Thanks,
FreedomOfTheOpenCode - useful but I think we need more in depth, more about why the
common misconception that Linux is invulnerable is plain wrong, more simple tutorials, and some place for helping people who have a problem. {And maybe even some moral/political philosophy about freedoms & privacy, for those who don't understand! }
Mint users deserve to have direct access to the whys & wherefors, and the howtos, even if it is just pointing people at fuller resources elsewhere.
And also it's just possible that some Mint developers may need to be reminded occasionally of their responsibilities to the community, especially if they just feel that fundamental essentials are boring and 'in the way'.
@
Previous1
when you wrote
Even Linus himself thinks security is boring (feel free to google on that).
You could easily send people away with an incorrect view of the man's thoughts on that!
He's also said:
To me, security is important. But it’s no less important than everything *else* that is also important!
which is to say, boring
but entirely necessary...
(that's without even going into the point that
ordinary bugs can be massively inconvenient, and also lead to vulnerability.)
Linus Himself has also spoken (and signalled) about the attentions of the NSA, a reference here:
http://www.youtube.com/watch?v=wwRYyWn7BEo
Previous1 also noted
... like, for reasons I can't fathom, like disabling AppArmor entirely because "it breaks pdf printing" - (for what it's worth, it doesn't) ...
Now there's a case in point -
why is that acceptable if it is without reason,
why hasn't the state of affairs been corrected - and
who exactly is behind that sort of 'accidental' oversight? And should they be trusted by the rest of us?
I regret having to make that point, but it's a reality.
Perhaps I have a bias from being a former head of technical security. But that was on a different platform, and decades ago; I'm out of my depth in Linux & frankly very concerned by some peoples' lax approach. But then I also have wider experience & I'm pretty well the opposite of the 'black-and-white' bore Linus imagines - I do know the type -
http://news.cnet.com/2100-1007-6243900.html
From development management & QA experience I'd agree with what Westerback is quoted as saying in that article, that software produced by people interested in security "probably works better in most cases because a belief in simplicity, clarity, and consistency usually produces better code than other approaches."
I'd like to emphasize again that it isn't just the snooping by over-reaching govermental bodies in foreign nations (potentially passing on financial intelligence to favoured players) that is pertinent, it's that if vulnerabilities - bugs, backdoors - exist for any reason, they become available for baddies to use as much as for anyone else.
That is to say, if anyone thinks that lax or tacked-on security is an acceptible trade-off for some other form of utility, are they happy to have all
your data compromised, or erased, or for all
your passwords to be used by some third party?
It leaves me unhappy. And verging on TL;DR
We need a security/privacy forum here.