What is Mint's current "official" recommendation about updates?

[Pjotr]

Usually, kernel updates aren't very important for desktop users. But as smurphos already pointed out, the Meltdown/Spectre disaster does make kernel updates essential for desktop users as well.

Since 18.2 the official viewpoint is: do install level 4 updates (including kernel updates), but *in isolation*. Meaning: not together with the batch of level 1-2, but one by one, with a reboot in between. So that when something goes wrong afterwards, you can pinpoint the update that caused the breakage. Which makes fixing it easier.

Pretty clear, I think.

But Update Manager also allows for setting your own policy. I'm "sysadmin" for some people who know very little of computers. On their machines I've disabled all level 4 updates (including their visibility), so no kernel updates for them. They only install level 1-3. All for the sake of stability.

Because of Meltdown/Spectre I've updated their kernels, because that simply couldn't be avoided. But as soon as this particular disaster has been dealt with thoroughly, maintenance will go back to normal....

[Cosmo.]

Otherwise you have to explain, why you want to get updates displayed, that you will never apply.

And somebody needs to explain to me why I am presented with updates that shouldn't be installed.

At first: A counter question is not a replacement for an answer. I still have no idea, why you want to display something, what you had already previously decided to ignore.

Second: Where is this been said? Or in other words; where do you take this from? In the title you asked for the official recommendation. Now a look into the help file (can there anything more official than that?) it reads:

All level 3 updates are recommended but you are expected to be cautious and to know what you are upgrading.

Exactly the same wording for level 4.

It says 2 things: At first: all are recommended. (This does not exclude, that some, namely security updates, are more urgent than others.) At second: Apply them with care. What "care means" is also described in the help file and I have covered that in detail in my first reply and filled the existing holes in the help file's documentation.

Are we now supposed to automatically install every new update and kernel that comes along, regardless of whether we have some reason to do so?

You are supposed to do updates never "automatically". This was never the case and it is also now not the case. You are supposed to apply updates in a way, that you can say after a regression, this update gave the issue. For level 1 & 2 updates saying that is rather easy: A Firefox update will never break anything else than Firefox, and so on. But level 3 & 4 have greater impact and in case of a regression it is hard or impossible to say, that the culprit lies in update x or update y or .... So they should get applied one by one, because only then it is possible to say something about the source of a regression. I go here fully with the help file which gives ths advice as well for level 3 and level 4 (regarding LM 18.2 / 18.3).

If your system accumulates security holes over time, than blame yourself.

And then who do I blame when I install updates of every level, and my system ceases to function?

The update, which you installed at last. Obviously.

The principle about this situation had been covered by Clem already 4 years ago.

Yes, I read that, and it is no clearer to me now than it was after the two times that you "explained" it. And obviously, I am not the only person who is confused by this. Why do we have this "Levels" system at all, if we are supposed to install everything?

I want to pick a small part of Clem's post:

So I'm sorry. I know what you want... a big red sign that says DONT TAKE THAT ONE, or a nice green label that says JUST DO IT. It isn't like that though.

Regarding TS: I will describe here one thing, which I had described already some time ago on another place. I repeat it, so that we have it on one place. (And I have the intention, to point in the future in case of questions to this thread instead of writing the same over again.) If there should happen a severe regression, which prevents the system to boot into the user's desktop, you can still revert it with TS (a proper snapshot provided) by booting in another system. This other system can be a live system. I strongly recommend to have a live system of Mint 18.3 handy. The live system of 18.3 has TS already installed. (But TS can also get installed in other live systems with older Mints or with Ubuntu. Older Mints have the advantage, that you find TS in the official repositories, so that you do not need to hunt for the PPA.) You open there TS, open the preferences and set the location to the drive, where the snapshots reside. Now you can restore the broken system to the previous state and you are back in business. I have tested also this method (although my test system was not broken) to find out if this works and I can report, that it does! Now let us assume as an example, that the upgraded graphics driver was the culprit; you know this, because you followed the advice from the help file and updated it solely. Now you go back into the restored system, exclude this update in the update manager via right click and it will following that not let the blue shield appear (if other updates have been applied.)


