linux.
    • Re: (Score:2, Insightful)

      Where on its websites and -pages does Ubuntu ever mention the word Linux?

  • Missing context (Score:5, Informative)

    by Fwipp (1473271) on Monday November 18, 2013 @06:43PM (#45458697)

    TFS makes it sounds like it's a long article about how Linux Mint is insecure.

    Here's the entirety of his commentary:

    Do you think that Linux Mint is a vulnerable system ? Really ?

    https://github.com/linuxmint/mintupdate/blob/master/usr/lib/linuxmint/mintUpdate/rules [github.com]

    this is the list of packages it will never update, instead of just
    integrating changes properly with the packagaes in the ubuntu archive
    they instead suppress doing (security) updates at all for them.

    i would say forcefully keeping a vulnerable kernel browser or xorg in
    place instead of allowing the provided security updates to be installer
    makes it a vulnerable system, yes

    i personally wouldn't do online banking with it ;)

    ciao
            oli

    • Re:Missing context (Score:5, Insightful)

      by ttucker (2884057) on Monday November 18, 2013 @06:56PM (#45458811)
      It is a pretty fucking good point too, that list of rules contains update exclusions that certainly would affect security.
      • Re:Missing context (Score:5, Informative)

        by Rob Simpson (533360) * on Monday November 18, 2013 @10:30PM (#45460113)
        Levels 4 and 5 ("unsafe", in that they may cause things to stop working) are not automatically selected when updating - which is fine with me. Video drivers may need to be reinstalled when performing a kernel update, for example. My issue is that they are not visible by default. It's easy to change in the preferences (there are "safe" and "visible" checkmarks for each level, so I have it set up so I can see if there is a kernel update available and select it when I want to install it) but novice users may miss this.
      • by synapse7 (1075571)
        Would that also apply to sudo apt-get update and sudo apt-get upgrade?
        • by ttucker (2884057)

          Would that also apply to sudo apt-get update and sudo apt-get upgrade?

          No. You can complain that apt will install dangerous updates that break things, because it does. It is impossible to complain that it will not keep you on the bleeding edge of technology,

    • by Pichu0102 (916292)

      Am I reading that file incorrectly, or does it list Flash as a package to never update?

      • If you're reading it incorrectly, then both of us are. That's how I read it too.

        • You are both reading it incorrectly - or rather, the context needed to read it is missing. The number refers to the "safety level" of the update:

          1 - from Linux Mint developers
          2 - tested to be safe
          3 - untested but probably safe
          4 - untested and may cause problems
          5 - known to cause problems with some hardware

          The flash package is 2, that is, tested and shown to not cause any problems. Levels 1 to 3 are automatically selected to be installed when updating.
          • Ohh, I think I remember seeing those numbers in the update manager of my Linux Mint VM. Yeah, that makes sense. Although I'm wondering, what do they do about high urgency updates they normally don't do because it breaks things, haven't tested, but still have to be put out to all systems anyways due to whatever, say a major security hole. Where would that fall on the 1 to 5 scale of updates?

  • what? (Score:4, Funny)

    by MickyTheIdiot (1032226) on Monday November 18, 2013 @06:43PM (#45458701) Homepage Journal

    The makers of Zeitgeist are concerned about privacy??

    • It seems you jest, but zeitgeist by itself, since it doesn't upload your data online, is quite convenient if you don't share your computer with others (and then again you can blacklist your porn folders). I create documents, images and music constantly, and zeitgeist makes it handy to organize and locate them by date or such, or to have some statistics about my own work flow. I consider it quite convenient, really.

  • This is why... (Score:5, Insightful)

    by sgage (109086) on Monday November 18, 2013 @06:45PM (#45458717)

    ... I don't want anything more to do with Canonical, or Ubuntu, or Mint, or any of that lot. I'm sticking with Debian. I'm sure it has its problems and all, but at least the politics seem to remain mostly internal. These public pissing matches between distros just seem so counter-productive. But since I've been using Linux (1998), it seems to be a constant. Ego issues? I don't know. I don't particularly care. It's just so boring and off-putting.

