mintUpdate vs Synaptic

[PussyCat]

I have today updated Mint 13 Xfce using update manager which seemed to go ok. However, when I check the Installed (upgradeable) section in Synaptic it reports 30 upgrades available. On another machine (which was updated on 3rd May), Update Manager reports approx 400 packages whilst Synaptic reports over 600.

What's going on? Which should I trust?

As a supplementary question, in Synaptic is it possible to select a section - such as upgradeable - en bloc? In some distros, for instance, it is possible to mark all upgrades.

[passerby]

Go to mintUpdate > Edit > Preferences > Levels. There you can select which updates you want mintUpdate to display.
Note those currently unchecked. IIRC, even those unchecked here will be displayed in Synaptic, hence the increased number of updates in Synaptic.
The level descriptions here should tell you which you want.

If you do opt for synaptic, you can hit the "Status" button on the bottom left, then select "Installed (upgradeable)" from the list above.
Left click on one update, then hit ctrl + A. When they're all selected, go to Package > Mark for Upgrade.

[PussyCat]

On the netbook, which was updated yesterday after (re)install, it seemed reasonable to allowed a complete update on the first occassion - the discrepancy with SPM notwithstanding.

On the laptop (again the discrepacy between the two mechanisms notwithstanding) it seems OTT for there to be so many available updates/upgrades (which is it?) only a month down the line! This is getting into the realms of a rolling release - which I hate - rather than just LTS.

Anyway, should I go with UM, perhaps only selecting priority 1 and wait for any 2 or 3 to move up the urgency level? And how frequently?

Personally, I would be quite happy not to do it at all (or at least very infrequently) once the system has been tweaked to my liking, so long as it continues to run smoothly and is not compromised, perhaps updating only if forced by the demands of any additional apps. Ideally it could be almost left alone until reaching the end of lts to give an extra lease of life! Indeed, had I been more on the ball and done an eleventh hour update, Helena would still be my choice as that absolutely purrs on all my machines.

Sorry - that's become more of a blog than a question!

[PS Why doesn't this editor spellcheck in Linux/Firefox - I'm sure it does in Win?!]

[passerby]

In your case, I'd say go with mintUpdate. Leave levels 1-3 enabled.
Also, go to Edit > Software Sources > Updates, then set "When there are security updates" to "Download and install immediately".
Doing this, you'll only get the safer updates (even disable level 3, if you're feeling paranoid), and they'll install automatically.

[PussyCat]

Dear passerby - thanks for your comments which will be taken under consideration. You will appreciate that, with 5 multiboot systems to maintain, I wish to minimise the amount of such maintenance!

PS How much of your 16Gb ram actually gets used?!

[passerby]

The most I typically use is 2-3GB.
I think the most I ever wound up using was around 8GB.
I'd rather have it and not need it than need it and not have it

[MtnDewManiac]

How much of your 16Gb ram actually gets used?!

The question is, how rarely does his system need to access the disk cache (if he even bothered to set one up)? Probably almost never (unless he suspends/hibernates) - and that, alone, is a good reason to have plenty of RAM. I have read that with some distros, the user can even type a command into the installer app which will cache the entire installation media into RAM, which is neat (and, probably, a lot faster than reading it piecemeal from a DVD). And, since I have at times noticed that I had over 100 webpages loaded into tabs in Firefox on my computer with a meager one gigabyte of RAM (I love Xfce, lol, think it only uses ~161 megs after boot and before I run anything other than the desktop and a bunch of panel apps), I would guess that with 16 gigs, a person could open "many" hundreds of webpages at once without hurting performance (although that might not be something that many people find themselves doing regularly, IDK).

I have the update app set to display all available updates, but keep the default setting of levels 1-3 being designated as safe. That way I can get the things that are almost certainly safe with just a couple of mouse clicks, but still get to see all of them. That way I can read the changelogs for each - although a lot of time whoever is in charge of picking the updates does not bother to include them (for some reason??? ), so it can sometimes require a web search unless one likes to play dodgeball whilst wearing a blindfold ).

Other than the notice informing you that there are upgrades available which won't be installed, there's no harm in the fact that Synaptic Package Manager won't be installing upgrades when you're installing/removing apps; that function is what the mintUpdate app is for, after all.