One thing is impossible to do for Mint: It can not prevent, that regressions happen and that packages, which force them, arrive in the repositories. But Mint can and does provide tools and mechanisms to keep those situations manageable. Clem liked to name the software manager as the star of the show in the change log for 18.3. In my eyes the corrected version of the update manager and TimeShift are the stars; a double star, so to say.

[jimallyn]

The official word is: "Upgrade for a reason", my opinion is at now: "Don't upgrade, except you have a reason" - Cosmo., July 28, 2016

Upgrade for a reason. If I look at my test installations I don't see the reason to upgrade, but I see many reasons to not upgrade. - Cosmo., September 19, 2016

There are many more statements along this line on the forums, from you, and from others.

And how many times does this statement appear on the Mint Blog: "Upgrade for a reason 'If it ain’t broke, don’t fix it'"

Lots, often accompanied with something along the lines of, "You might want to upgrade to Linux Mint 18 because some bug is fixed or because you want to get some of the new features. In any case, you should know why you’re upgrading. As excited as we are about Linux Mint 18, upgrading blindly for the sake of running the latest version does not make much sense, especially if you’re already happy and everything is working perfectly."

So, we are told to be cautious about updating, and we are told to update everything. And why even bother to have 3 different policies when, unless you chose the third one, Mint update will constantly show you the blue icon that says updates are available. Why not just make a statement somewhere to check the Update Manager for updates now and then? For two of the three update policies, that blue icon is useless.

[smurphos]

There is a semantic difference between upgrade and update in this context though. Upgrade e.g. from 17.3 to 18.x for new features, update within 17.3 to ensure the system is secure.

A fully updated 17.3 as it stands should be a secure as a fully updated 18.3. Of course an upgrade for security reasons becomes necessary when support ends for a particular version.

[Cosmo.]

Jim, you are now mixing "updates" and "upgrades".

Regarding upgrades: I stand with what I wrote about that and the longer I look at the LM 18 branch the more I congratulate myself, that I followed this concept.

But your thread is about updates - your decision and your title. Although both gets done through the update manager it are 2 quite different things and hardly to mix. You will nowhere find an official wording like "update for a reason"; also I cannot remember having read something like that from any of the long time members here (me inclusive).

Regarding the update policies: I wrote in the nearly 2 years, since this "feature" exist, that I find them to be a wrong concept. I even created in the last summer an own thread about that policy concept. If I would use LM 18.x I would at first select a policy (which does not matter, they are all wrong, as I described in that thread), because Mint forces me to do this nonsense, than I would adjust the settings in the preferences of UM according to my description in the linked thread.

But those questionable policies do not change anything about the fact, that (security) updates have a meaning, and this meaning is not to search for a reason to apply them. The fact, that the vulnerabilities do exist is reason enough.

[Teksonik]

I have installed every update ever presented to 18.3 on this computer, level 1-5 and I've never had an issue. Perhaps I've just been lucky but I'll continue to do so.......

[Pjotr]

I have installed every update ever presented to 18.3 on this computer, level 1-5 and I've never had an issue. Perhaps I've just been lucky but I'll continue to do so.......

Not level 5, because there have been none so far. If there ever would be one and you would install it, you're rather likely to get problems.

Level 5 in Mint 17.x is something quite different from level 5 in Mint 18.3.

[Teksonik]

I don't actually remember getting a level 5 but I just included it to make the point that I have accepted every update that's been offered to Mint 18.3 on this system.

[smurphos]

I do think it would a be a great idea to have a 3 indicator system for the icon - Updates available (general), Updates available (uninstalled security) and Fully updated.

Feature request submitted...

https://github.com/linuxmint/mintupdate/issues/320

[RobertService]

There are two major 'take-away' s from this post--

1) I thought (as a newbie) that questions like this were to be asked by newbies, and would be answered--with authority--by the moderators who, after all, should have an inside track (I thought) to the 'higher-ups' at Mint. This topic indicates that moderators enjoy no such privilege, and that their knowledge base is only as 'experiential' as that of the rest of us (I would hasten to add that some, such a jimallyn, possess a lot of 'experiential' knowledge; the fact that he has to pose this question demonstrates the seriousness of the problem).