    • Re:This is why... (Score:5, Insightful)

      by jones_supa (887896) on Monday November 18, 2013 @06:58PM (#45458825)
      I personally am seeing BSDs as an increasingly interesting choice.
      • Its the only OS that I'd trust to do online banking these days; BSD jails are flimsy compared to Qubes' XEN domains.

        I'd also assume that any OS outfit offering "security" that doesn't have security researchers at its core is handing out a load of jive, especially if their system relies on a traditional kernel for said security.

    • Re:This is why... (Score:4, Insightful)

      by c0d3g33k (102699) on Monday November 18, 2013 @07:21PM (#45458983)

      With all due respect, working on Linux distributions is, for the most part, a thankless job. People certainly aren't doing it for the money - they are doing it because they passionately care about what they are doing. Aaaand ... passionate people sometimes react before they think, sometimes they are misinformed, because they are crazy busy doing their best to provide quality software to you for nothing. Because they care enough to do what they are doing when few others do. And they do it all in public for all to see ... and are judged for it, quite often by those who don't participate or understand. I'd ask you to take that into account before you dismiss passionate outbursts as "pissing matches" with a wave of the hand - you're just getting a glimpse into "how the sausage is made". Get over it. That's how humans operate. The beauty of the FL/OSS ecosystem is that you don't have to listen to the discussions that create your software for you - just use what you like based on its technical merits. Maybe if you feel gratitude for the gift you've been given you might even say "thank you" now and then. But if you're making your technical decisions based solely on what you misperceive as "politics", you are doing it wrong.

      • by sgage (109086)

        With all due respect, I understand what you've said. When I employed the term 'politics' I was using it in the broadest possible sense, over the many years I've been using Linux.

        I don't care about any of the bickering that goes on, until it becomes public and makes an ass out of all involved. I understand how humans operate, and how the sausage is made.

        But kindly don't be telling me to "get over it". FL/OSS is about a lot more than just basing one's decisions on technical merit alone. There's trying to have

        • by c0d3g33k (102699)

          Fair enough. Been using Linux for many years myself. But part of the FL/OSS model is to do things in public, because that's considered superior to face-saving-do-it-all-in-secret approach that hides all the actual work behind a veneer of congeniality. So don't 'get over it'.

      • Re: (Score:3, Insightful)

        by Iskender (1040286)

        because they are crazy busy doing their best to provide quality software to you for nothing.

        Uhh, the guy flaming in this case is working for Ubuntu. I don't know this, but I'd bet he's *employed* by Ubuntu.

        Meaning, he probably has even fewer excuses.

        And if making distros is a thankless job, maybe he should have some respect for others doing it? The guy behaved badly, end of story.

    • Re: (Score:3, Insightful)

      This doesn't sound like a pissing match so much as an Ubuntu guy being an ass and a corresponding Mint guy rolling his eyes. The urine is flowing one way.

      • Re:This is why... (Score:4, Informative)

        by Windwraith (932426) on Monday November 18, 2013 @11:48PM (#45460497)

        Seeing the originating comment is pretty much a harmless comment made on an Ubuntu mailing list, I think you are being misled by the flamebaiting article wording.

        All the guy said accounts to "this is a list of packages it won't update by default. I don't consider those choices very safe". How is this even newsworthy? And not only slashdot, other sites are making way too much of it.
        Also, notice this post so rich in Canonical evil ending with a ";)", I mean come on. This is news as much as somebody posting "lol ps4 sucks" on twitter.

  • Pot and kettle (Score:4, Insightful)

    by Anonymous Coward on Monday November 18, 2013 @06:47PM (#45458749)

    Why would you want to use a different distro where you don't know what could happen to your personal info;Here at Canonical we build the selling of your private info right into the menu!

  • +1 Article Troll (Score:4, Informative)

    by ADRA (37398) on Monday November 18, 2013 @06:49PM (#45458769)

    And nothing of value was lost.