Regards,
MDM

[peterldg]

After reading recent Canonical vs. Mint discussions on security issues, it appears the Mint update manager has everyhting to do with the differences.

I don't want to take unproven updates and I appreciate the flexibility that Mint provides with their system.

How do the pro's manage their Mint systems in regards to security?

Can I do my banking from a Mint system?

[passerby]

How do the pro's manage their Mint systems in regards to security?

For the average user, the biggest concern is their browser's security.
The operating system itself is secure. The software on it, however, may not be, and your OS is only as secure as its software.
If you want to secure your system, first ask yourself what you do with it. What connections do you establish with other computers?
Chances are that your browser is the biggest threat, in which case the best advice I can give you is to start with this guide: http://www.insanitybit.com/2012/06/02/the-definitive-guide-for-securing-firefox/

Can I do my banking from a Mint system?

As per the above, I'd say it's fine if you've already taken precautionary measures.
Linux OS's may be secure, but the browser you use is just as insecure as on Window or OSX.
Through extensions like HTTPS Anywhere and noscript, online banking becomes far safer. I wouldn't do so on public networks though.

Online banking will always come with risks, no matter what system and network you're on. Convenience comes at a price.
In regards to the Canonical thing, I think the better question is whether he'd actually feel safer using Ubuntu to do online banking. The statement implies he doesn't think Mint is secure enough to do so, but realistically, I don't think anyone that nitpicky would use Ubuntu either. Or do online banking at all, for that matter.

[MtnDewManiac]

After reading recent Canonical vs. Mint discussions on security issues, it appears the Mint update manager has everyhting to do with the differences.

I don't want to take unproven updates and I appreciate the flexibility that Mint provides with their system.

How do the pro's manage their Mint systems in regards to security?

Probably by accepting those level four and five updates (kernel, et cetera) - and knowing how to fix things upon the rare occasion when one of those updates borks their system, lol.

Regards,
MDM

[peterldg]

How often does a 4 or 5 update screw up the entire installation?

I've updated from kernel 3.8 to 3.10 with no problems. The update saved my 3.8 install in my GRUB menu so I can always revert to it if I wish. Seems like a no brainer to me.

[MtnDewManiac]

How often does a 4 or 5 update screw up the entire installation?

At a guess, I would say rarely.

I've updated from kernel 3.8 to 3.10 with no problems. The update saved my 3.8 install in my GRUB menu so I can always revert to it if I wish. Seems like a no brainer to me.

That tends to work with kernel updates, I suppose. With the last distro that I used (as my every-day OS), when there was a kernel update, I received it along with the other updates - and never encountered an issue - as there was no system of "levels." The previous kernels were still, as you mentioned, available via the GRUB menu (until I removed them).

I am tempted to suggest that kernel updates should be given a lower "level" number, as their potential importance would appear to warrant it. Alas, a newer kernel is not guaranteed to be a "better" one, and I would guess that, often, the changes introduced do not benefit everyone (for example, a change is introduced which takes advantage of a feature present in a new(er) CPU... this does nothing for those who own systems with older CPUs). And this does not even consider the change which might cause problems for a given user; while I believe such problems are relatively rare, they have been known to occur.

IMHO, it is a sign that too much "stuff" now dwells within the kernel. It has become too generalized of a component. "Oh, that's in the kernel now..." When (much more) was separate, it was easier to think of different things having different "safety" ratings. With so much combined, though... The kernel could be considered to be a component that carries the importance of a level one(?) update - but still comes with at least the potential for harm that a level five designation would suggest.

I have this idea, IDK whether it is correct or not, that the developers of linux, in general, do not develop for the "least common denominator. In the Microsoft OS world, things might be closer to mediocrity than masterpiece, lol - but, hey, it'll run on most current computers. With linux, there is some striving to leave mediocrity behind, but this precludes the "works on anything" bit, I guess. IOW, if you just keep adding things as soon as they come out, sooner or later you'll likely break something.