2) All one has to do is simply read the answers (comments) to jimallyn's question to see exactly how fractured and logically inconsistent Mint's answer to this problem is; most answers to jimallyn's question boil down to what the commenter thinks.
There is no sense wasting more words on this--there is only one answer, one conclusion: this problem belongs to Linux MINT; it has been created by Mint, and needs to be resolved by Mint.
You, jimallyn, and the rest of us will not get an answer until Mint gives us an unequivocal, logically consistent answer.

[Cosmo.]

If you want so, you have the official answer here, but this surely not the place, where the users (with a small exception) will likely find them. Proper documentation on the proper place would be needed, but if this does not exist, we cannot invent it.

I am all but surely not a Mint official. But I pointed out already half a year ago, that the behavior of the tray icon at that time (for 18.2) is wrong and that it gives a wrong information to the user. Half a year later this has been corrected for 18.3, but the change log (What is new in ...) did not say a word about it. If this mistake would not have been done, this thread would either never got created or the title would have been worded differently to what it is now.

[jimallyn]

1) I thought (as a newbie) that questions like this were to be asked by newbies, and would be answered--with authority--by the moderators

Nobody has all the answers, not even the moderators! I answer questions when I can. Sometimes that means doing a bit of research to find the answer or to clarify what I think I know. But there are plenty of times I see somebody ask a question and I just have to admit that I don't know enough to answer that one, and hope that somebody else will have the answer.

2) All one has to do is simply read the answers (comments) to jimallyn's question to see exactly how fractured and logically inconsistent Mint's answer to this problem is; most answers to jimallyn's question boil down to what the commenter thinks.

That may be so, and I suppose to some extent that sort of thing is to be expected when all assistance is offered by volunteers and there are no paid support people. (I suspect Mint would be just fine with it if somebody wanted to donate enough to hire a paid support person!) It is only rarely that I have ever requested paid support on any product I use, but have found that even then, the answer may depend upon who happens to answer your call, and may range from perfect to absolute junk. Overall, the volunteer support system works well. We have a lot of very knowledgeable people here who generously give their time to helping others.

Admittedly, my momentary "brain fart" confusion between update and upgrade added to the confusion here.

There is no sense wasting more words on this--there is only one answer, one conclusion: this problem belongs to Linux MINT; it has been created by Mint, and needs to be resolved by Mint.

William Edwards Deming would agree with you:

“It is not enough to do your best; you must know what to do, and then do your best.” - William Edwards Deming

“What should be the aim of management? What is their job? Quality is the responsibility of the top people. Its origin is in the boardroom. They are the ones who decide.” - William Edwards Deming

“The worker is not the problem. The problem is at the top! Management!” - William Edwards Deming

“Blame the process, not the people.” - William Edwards Deming

“The supposition is prevalent the world over that there would be no problems in production or service if only our production workers would do their jobs in the way that they were taught. Pleasant dreams. The workers are handicapped by the system, and the system belongs to the management.” - William Edwards Deming

I used to get in a lot of trouble, even got fired a number of times, for pointing out to management at companies I worked for that the problems in their company are of their own making. The difficulties of managing a company are compounded on open source projects, where many or all of the "workers" are volunteers, and "management" is often doing many jobs at once: writing software, assembling and testing all the components for a new release, writing documentation, and other chores that might best be described as "putting out fires" or "herding cats." Add to all that the difficulty of doing it in multiple languages. Mint does an awesome job with the resources they have. They are working at creating new documentation, which I suspect may be a slow project, but will be very helpful to new users. See for example:

http://linuxmint-installation-guide.rea ... en/latest/

But getting back to the topic at hand, I still don't know what I'm going to tell people now when I install Mint for them. It used to be I would just tell them to run the Update Manager when the icon turns blue, but for many of them the icon is going to be blue all the time now. Nor am I sure exactly what my update policy is going to be from here on out.