    • Re:+1 Article Troll (Score:5, Informative)

      by squisher (212661) on Monday November 18, 2013 @06:55PM (#45458803)

      While the article may not have very diplomatic wording, the essence is true: I installed Linux Mint about a year ago, and liked it. But I had to switch to a different distribution after a couple of months because there were virtually NO updates coming in at all. I'd say that Ubuntu updates like crazy, but no updates at all in several months makes it very likely that they just don't have enough manpower to provide such a service. And that does make your distribution vulnerable. My experience may be outdated, but I'd bet it's still the same given this article...

      • Re:+1 Article Troll (Score:4, Informative)

        by boristhespider (1678416) on Monday November 18, 2013 @07:02PM (#45458851)

        I don't use Mint anymore myself - chiefly because my normal laptop died and Fedora plays more happily with Macbook's twisted form of EFI, and also partly because I spent so long administering Red Hat and then Fedora Core boxes that Fedora comes more naturally to me - but my anecdotal evidence is different. I didn't see Mint updating slowly at all. I can't say I paid much attention to kernel updates, but other patches came through as regularly as on any other distribution.

        For constant kernel updates and the attendent fun wondering if *this* is the update that will break your wifi or graphics support, nothing beats Fedora.

        Disclaimer for those taking Slashdot a bit too seriously: Fedora's constant kernel updates have only twice broken my wifi or graphics support, and that's chiefly because of a small latency in the drivers being updated that I wouldn't have noticed had I just waited about twenty minutes. It is irritating plugging the damn machine into the router again (they live in different rooms, and I'm no fan of trailing metre after metre of cable around), but that's the price you pay for updating without thinking.

        • by bmo (77928)

          Fedora's constant kernel updates ... It is irritating plugging the damn machine into the router again (they live in different rooms, and I'm no fan of trailing metre after metre of cable around), but that's the price you pay for updating without thinking.

          And this is why you keep at least one old kernel in Grub to boot from. I've never had a kernel kill wireless (Atheros FTW) but I've had kernels I didn't like that had regressions elsewhere.

          --
          BMO

        • by Nimey (114278)

          IME Mint updates fairly quickly, it's LMDE (the Debian-based version) that has really slow updates for everything besides web browsers.

      • Re:+1 Article Troll (Score:5, Informative)

        by wile_e8 (958263) on Monday November 18, 2013 @07:15PM (#45458943)
        Read the statement from Clem in the summary. Linux Mint updates just as fast as Ubuntu on most things, but has certain updates that could potentially crash otherwise stable machines disabled as a default. If you are really concerned about these to avoid vulnerability, they are easy to enable. Nothing about Linux Mint updates are slow after you enable them.
        • by exomondo (1725132) on Monday November 18, 2013 @07:29PM (#45459041)

          The problem is these are labeled Unsafe Packages and Dangerous Packages, now with those descriptions what user is going to say "yes I want those"? It states that these can affect stability, which is true, but leaves out that they could be critical security patches, which is also true.

          The real beneficial fix to end users here would be to state the whole truth about these updates.

          • by jedidiah (1196)

            Except from the point of view of system stability and change control, Mint polices are actually the ones that make sense. Dicking around with the kernel or Xorg SHOULD be treated like it's dangerous and that terminology should be exposed to the "poor frightened" end users.

            "Crucial to Linux components working with one another. Do not install unless you are experiencing a problem which you believe the upgrade will solve"

            Sounds sensible actually.

            • by exomondo (1725132)

              Except from the point of view of system stability and change control

              No, it already does highlight that, what it doesn't mention is the fact that these might contain critical security patches.

              • Re:+1 Article Troll (Score:4, Interesting)

                by ifiwereasculptor (1870574) on Monday November 18, 2013 @11:44PM (#45460479)

                We all know that's important. However, for the regular user, someone remotely exploiting a xorg bug is way less likely than a video driver fuckup (especially if the user opted for a blob). And whoever doesn't know what xorg or a kernel are is unlikely to solve the problem when presented with a terminal, thus dooming the machine completely. So yes, Mint's way makes more sense for the unaware user. And the aware user can configure it to his liking.

