Linux Mint 16 "Petra" Cinnamon RC released!

[Pierre]

Ubuntu Developers Say That Linux Mint Is a Vulnerable System

Ubuntu developers have stated in the official mailing list of the distribution that Linux Mint is a vulnerable system and people shouldn't do online banking on it.

http://t.co/tddOtR2qF7

Really ?.

[dee.]

So... Canonical employees are badmouthing Mint, even after Mint team has been nothing but gracious towards Canonical, even while Mint would arguably have much more cause for badmouthing Canonical's recent controversial decisions (Mir, dash adware, etc).

I see this as an attempt of diverting attention, and getting some of the heat off Canonical... whenever Canonical does something that people criticize them for, their first instinct seems to be to slander their competition in whatever way they can (see: Mark's recent comments). And really, when the leader of Canonical acts in that way, it's no wonder the employees are imitating him, after all, Mark sets the tone for the entire company, and the rest of the staff pick their cues from him.

I assume the Canonical employee is talking about the level 4-5 updates that are normally not updated automatically, instead left at the discretion of the user to choose when to update. I'm looking at the list of level 4-5 updates right now, and most of those seem to be low-urgency updates and bugfixes, with very few actual security risks involved.

[drewdlekins]

There is an article out by a Ubuntu Developers, who say that Linux Mint Is a Vulnerable System. Is this true?
By the way the new release is great.

http://news.softpedia.com/news/Ubuntu-Developers-Say-that-Linux-Mint-Is-a-Vulnerable-System-401007.shtml?utm_source=twitterfeed&utm_medium=twitter

They're idiots, and that's putting it kindly.

Mint breaks updates down into distinct classes, with a rating of 1 through 5, the higher numbers indicating more risky packages in terms of stability. Any time you upgrade core system components, there is the potential for breakage. Ubuntu dumps all upgrades into the same pool, so users are not aware of the significance of an upgrade to certain important packages until breakage does occur. You can very easily change this in Mint by telling the Update Manager to install level 4 and 5 updates in the settings.

The default behaviour in Mint, of course, is to hold back levels 4 and 5. That's the "never upgraded" packages they're referring to.

Xorg drivers and kernels have no bearing on your internet banking security. What does, packages like Java, Flash, Firefox, etc, are all slated into classes 1 through 3. So your banking is just as safe, because your browser is the same as that used by the relevant version of Ubuntu.

I'd hate to see what these guys think of Debian. Debian freezes every package at release and only provides security patches. So people running Squeeze have Xorg and kernels over two years old, assuming they've stayed with Stable and not enabled backports.

Some people's children.

[xenopeek]

Full response by Clem to this controversy here: http://segfault.linuxmint.com/2013/11/answering-controversy-stability-vs-security-is-something-you-configure/