If you don't know who William Edwards Deming is, he came up with some ideas on quality starting in (I think) the 1920s and 1930s, and went to (mostly U.S.) companies with his ideas. They weren't interested. After World War Two, the Japanese decided that, having just had all their industry destroyed, they were interested. The quality of their products went from "cheap Japanese junk" to putting the U.S. consumer electronics industry out of business, and nearly doing the same to the U.S. automobile industry. If you're interested in that sort of thing, read Demings' book, "Out Of The Crisis."

[RobertService]

This is the first time in a very long time that Mint has not been in first place, on DistroWatch.
If Linux Mint officials do NOT address the problems outlined in this post and continue to ignore the issue, this "update problem" could well turn into the nail which lost the war ("For want of a nail...").

[jimallyn]

This is the first time in a very long time that Mint has not been in first place, on Distrowatch.

Mint is still in first place in the last 12 months, the last 6 months, and the last 3 months. But Manjaro is first in the last 30 days and the last 7 days. Wonder why?

[MintBean]

Whilst I wouldn't read too much into a short term Distrowatch ranking, I think Mint's made a poor decision here with the update manager. It's one of the most criticised elements of Mint but I've always understood and agreed with their decisions up until now. At this point I think they've made a poor decision that's going to confuse or irritate people.

[RobertService]

One can only hope that Clement Lefebvre reads more into this disturbing turn of events on DistroWatch than Mark Shuttleworth did when Ubuntu lost its first-place ranking...permanently, and decreasing ever since.

[somelurker]

I'm going to have to respectfully disagree with Cosmo's argument that 1) Either the system is completely up to date and secure or 2) The system is not secure because a few updates the user has chosen with good reason not to apply are not installed.

For one, I sometimes newer kernel versions than the ones suggested by Update Manager. On one of my machines with the older version of the Update Manager (from Mint 18), I constantly get offered a kernel update with a version number of 4.4.0-x. Yet I have the latest kernel from the 4.15.0-x series installed. Am I unsafe because I have chosen to install a newer version of the kernel? I don't think so. I think Update Manager is simply suggesting the latest version of the 4.4.0-x series because it assumes all users are using the 4.4.0-x series of kernels. However, this is a false assumption. This shows that security is not black and white and that user choice can sometimes directly impact the relevance of an update to security.

Secondly, the assumption that security should always be the paramount consideration when considering whether to notify a user that updates are available is flawed. The user should get to decide under what criteria she is notified of updates. Perhaps the system is used only for testing purposes and therefore security of the type provided by Update Manager is not a concern at all. Does it matter if a virtual machine is compromised if the user plans to restore a snapshot at the end of their testing session anyways? Probably not. Why shouldn't the user at least be offered the choice of showing only updates relevant to her situation? Ultimately, I am the user of my system, and I should get to decide how much importance to place on security. Nobody tells me how many locks I need to put on my door. I make that decision and if a burglar breaks in, I accept all the consequences of my decision. But it should be my decision nonetheless.

Third, the view that all updates must be applied is neither a necessary nor a sufficient condition for ensuring security in all contexts. To equate applying all updates with total security is an oversimplification. If a user works for a company that handles sensitive information, even applying all updates alone may not be sufficient to ensure the security of that information. On the other hand, if the computer is only used as a Netflix machine with a browser that is already updated frequently, it hardly seems necessary to apply every single update in a timely manner all the time. Why should Update Manager, rather than the user, get to define what security means?

To address the point that removing certain updates from being displayed will stop Update Manager from nagging you should be the solution, I would have to disagree. The purpose of a computer system can change over time. A computer that started out being used for one reason can be adapted to serve other purposes over time. If so, then the updates users choose to install may also change over time. Hiding the updates makes it easy to forget that the updates exist at all, and may leave the user with fewer choices. It may make it harder to diagnose the cause of problems when obsolete packages are used. It wastes time restoring those updates should they become needed again. A displayed but not applied update does have a practical meaning, but the meaning may have little to do with security, and as I already pointed out, even the definition of security can be different for different users.

