In a fresh blog post, Linux Mint's leader Clem Lefebvre has written about some statistics on people running out of date software and warned people to ensure they're running updates.
While Linux users often claim they know what they're doing, they're smarter than Windows users and more (I've seen a lot of claims over the years…) plenty still seem to delay or just not run updates it seems. When you hear about new security problems all the time, it's never been more important to stay up to date. Especially your web browser, the last thing you want is to have that and your entire online life compromised!
In the post Lefebvre mentions that only around 30% of users updated their web browser in less than a week, although perhaps much more alarming is that between "5% and 30% of users run Linux Mint 17.x" which has not seen security updates for two years since it reached EOL (end of life).
0% of users should run Linux Mint 17.x! Anything above is not good, whether it’s 5% or 30%.
The actual statistics they have should be taken with your usual pinch of salt, as they vary depending on where you look but either way it's a big reminder to ensure your computers are up to date. Just being on Linux doesn't make you suddenly secure - remember that.
Perhaps it's not surprising though, with Linux Mint often recommended to complete newbies and older users trying out Linux. If you have done a setup for a friend or family member, perhaps give them a nudge about running updates eh?
You don't have to go the Windows-route of being completely obnoxious about it (that's pretty much impossible anyway, as most updates don't require a restart in contrast to Windows), but some reminders with an eventual forced update of critical packages shouldn't be impossible.
mmmm but that does kind of defeat one of the main features of linux choice.I assume this was a reply to what I wrote?
In that case: How so?
The choice of the myriads of other distros not forcing updates would still be there ;)
But for a system aimed at users with very limited experience, I don't see any downside in taking that choice away.
After all, there is a very clear good and bad choice here. This would merely eliminate the terrible choice of not keeping your software up-to-date.
"But it's running fine!" is what got us ancient software on ancient servers and PCs coming apart at the seams all around the office world.
You can always make it so that someone who knows their way around the terminal and config files can disable the automatic updating of critical packages - but by doing so, that person would have proven they know what they are doing and thus eliminating the user not pressing update "just because".
Either way, before forcing anything, there should be days or weeks of clear notifications shown to the user about what should be updated and why.
At the moment - at least if it is anything like Manjaro - you just get a notification saying "There are updates available" and that's about it. Not exactly a lot of emphasis - which is fine for an Arch distro, but that's not the target audience for Mint I think.
Last edited by TheSHEEEP on 22 February 2021 at 2:22 pm UTC
Same applies here. The user/admin always should be in the highest point in this hierarchy. OS should inform me that there are updates available. But it should never force me in any way to run them. A simple panel icon with pop-up on start is enough. Anything more than that is unneeded and unwanted.
I don't see any problem with users not running updates.
A compromised computer will be used as a beachhead for attacks against others. Good computer hygiene protects all of us. Unpatched software puts us all at risk.
If you're technically proficient enough to read patch notes and make an informed choice of whether this particular update needs to be applied at this particular time then you're more than capable of turning automatic updates off. If you're the kind of user that says "ooh, that looks complicated," then you ought to be protected and not a hazard to everyone else by default.
I don't see any problem with users not running updates.
A compromised computer will be used as a beachhead for attacks against others. Good computer hygiene protects all of us. Unpatched software puts us all at risk.
If you're technically proficient enough to read patch notes and make an informed choice of whether this particular update needs to be applied at this particular time then you're more than capable of turning automatic updates off. If you're the kind of user that says "ooh, that looks complicated," then you ought to be protected and not a hazard to everyone else by default.
That's a very dangerous line of thinking you have there.
At first we will be like.. Let's just force updates for non tech users. But what if it won't work. What if we will find out that most not up to date computers are actually run by tech-profound users who willingly choose not to run updates. That makes those users a risk to everyone else as well. To eliminate this risk, we ought to force them do updates too, no? Then you end up with Windows scenario.
No. Updates should never be forced on the user. Nor should auto-updates be enabled by default.
One way to do this is to have the option of enabling auto updates during installation.