I used to do a bit of racing. Make a change, hey that's great. Make another change, wow even better. Make yet another change... I just became an involuntary member of the DotC Club (Driven over the Crank) as I coasted over the bits and pieces of my engine that I spat through my oil pan onto the pavement. In my mind, linux carries with it the possibility of that. Unlikely with a bit of common sense - but there is much less of the "nanny protector."

Clem's use of the safety/stability rating system is a way to help prevent us users driving over pieces I mean being left with an unbootable computer. That's a good thing. Is it the best possible setup? Probably not, at least not for everyone - but I imagine that it has allowed more people to use linux as a "dumb user" than as a "geek." There does not seem to be a great number of posts here that begin with, "Hey, I installed today's updates on my computer. So now I'm posting this from my friend's computer to ask how I can make my computer functional again..."

I guess that security can carry risk; take away the risk, you take away some of the security. But that appears to be what the (US, at least) public wants. They've been lining up for years now to hand over both their security and their privacy for a little convenience, a few bells, a whistle or two, and something shiny. Perhaps the way Mint has things set up is just an example of playing to the actual wishes - as evidenced by their actions - of the public instead of their stated wishes. I think that, once, you could have given someone one of those Google cell phones and, after examining it, they'd have buried the thing out back in the midden heap. Now... Now, they pay two weeks salary (or worse, sign a two-year Rent to Own ( ) contract so that they can actually pay 3-4x the price) for the chance to pour their "private" data into it and out into the world. Go figure....

Perhaps it would be better to default to accepting ALL updates, but to have a foolproof (I know, I know, design something to be foolproof... and they'll just design a better fool, lol) "rollback" type of safety net? Then again, there already is such a thing - it's called backing up your system, and I'd be willing to guess that the majority of people who own and/or use a computer don't bother.

Regards (and rambles),
MDM

[peterldg]

I guess that security can carry risk; take away the risk, you take away some of the security.

This argument, I humbly (and maybe ignorantly), disagree with.

They've been lining up for years now to hand over both their security and their privacy for a little convenience, a few bells, a whistle or two, and something shiny.

I believe it's -The Perception of Fear- that has ignorant Americans handing over their privacy in return for 'safety'. Who are these people that rely on my security and/or insecurity? They are making the ignorant frightened.

I know, I know, design something to be foolproof... and they'll just design a better fool

Does ignorance = foolishness? What are the real threats to our system? What are the vulnrabilites? How can I protect myself?

I am a fool and ignorant. Does that mean I should be frightened? Does it mean I should hand over my privacy? How much risk am I taking?

[MtnDewManiac]

I don't believe that ignorance equals foolishness - but perhaps willful ignorance is?

But I went off-topic in my last post (apologies) and do not wish to do so again.

Clem made a statement on his Segfault webpage recently - in response to the "noise" about Update Manager and security updates - that is worth a read, IMO.

Regards,
MDM

[RacerBG]

Synaptic!

Well, you have better control with it.

[MacLindroid]

On the netbook, which was updated yesterday after (re)install, it seemed reasonable to allowed a complete update on the first occassion - the discrepancy with SPM notwithstanding.

On the laptop (again the discrepacy between the two mechanisms notwithstanding) it seems OTT for there to be so many available updates/upgrades (which is it?) only a month down the line! This is getting into the realms of a rolling release - which I hate - rather than just LTS.

Anyway, should I go with UM, perhaps only selecting priority 1 and wait for any 2 or 3 to move up the urgency level? And how frequently?

Personally, I would be quite happy not to do it at all (or at least very infrequently) once the system has been tweaked to my liking, so long as it continues to run smoothly and is not compromised, perhaps updating only if forced by the demands of any additional apps. Ideally it could be almost left alone until reaching the end of lts to give an extra lease of life! Indeed, had I been more on the ball and done an eleventh hour update, Helena would still be my choice as that absolutely purrs on all my machines.

Sorry - that's become more of a blog than a question!

[PS Why doesn't this editor spellcheck in Linux/Firefox - I'm sure it does in Win?!]

Why, in the computer world, is it called a spell check? Proper English = spelling check. Nobody needs to see if some witch had cast a spell; we need to see if spelling is correct. The problem most likely comes from developers who cannot use proper English. My mother tongue is not English yet even I know better than native speakers of the language,

Imagine having an exorcist installed.