Lots, often accompanied with something along the lines of, "You might want to upgrade to Linux Mint 18 because some bug is fixed or because you want to get some of the new features. In any case, you should know why you’re upgrading. As excited as we are about Linux Mint 18, upgrading blindly for the sake of running the latest version does not make much sense, especially if you’re already happy and everything is working perfectly."

So, we are told to be cautious about updating, and we are told to update everything. And why even bother to have 3 different policies when, unless you chose the third one, Mint update will constantly show you the blue icon that says updates are available. Why not just make a statement somewhere to check the Update Manager for updates now and then? For two of the three update policies, that blue icon is useless.

jimallyn makes an excellent point here. Overall, I think making the behavior of Update Manager all about security is a distraction. Let's not lose sight of the bigger picture. The first time Update Manager is launched, the user is allowed to choose between "Don't break my computer!", "Optimize stability and security", and "Always update everything." Clearly, the intention here is to give the user choice, which should be the paramount consideration. The intention of Update Manager was never to coerce users, but to give them a choice on what they want to install. Moreover, the very existence of these 3 choices shows that security is not the only value that is of importance to users; it must be balanced with functionality as well. What use is a very secure system that cannot boot up? Regardless of how the icon behaves, choosing one of these 3 choices will lead to different updates being installed. Why shouldn't the icon respect the choice the program itself has given the user? If the user chooses to display but not install updates, the icon should not nag users about a choice they have already made.

It is still possible to use the advanced preferences to change the default behaviour of always displaying security updates and kernel updates irrespective of level preferences. But that is something for the end-user to decide.

I do think it would a be a great idea to have a 3 indicator system for the icon - Updates available (general), Updates available (uninstalled security) and Fully updated.

I agree that the end-user should be allowed to decide what the default behavior would be. The problem right now is that the icon, which many users clearly rely on, imposes behavior regardless of user choice. Rather than having an indicator system for the icon, I think it would be better to allow the user to decide when the icon shows up in the first place. The icon is tiny. If it always sits in the system tray, how many people would pay attention to whether the icon has changed? It would be far easier to notice whether the icon was missing or not. Just to be clear, I'm not opposed to having a system that more clearly indicates what types of updates are available. I just don't think having this system alone should justify depriving the user of the ability to control whether the Update Manager icon shows up at all.

I think the criticism that Mint is somehow encouraging poor security practices by not forcing an icon on the user is without merit. Nothing is ever encouraged. The user gets 1 of 3 choices the very first time they run Update Manager, and all Mint has ever done is respect that choice...until now.

I've been using Mint for years. I've always found Update Manager's icon useful. Whenever updates that I had specifically chosen to select for installation were available, the icon would show up. Otherwise, it wouldn't get in my way. I think the best solution is to take advantage of features that are already built into Update Manager. Let the user choose what updates are visible, and what updates are selected by default. Once all updates that the user has chosen to select by default have been downloaded and applied, lose the icon. To satisfy other users, simply add a feature that lets them fine-tune exactly when Update Manager's icon shows up. Right now, there is no option to disable the icon from showing at all once all desired updates are applied. In general, I think users need to be able to set the behavior of Update Manager to best suit their needs, and right now a single behavior is forcefully imposed on them.

[jimallyn]

Well said, and thank you, somelurker.

[Cosmo.]

For one ...
older version of the Update Manager (from Mint 18)

This thread is expressively about the latest version of Update Manager (UM) in Mint 18.3 and the change, as introduced with it, as expressively said in the starting post.

Secondly, the assumption that security should always be the paramount consideration when considering whether to notify a user that updates are available is flawed.

For the average user this is the paramount consideration. And they are most likely about 90 % of all users. Following that I strongly disagree.

The user should get to decide under what criteria she is notified of updates.