          • It does refer to them as "Unsafe packages. Could potentially affect the stability of the system." and "Dangerous packages. Known to affect the stability of systems depending on certain specs or hardware.", which isn't all that bad. Certainly "unsafe" and "dangerous" could be changed and the possible security implications could be mentioned, though.
        • by Gunstick (312804)

          tell that to my root kernel exploit I had during 6 months unpatched last year on my Mint laptop. That's a clear Mint fail. And there is no excuse for unstable or dangerous.
          I also never ever had an unstability via a new kernel, and I have run ubuntu since it started.

      • My experience may be outdated...

        I see what you did there.

      • Did you check to make sure there wasn't an error? I know of some errors currently where the updater program doesn't function properly and locks up synaptic and the software manager as well but doesn't show the error unless you open it with the command line. So to the casual user it just looks like there's no updates. I currently have this issue but plan to just deal with it until Mint 16 comes out in a few weeks and just wipe and install fresh.

  • So everything that is a derivative of something else is vulnerable?

    Isn't Ubuntu a derivative of Debian?

  • He's just mad. (Score:4, Insightful)

    by imunfair (877689) on Monday November 18, 2013 @06:59PM (#45458831) Homepage

    It's not surprising he'd try to bash Mint, considering they ate part of Ubuntu's marketshare when Ubuntu made stupid design decisions. That's what happens when you try to cram weird GUI changes down peoples throats in open source.

    Don't move my Close, Minimize, and Maximize buttons to the left side by default unless you're going provide some spectacular improvements in return. I tried using it that way for a couple days and was still reflexively clicking on the empty right side to close the window. Eventually I found a config mod that fixed it, but then they went to the stupid Ubuntu mobile desktop and I couldn't be assed to work around it any longer so I switched.

    It's worth mentioning that if you don't like Ubuntu repos, Mint also has a version based directly on Debian.

    • by bmo (77928)

      >buttons

      Close on left
      Minimize and Maximize on right. As God and IBM intended.

      It's the first thing I change in KDE and every other environment if I can (if the devs don't remove the friggin' option).

      You'll never fat-finger the Close button again.

      --
      BMO

      • by Ash Vince (602485) *

        >buttons

        Close on left
        Minimize and Maximize on right. As God and IBM intended.

        It's the first thing I change in KDE and every other environment if I can (if the devs don't remove the friggin' option).

        You'll never fat-finger the Close button again.

        --
        BMO

        Personally I have never done that anyway, or at least not that I can recall. I guess I am actually able to use a mouse with a greater degree of precision. Yes, I said mouse. If I want a touch OS I will find one and install it, I do not need my desktop OS to slowly morph into one thereby wasting tons of screen real estate as all the buttons become huge.

        Just follow the currently commonly accepted desktop metaphor by default and give us options to change things away from it if we want to. Since it is fairly ob

        • by bmo (77928)

          The button position is something I used under OS/2 20 years ago.

          Just changing it without asking us then forcing us to google for the solution to put it back is just annoying

          I have never understood why the Gnome devs make settings so difficult. People complain about the bloat of KDE, but Gnome is just as fat and KDE's settings are easy to change.

          The claim is that too many options are confusing. I prefer the workspace to work for me, not fight against it.

          >Windows

          I use Windows in a VM.

          If it wasn't hardcod

        • Personally I have never done that anyway, or at least not that I can recall.

          It's what you have under Windows 3.1 and Motif, and to some extent later Windows versions as well : the top left is a menu with maximize, minimize, move, restore etc. and close. Double-clicking the menu (with may be sort of hidden in recent Windows OS or apps) closes the window.
          Most linux desktops / window managers have that same menu, but I couldn't find how to configure them for "double-click to close" (xfce, mate, gnome 2, openbox..)

    • by Mashdar (876825)

      My favorite was that the Unity bar was smack in the middle of my two monitors regardless of which monitor was the primary. Good thing they didn't want to let anyone move the damned thing.

  • by jones_supa (887896) on Monday November 18, 2013 @07:02PM (#45458853)
    I found this interesting Google+ post [google.com] from the Muktware article comments.
  • Canonical Failed? (Score:5, Interesting)

    by enter to exit (1049190) on Monday November 18, 2013 @07:36PM (#45459085)
    Ubuntu is in a rut. They're not making money, growth is plateauing, it's mindshare is diminishing. It's questionable if they'll ever make a profit. I mean why Ubuntu over Novell, Oracle or RedHat for enterprise stuff? RedHat is a billion dollar publicly listed company..Novell is owned by attachemate group (a billion dollar revenue company) and Oracle poops money.