At first we will be like.. Let's just force updates for non tech users.It's only you that's talking about forcing updates. I'm just saying to enable automatic updates by default to help those that wouldn't be able to enable automatic updates by themselves.
personally, I think there should be an option to enabled by default in the installer to have auto-updates. one that can't be missed. this way those "technical" users can update or not update when they feel like it. and those users who might not even know there is an update or how to update can in fact receive the updates automatically. I feel like this is a win-win approach. Personally, as a user of Arch-Linux, I update at minimum daily before I shut down for the day and my bf has taken to this approach as well. though my raspberry-pi running ubuntu for pi-hole only gets updated if I happen to need to ssh onto it for some reason...At first we will be like. Let's just force updates for non tech users.It's only you that's talking about forcing updates. I'm just saying to enable automatic updates by default to help those that wouldn't be able to enable automatic updates by themselves.
Last edited by stephenseiber420 on 22 February 2021 at 5:53 pm UTC
What if we will find out that most not up to date computers are actually run by tech-profound users who willingly choose not to run updates.Whenever we find that out, I'm certain we will also find out the location of Santa Claus and the Easter Bunny.
I'm talking about forcing updates - it's not like there isn't precedence for this, OSX does it, most mobile OSs, Windows does it. There's very obviously merit to it or it wouldn't be done.At first we will be like.. Let's just force updates for non tech users.It's only you that's talking about forcing updates. I'm just saying to enable automatic updates by default to help those that wouldn't be able to enable automatic updates by themselves.
The question is really not if it is done, but how - obnoxious like Windows goes about it with stuff regularly breaking in updates. sudden restarts and the PC being practically unusable while the update is downloading/installing... or something better than that?
Anyway, a default of automatic updates would solve the problem almost as efficiently as forcing would.
Maybe with a message of "Don't worry, this isn't Windows. You can use your PC just fine while updates are installing."
The majority of humans are dumb. Shocking. Most people are too lazy to even perform basic maintenance on their car let alone their computer. Gotta clear that Netflix backlog first, they'll update later.Computers are way easier to do basic maintenance on than cars, especially these days with how locked down cars have become. Unless you're just talking about putting in a bit of oil (which I no longer need to do with my electric car).
Automatic updates block me from that decision about when I think it's best, and worst, to do it. So yeah, I don't know enough to have much idea what updates I should apply, but I do have some opinions about when I want to run the process.
Forced update : No
We must avoid making more fragmentation in Linux at all cost. Just look at the Android ecosystem. Hell, there is even a brand new, not mainstream brand devices which still comes with Android 5.1 because some users hated to use Android Go.
Like I broke my video drivers the other week by installing the android sdk, why did that happen? I don't know, something involving dkms and my kernel updating maybe, I don't know, I wasn't paying attention to the terminal output at the time, linux is scary.
Though I am thankful it was fixable with some finagling and basic knowledge. I remember in the XP days I'd have to nuke and reinstall Windows maybe around twice a year as that was the only practical way to fix a lot of the technical issues I tended to have.
Last edited by Botonoski on 23 February 2021 at 7:14 am UTC
mmmm but that does kind of defeat one of the main features of linux choice.I assume this was a reply to what I wrote?
In that case: How so?
because if you force updates thats not choice thats the os dictacting what i do.
Maybe there could be an app that pops up a window once there is a new version of the OS?Mintreport and its system tray applet do pretty much what you want. But I guess the tray icon is easy to ignore.
The latest version might be a bit of an own goal on that front. Used to be, the little shield-shaped thingie would turn colour when it wanted more updates. Fairly noticeable shift, the whole icon would turn red. And I think it was green or blue when it was all up to date. Just now looked down at the icon; the current version is always white and when it wants you to update it just puts a little extra bob, a little orange something-or-other, at the bottom left of the shield icon, covering less than a quarter of it. Doesn't exactly pull the eye, I'm pretty sure I've tended to update less often since I installed the new version.Maybe there could be an app that pops up a window once there is a new version of the OS?Mintreport and its system tray applet do pretty much what you want. But I guess the tray icon is easy to ignore.
See more from me