Ubuntu LTS: many vulnerabilities despite long-term support

Discussion in 'all things UNIX' started by summerheat, Apr 23, 2016.

  1. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,724
    Granted I didn't read the whole thread, but I always found desktop Linux security in general to be "better" due to obscurity and the repositories. Note I said in general.
     
  2. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    222
    With or without luks? Do you mean here on wilders or link to a guide? I just followed the debian wiki "Install from existing linux" doing a few tweaks since I installed into a btrfs subvolume, and it was made easier since I could use the same /etc/fstab (minus changing the subvol options), the same /etc/crypttab, and only having to add a grub entry instead of actually installing grub. If you think it would be useful here I can...
    And its discretionary access control model, concept of users and root, superior mandatory access control options, quite potentially smaller attack surface, the grsecurity patchset, pax memory protections, and a superior firewall (iptables). :)

    Of course, it has its downsides...
     
  3. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,136
    ConfigHz=250 from 300 Graysky has that setting on his ck-kernel, I also compiled my own using Ubuntu config, the temperature matches Ubuntu and SUSE but the issue here is Arch devs totally adamant. Thanks for your offer amarildojr
     
  4. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,064
    Location:
    Brasil
    No problem, I didn't know you already compiled your own :D
     
  5. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,064
    Location:
    Brasil
    That's totally up to you, as I have my own way of installing it with LUKS on top of LVM.

    Oh, so it's way less complicated than I thought :p Nevermind then.
     
  6. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,136

    I am on Arch Gnome, how is Arch KDE doing, I have always used XFCE in Arch but lately I have had issues of Libreoffice crashing on XFCE but not on Gnome.
     
  7. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,724
    And of course the word generally was overlooked. I'll clarify, none of those will make much of an impact to general users in the real world. They install malware themselves and will bypass all of those unless restricted from root by a system admin.

    Then I could go on to Windows alternatives, and how much all of this is theoretical, but feel free to contribute here: https://www.wilderssecurity.com/threads/the-hardened-linux-thread.379114/
     
  8. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    222
    Yeah, its super easy :)
    Ever since KDE 3.5, I just dont see the allure of KDE on Arch. Heres the hell march: KDE 3.5 had gotten nice and solid- thats when I came into the picture. KDE 4.0 is released. It was horrible and buggy and not finished. It was painful until 4.6, and by about 4.12 things were good... A while later and then KDE devs are like "ok, weve got KDE 4 all good and stuff- lets start over again with KDE 5." KDE 5 is released which of course sucks, and Arch gets it because Arch always follows the bleeding edge. Its going to be bugs and pain for awhile until 5 gets stable, at which point KDE devs will be like "KDE 5 is dead. Long live KDE 6!" They are a capable community, but they are a community that has to keep doing large scale rewrites. To me, this approach sits better with something like Debian Stable, Kubuntu LTS, Opensuse, etc. These distros can lock KDE in one place (hopefully towards the end of a KDE release) where a user can enjoy a finished product for years. For example, Arch's KDE is the 5 branch- Debian stable is on KDE 4.14 (which is very good and has the bugs worked out, features added, etc) and will be until its EOL which will be 2017-2018 depending.

    Arch to me seems better suited to i3, openbox, XFCE, possibly Cinnamon, and any other minimalist relatively stable desktop design. Not to say Arch cant do it...
    I think Windows users are equally capable of screwing themselves by bypassing restrictions, but yeah- user choices are the most responsible for security. Ill take a look at the thread..
     
  9. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,064
    Location:
    Brasil
    It's fine. Hardly any bugs :D (get that reference?)
     
  10. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,136
    Now I will give it a try for sure, would be long time after SUSE in early 2000.
     
  11. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    222
    I got the reference :)
     
  12. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,724
    Never said they weren't, in fact that was one of my main points. The other is that you can't underestimate how much a competant centralized repository and lack of (low-hanging) targets will help prevent the average user from being infected.
     
  13. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    222
    While I thought you were just ribbing my implicitly scathing indictment of KDE/Arch admittedly born out of my past frustrations, I realize I might have come off as condescending. I didnt think of your signature (that you were using the very setup I was expressing frustration with), or I would never written it- I dont try to make enemies or offend people.

    Despite the fact it would have been an admittedly political move, I would have kept my mouth shut. Now that my opinion is in the open and cannot be unseen, all I can say is that I meant no personal offense.

    You and I just have different personal desires with KDE- I prefer a stable incarnation of it (in terms of featureset), while you prefer latest and greatest. Nothing wrong with either approach...
     
  14. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,064
    Location:
    Brasil
    What? I really didn't get this. Sorry. Could you be more specific?

    My reference was in regards to the movie Titanic, where Jack says "The best I've seen ma'am, hardly any rats" :p

    I'm just gonna go with: OK then :p We're fine! (because I really have no clue what you're talking about hehehehehe)
     
  15. Anonfame1

    Anonfame1 Registered Member

    Joined:
    May 25, 2016
    Posts:
    222
    In a post above I basically went off on KDE specifically in Arch (as I like KDE itself fine). It wasnt until I noticed in another thread via your signature that you were in fact running the exact setup I went off on that I decided what I said could be offensive to others.

    As a result, I quoted you again and to try and make clear that my intent wasnt to insult or offend anyone- one cannot be too careful online because people get offended easily. I think its the nature of words being the only form of power in a forum- its easy for the words to be over-scrutinized, etc. I wanted to make sure to declare peace lol..

    Now I see that you meant something else :p So now that everything's all cleared up, back to our regularly scheduled programming...
     
  16. amarildojr

    amarildojr Registered Member

    Joined:
    Aug 8, 2013
    Posts:
    2,064
    Location:
    Brasil
    :argh: OK, no problem! No offense taken :D
     
Loading...