How exactly? I miss any practical suggestion. Shall a user have to walk through all of the thousands of installed packages and judge them? I do not claim to know all of them and I cannot imagine, that only one person knows all of them.

Perhaps the system is used only for testing purposes and therefore security of the type provided by Update Manager is not a concern at all. Does it matter if a virtual machine is compromised if the user plans to restore a snapshot at the end of their testing session anyways?

What hinders you to deactivate UM autostart in this case completely? I agree, that it makes no sense to update a VM, which gets reset to the snapshot after usage. But this is no argument against for displaying th updates for average users.

Why shouldn't the user at least be offered the choice of showing only updates relevant to her situation?

Again I miss any practical suggestion. Besides that: You can disable all level and security and kernel updates from displaying and you have, what you want. But also again: Simply deactivating UM is the quicker method.

Ultimately, I am the user of my system, and I should get to decide how much importance to place on security. Nobody tells me how many locks I need to put on my door. I make that decision and if a burglar breaks in, I accept all the consequences of my decision. But it should be my decision nonetheless.

You have the decision. If you do not use the preferences, than this is also your decision - and you have to "accept the consequences". Quite easy.

Third, the view that all updates must be applied is neither a necessary nor a sufficient condition for ensuring security in all contexts. To equate applying all updates with total security is an oversimplification.

You are right in so far, that the real world is not only black and white. And of course you are right, that a fully updated system does not mean, that there are no security holes, e. g. because there is for a given leak no fix available. This is bad reality. But it does not change, that a not applied security fix is nothing else than a security hole. An open hole is never an advantage regarding security, but always a leak. Nothing can change that.

If a user works for a company that handles sensitive information, even applying all updates alone may not be sufficient to ensure the security of that information.

Quite right. Too many companies make too much mistakes and protect the data too few - far to few. No security update can prevent such mistakes and following that this is not a question of UM and consequently of topic (although in principle an important problem).

Why should Update Manager, rather than the user, get to define what security means?

Either I am from another planet or there is something totally illusionary. The user shall define the meaning and relevance of security fixes? Fact is, that even security experts do have in some cases a different opinion, how relevant a security leak is at all. No, saying that the average use is able to judge about this, is beyond any reality..

To address the point that removing certain updates from being displayed will stop Update Manager from nagging

Which nagging? UM shows an icon. Point. No popup or anything else, nothing. This icon represents an information. Maybe you don't like the information, but this does not change the least about the state of the system. You can ignore it, you can dismiss UM, but this does not change anything about the current state.

A displayed but not applied update does have a practical meaning

Very correct. But than don't let it display. I do not understand, why somebody wants the icon to get displayed but decides, to not apply the updates. Even less I understand, why somebody does want UM to lie. A lie is a lie, how ever you describe the circumstances. If a user has a very spacial usage, than he can accommodate UM to his very special need. But Mint is made with the average user in mind, and that are about 90 %.

Regarding the 3 policies: I had written already 1 year ago, that those policies are a mistake in itself and I have linked in one of my posts in this thread to this post.

all Mint has ever done is respect that choice...until now.

No. UM lied in the previous versions. Maybe, that some people feel better, if they get a lie, but the state of the system does not get better with the lie. Saying to get back to the old behavior does actually mean: I want UM to lie at me.

Let the user choose what updates are visible, and what updates are selected by default.

Now you have repeated this for the third time, but you never made a suggestion, how this should be doable. At first from the practical view and at second from the question, which users should be able to judge about it.

[Pjotr]

Right now, there is no option to disable the icon from showing at all once all desired updates are applied. In general, I think users need to be able to set the behavior of Update Manager to best suit their needs, and right now a single behavior is forcefully imposed on them.

But such an option does exist already:
In the Preferences of Update Manager, click the Options button and remove the tick for: "Always show security updates" (which is, if I understand correctly, your main gripe). You might also want to remove the tick for "Always show kernel updates".

Note: I don't recommend this as a general course of action for everybody!

Update Manager can be tweaked in a very fine-grained way, to behave exactly as you wish. You aren't being forced in any way.