    The Ubuntu Edge was a hail Mary pass that failed. They lack the revenue (and wherewithal) to get into hardware and no hardware maker wants to partner with them.

    I have to wonder, when will shuttleworth stop? Would it be extreme to say Canonical is a failed company? At what point is Ubuntu going to transition into a community driven OS? Ubuntu TV is vapourware, their phone OS relies on someone willing flashing their nexus..They've totally fucked their Desktop OS and it's unclear why anyone would select them for enterprise support considering the breadth of their competition.
    • by dkleinsc (563838) on Monday November 18, 2013 @07:50PM (#45459181) Homepage

      At what point is Ubuntu going to transition into a community driven OS?

      I'd say it already is transitioning to a community-driven setup, called "Mint". One of the key things that makes the open-source world different from the commercial world is that when an organization starts getting stupid and greedy, someone forks the project, and if they do a better job the user-base just switches to the new project and loses nothing of any great value.

      • At what point is Ubuntu going to transition into a community driven OS?

        I'd say it already is transitioning to a community-driven setup, called "Mint". One of the key things that makes the open-source world different from the commercial world is that when an organization starts getting stupid and greedy, someone forks the project, and if they do a better job the user-base just switches to the new project and loses nothing of any great value.

        Interestingly, this is a plot element of Corey Doctorow's post-singularity / post-scarcity sci-fi story "Down and out in the Magic Kingdom". [craphound.com] Except, when applied to real world's finite assets -- instead of infinitely reproducible information -- the user-base can lose things; The above story explores who should be responsible for selecting what the people choose to gain or lose. In the case of Ubuntu users, they risk their unfractured community at minimum. In Doctorow's story the people would avoid this t

        • Another added incentive to the idea of the user tactically pushing Canonical (and Shuttleworth) aside is "The Ubuntu Foundation", A $10 million dollar commitment Shuttleworth put aside as an "emergency fund" in the event that Canonical's involvement in the Ubuntu project ends.
    • by Burz (138833)

      I think this Ubuntu UI criticism is overblown. In my experienced and not-so-humble opinion, they've made 2 real mistakes with the UI... the integrated Amazon search and the total lack of any neat and well-organized launcher (the search panel results are very noisy even with the online component gone). Uninstalling the shopping search extension and adding the 'classicmenu' package rectifies these problems.

      Canonical are trying to adopt Apple's UI features, but also trying here and there to be 'different'. The

  • Ubuntu developer Oliver Grawert does not prefer to do online banking with Linux Mint.

    "prefers not" would be a less ambiguous way of putting it. But hey, you just copy-pasted the whole thing, it's not like Slashdot expect to you to write summaries in your own words. Oh wait, they totally do [slashdot.org].

    One of the Ubuntu developers, Oliver Grawert, originally pointed out that it is not necessary that security updates from Ubuntu get down to Linux Mint users since changes from X.Org, the kernel, Firefox, the boot-loader, and other core components are blocked from being automatically upgraded.

    Err, what? I honestly can't be sure what this means. First, Grawert was already introduced in a previous line of the summary/article. Doing so again is just confusing, but even more so is that it's impossible to tell whether this second sentence, containing as it does the word "originally," is meant to ag

  • End of the world? (Score:5, Insightful)

    by dshk (838175) on Monday November 18, 2013 @07:48PM (#45459163)
    We are talking about a short, almost personal comment on the developer's mailing list of Ubuntu:

    i personally wouldn't do online banking with it ;)

    Compare this with the Slashdot article title:

    Canonical Developer Warns About Banking With Linux Mint

    Whether he is technically right, or not, I find it disgusting that such a side note becomes news on Slashdot.

    By the way, the subject was another new distribution based on Ubuntu, similar to Mint, therefore the Ubuntu developer actually encouraged an Ubuntu derivative.

