Is Linux Mint a secure distribution?

Also in today’s open source roundup: Distraction-free writing at the command line with WordGrinder, and desktop Linux just keeps getting better and better

Linux Mint
Luis Fernando Pienda Mahecha (CC BY-SA 2.0)

Linux Mint and security problems

Linux Mint has been lambasted by some in the media for security problems over the last few years. But how accurate are such perceptions? Does Linux Mint really suffer from security problems or is it all much ado about nothing?

A writer at DistroWatch wades into the controversy and examines some of the myths and misunderstandings about Linux Mint and security.

Jesse Smith reports for DistroWatch:

Some of the more common misunderstandings I have encountered recently have involved the Linux Mint distribution. Mint has been a popular project in recent years and, with many people using the distribution and talking about the project, there is bound to be some mis-communication. In particular, most of the rumours and misunderstandings I have encountered have revolved around Mint's security practises and history. I would like to clear up a few of the more common rumours.

Perhaps the most common misconception I run into is that Linux Mint's update manager blocks access to security updates. This is not entirely accurate, but it is easy to understand where the idea came from. In the past, Mint's update manager would display a full list of available security updates with each update assigned a safety rating. A rating of one or two indicated the software was safe to install. A rating of three was the default and considered mostly safe, if untested. A rating of four or five indicated the update was likely to cause stability issues. Installing a poorly rated update might prevent the system from booting or cause the desktop to stop working properly.

Another common rumour is that Mint delays security updates, causing fixes to arrive in Mint later than on other distributions such as Debian or Ubuntu. This rumour is entirely untrue and I have so far been unable to find a cause for the claim. Mint has two upstream distributions, Ubuntu for the main editions of Linux Mint and Debian for Linux Mint Debian Edition. Both flavours of Mint pull in security updates directly from their respective upstream distributions. The updates are not filtered. This means that as soon as security updates appear in Debian's repositories, the updates are available to Linux Mint Debian Edition users. Likewise, when Ubuntu publishes a security fix, it can be instantly downloaded by Linux Mint users. There is no delay or hold placed on packages before they become available to Mint users.

As it stands, Linux Mint's security record is about the same as other popular Linux distributions. There have been a few minor problems, but nothing out of the ordinary. For the most part, Mint's reputation concerning software security mostly seems to grow out of misunderstandings about how the distribution's update manager works.

More at DistroWatch

The article at DistroWatch caught the attention of redditors in the Linux subreddit and they shared their thoughts about Linux Mint and security:

Halfpac: “First he admits Mint is holding back security updates, and talks it down by mentioning you can install them at your own risk. Then in the next paragraph he denies Mint updates are delayed since they're pulled directly from Ubuntu or Debian's repositories, which is true, but because of the stability issues they're not recommended updates in Mint until they are tested...

That's what the rest of us call held back, and delayed updates!

”Oh no, you can install anything you'd like at your own risk, but the stuff we recommend - that's postponed”.”

726829201992228386: “Skip the bullshit PR piece and read the important article on verifying ISO images.”

Drakofrost: “It's funny how the article completely ignores the fact that with the default settings, kernel updates are not installed, which leaves the system completely vulnerable.

And the ISO was compromised, even the Linux Mint team itself admitted it. QuidsUp did a video covering the subject.

This sounds like a paid article, or it was written by someone related to the Linux Mint team.”

VelvetElvis: “As a Ubuntu derivative, nothing in Universe gets security support. That's the big problem, IMHO.”

Adevland: “Linux is about user choice.

If you choose not to install the updates, that's your problem.

This was the case with windows up until windows 10 when they started forcing updates. Apparently people hate that as well.

So people here hate it when users get to choose what updates to install, and they hate it when updates are mandatory.

These people are haters and cannot be satisfied regardless of how updates are delivered.”

Dog_cow: “Is this guy saying that if a user were to avoid installing security updates because they are flagged as high risk - that they would then get a low risk version of that equivalent update within a short amount of time (e.g. Within a few days)?

I.e. At worst is a Mint user just going to be a few days behind?”

More at Reddit

Distraction-free writing at the command line with WordGrinder

There are quite a few word processing applications available for Linux, but most of them are GUI-based and filled with potential distractions. WordGrinder is a command line app that provides a distraction-free writing environment.

Christine Hall reports on WordGrinder for FOSS Force:

As advertised, it’s uber-easy. Easy enough that I’m writing this article on it now.

One of my reasons for wanting to find a command line tool for writing is to do away with distractions. This may not be as much a problem to younger generations of writers who honed their writing skills using WordPerfect, Writer, or gawd forbid, MS Word, but to those of us who spent the first half of our careers sitting at a typewriter, modern GUIs are definitely a distraction. With a typewriter, there’s just you and the paper.

For me, WordGrinder solves both of these problems. With the terminal window maximized, there are no distracting bells and whistles on the screen. It’s just me and the words I’ve written. And although navigation through the text for a little cursory editing is easy enough, not having the use of the mouse makes it just difficult enough to remove the temptation to “just stop for a moment and fix that paragraph.”

Actually, it’s this “distraction free” angle that was responsible for WordGrinder being developed in the first place. The program is the work of David Given, who wanted a distraction free way to write a novel. What he came up with is something that’s not dissimilar to code editors such as Vim or Emacs, but much simpler and easier to use. It’s also not a full featured word processor by any stretch of the imagination. But it does come with a surprisingly rich set of features, and my experience so far is that it’s perfect for getting words on paper for that first draft — which for me is the hardest part of writing.

More at FOSS Force

Desktop Linux just keeps getting better and better

Desktop Linux has come a very long way from where it started, and it now offers many users a great computing experience. A writer at Network World shared his thoughts about how Linux has improved on the desktop.

Bryan Lunduke reports for Network World:

Desktop Linux, right now, is better than it’s ever been.

By a long shot. A feat that is truly amazing.

You know how some operating system companies (not mentioning names or pointing fingers here) tend to release new versions of their systems with the promise of amazing new features, but in reality, each release almost seems to be worse than the one before? Massive performance degradation. Huge jumps in memory usage. Decreases in stability. Increases in annoying adware or spyware built into the system.

As I listed off those problems, every one of us immediately thought of a specific OS and a specific feature. And when that thought crossed our minds, we were either amused (because we don’t use that system) or annoyed (because we do). Regardless, we’ve all got examples of those problems added in with new releases of big-name, proprietary operating systems.

More at Network World

Did you miss a roundup? Check the Eye On Open home page to get caught up with the latest news about open source and Linux.

Copyright © 2017 IDG Communications, Inc.

InfoWorld Technology of the Year Awards 2023. Now open for entries!