  • by Lumpy (12016) on Monday November 18, 2013 @09:06PM (#45459655) Homepage

    I warn people away from Ubuntu and towards Debian or another reputable distro that is not selling your info and loading your os with AD's and spyware. Yes if you are sending info for targeted ad's you are bundling SPYWARE.

    Ubuntu has tainted the water. It's not a safe OS.

    • I've been warning people away from them ever since leaders stated in early 2010 that they don't give a shit what users want or need -- not exactly a stance that suggests they're likely to stop at anything short of legal ramifications in their pursuit of ways to profit off their users.

    • You can avoid the "selling of information" in Ubuntu by either not using Unity (who would use it anyway?) or by sudo apt-get remove unity-lens-shopping. It's not so hard. Ubuntu has its advantages: software is very easy to come by and the support community is great. I use it because it gets out of the way I can just get on my with my work without any screwing around.
  • Mint runs xhost + (Score:2, Informative)

    by Anonymous Coward

    Mint has no security. They intentionally run with access control disabled on the X server (xhost +). Keyloggers and screen scrapers are trivial in this case. Bugs have been filed about this, but Mint considers it working as designed.

    • by Burz (138833)

      Mint has no security. They intentionally run with access control disabled on the X server (xhost +). Keyloggers and screen scrapers are trivial in this case. Bugs have been filed about this, but Mint considers it working as designed.

      Now that is interesting.

  • by DCFusor (1763438) on Monday November 18, 2013 @11:05PM (#45460269) Homepage
    It might not solve all issues, after all, it's not like Ubuntu itself is never hacked. But my solution is to run the Mate desktop over Ubuntu 12.04 LTS and get the best of both. It works great, and avoids the crap that is unity, gnome3, you name it - it's like having a stable version of gnome2 that actually works right. I agree with the commentors on many of the other issues. Unity is crap on a multi monitor desktop. It has built-in surveilance on you for crying out loud, huge icons if you've got 4 24" monitors, that you can't move. I like to be able to put the tic-tac-toe buttons where I wish, I like menu and task bars I can autohide, and put on the monitor I want. I paid for every single pixel on them - don't tell me what I can have on my screen or where I can put it. It's not like I don't have other options. Cannonical really stuck its head up its butt in a number of ways of late - and when told so, they said it was our fault for not liking their stupid ideas, which were and are genuinely stupid. Too bad, otherwise they were the good stuff. But they are not alone. Somone figured out that most computers hit the dumpster with the same opsys they shipped with. Since PC sales are falling (the ones out there are all good enough by now anyway, why buy a new one is a good question for most users) - they decided on a "one size fits all" for PCs and mobes. Stupid idea - I have both and use them for different stuff and at different levels of security for that different stuff. It seems the current crop of programmers is too stupid to put in a single boolean - true if PC, false if mobe, or vice versa, and do the rest of the install based on that. Even if my quad monitor setup was reachable by anything but my extended legs and was touch enabled, I'd think this current bunch of Ubuntu stuff was crap for it, what I have is far better, and a lot more usable. It might work out on my nexus, only it's better the way it is already, than unity would make it. They really jumped the shark on this - in company, but still....
  • by Mirar (264502) on Tuesday November 19, 2013 @01:35AM (#45460919) Homepage

    By inferring that Linux in any form or shape might be not worthy of "online banking",
    I think this has hurt Linux an immense amount.

    He probably just now blocked tens of thousands of people of trying *Canonical*,
    because the article reads "*Linux* is not good to do online banking with".

    Smooth.

    I wonder if he can do anything to repair the damage. :(

  • That's why I mostly stay away from mint
    Last year there was a linux root exploit in the kernel. I tried the exploit and it worked: bang root shell!
    So I waited to see when this would be fixed via the usual upgrade path... nothing happened during 6 months.
    Until I finally wanted to use my system and so I looked into the reasons why I'm still vulnerable while all other distributions are ok.
    So I need to run apt-get to get a new kernel! That's not "ready for the desktop".

    Come on! All distributions are so proud to

The world is moving so fast these days that the man who says it can't be done is generally interrupted by someone doing it. -- E. Hubbard

Working...