Safety of Linux Mint

Questions about the project and the distribution - obviously no support questions here please
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 6 months after creation.
Locked
Sereiya

Safety of Linux Mint

Post by Sereiya »

Hello there,

I'm currently trying out several distro's to determine what I like most and want to switch, because Windows is... well, Windows. Since I already used Linux Mint some years ago (should be when version 14 was around) and really like it I'd love to use it as my daily driver, but I'm concerned about its security.
As far as I know, Mint is based on Ubuntu, including their repos and bunch of their software. My information about Ubuntu and Canonical is that they broke with the open-source premise at some point, including closed code into their distro. Which obviously means that, theoretically, software from Canonical can't be checked for backdoors and such stuff.
I don't know how much of what software Mint is using and either software specifically developed for Mint is closed too, so my question is, how safe is Linux Mint in terms of software security and protection against compromised code? What's the dev's standpoint on this topic?

- Luna
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
gm10

Re: Safety of Linux Mint

Post by gm10 »

Closed-source software like Adobe's flash player only gets installed when you specifically ask for it.
RIH
Level 9
Level 9
Posts: 2834
Joined: Sat Aug 22, 2015 3:47 am

Re: Safety of Linux Mint

Post by RIH »

If you like Mint but don't trust Canonical then you should try LMDE-3 instead.
It does tend to lag behind on package updates & you cannot add PPAs but that is a small price to pay..
Image
Sereiya

Re: Safety of Linux Mint

Post by Sereiya »

Oh, you're right. Didn't noticed it as an own distro, thought it'd be just another desktop manager... :roll: Thanks for the hint.

Well, technically you probably can add PPAs, it's just always complaining after doing so like Debian I guess?
User avatar
Arch_Enemy
Level 6
Level 6
Posts: 1491
Joined: Tue Apr 26, 2016 3:28 pm

Re: Safety of Linux Mint

Post by Arch_Enemy »

Sereiya wrote: Mon Apr 15, 2019 10:10 pm Oh, you're right. Didn't noticed it as an own distro, thought it'd be just another desktop manager... :roll: Thanks for the hint.

Well, technically you probably can add PPAs, it's just always complaining after doing so like Debian I guess?
I have had far, far more issues adding PPAs than anything else I have done with Mint. PPAs are run by individuals who have taken a package Ubuntu doesn't support and massaged them so they work. Most of the time. Not always. But, if you're worried about security, you really don't want to add PPAs by default. And, unless you're trying to get something specific working, like your &^*&#@*! CANON PRINTER running, or some photo or video software that's not supported, you really don't need them. Most PPAs have some sort of documentation that offers whatever is was the maintainer had to load to get the final product to work, so you can just follow their recommendations and try to find .debs (Using Gdebi to install the final program), or compile it yourself. And it has become far, far easier to do so than in the old days!

And another caveat about PPAs is, sometimes they are abandoned, but never taken down.

And, you CANNOT at PPAs to LMDE. Doesn't work.
I have travelled 37629424162.9 miles in my lifetime

One thing I would suggest, create a partition as a 50G partition as /. Partition the rest as /Home. IF the system fails, reinstall and use the exact same username and all your 'stuff' comes back to you.
User avatar
Pierre
Level 21
Level 21
Posts: 13192
Joined: Fri Sep 05, 2008 5:33 am
Location: Perth, AU.

Re: Safety of Linux Mint

Post by Pierre »

the LinuxMint Project is based upon the Ubuntu Project,
& which in turn is based upon the Debian Project.

the Team.LinuxMint then applies it's own modifications to obtain,
it's own product & which is then released to the General public.

thus the Main Issues, that do arise - - are usually occurring from the UP-stream product.
ie: not that many issues can be resolved at the LinuxMint level.

NB: the LinuxMint Project Does Not Include much propriety products,
as an rule in it's base installation - - most of those do have to be approved by the End User,
- after the Operating System has been installed.
Image
Please edit your original post title to include [SOLVED] - when your problem is solved!
and DO LOOK at those Unanswered Topics - - you may be able to answer some!.
Smeejo1

Re: Safety of Linux Mint

Post by Smeejo1 »

I can't seem to find the post now but there was one from the Mint devs awhile back where they said if the upstream products (Ubuntu or Debian) add things that breach user privacy or security they would patch it, remove it, or find a way around it before releasing it to us. So far they have kept their word to my knowledge so software security should be fine.
User avatar
Arch_Enemy
Level 6
Level 6
Posts: 1491
Joined: Tue Apr 26, 2016 3:28 pm

Re: Safety of Linux Mint

Post by Arch_Enemy »

And, I think UFW is installed by default. If you want to "see" what you're doing you can install GUFW for a graphical interface, and with a small amount of reading can lock in or out anything you want to.


Caveat: one setting in GUFW, when selected, will lock out port 8080, and there goes your web browsing!
I have travelled 37629424162.9 miles in my lifetime

One thing I would suggest, create a partition as a 50G partition as /. Partition the rest as /Home. IF the system fails, reinstall and use the exact same username and all your 'stuff' comes back to you.
User avatar
Pjotr
Level 23
Level 23
Posts: 19890
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland) 🇳🇱
Contact:

Re: Safety of Linux Mint

Post by Pjotr »

Linux Mint is very secure. Even though it may contain some closed code, just like any other Linux distribution that's "halbwegs brauchbar" (of any use).

You'll never be able to achieve 100 % security. Not in real life and not in the digital world. Not even when your computer is running Linux.

You should always use your common sense. And even then it can go wrong. A certain amount of risk, however small, is unavoidable. A Frenchman would say: c'est la vie.
Tip: 10 things to do after installing Linux Mint 21.3 Virginia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Hoser Rob
Level 20
Level 20
Posts: 11806
Joined: Sat Dec 15, 2012 8:57 am

Re: Safety of Linux Mint

Post by Hoser Rob »

Sereiya wrote: Mon Apr 15, 2019 10:10 pm Oh, you're right. Didn't noticed it as an own distro, thought it'd be just another desktop manager... :roll: Thanks for the hint.

Well, technically you probably can add PPAs, it's just always complaining after doing so like Debian I guess?
If you're that concerned with security ppas are the last thing you want.

pjotr's right, you can't make a useable distro without cllosed source code. Just as a start, 100% FOSS browsers just aren't going to be useable by the vast majority of people because HTML5 has embedded DRM. And that's closed source by definition.

You also can't assume that open source software is more secure. There was a Linux security bug found in encryption software a cuple of years ago that was over 20 years old. It was hiding in plain sight ... encryption algorithms often use advanced number theory. Which almost no one can undersdtand. Which makes the fact that anyone can read the source almost meaningless.

There's no such thing as a 100% safe OS but Linux is very, very good. I've taken some ridiculous liberties, like reinstalling Linux on my netbook (which only gets used out and about in hotspots) and forgetting to turn on the firewall. For a montth. Not recommending anyone else do that, but I never got hacked.
For every complex problem there is an answer that is clear, simple, and wrong - H. L. Mencken
Sereiya

Re: Safety of Linux Mint

Post by Sereiya »

Thank you for all the answers!

Of course I'm aware there's no such thing as perfect security. I just try to figure out where the greatest impacts are to estimate the best way to go, and since I heard a lot of bad stuff about Canonical and their way for Ubuntu it worried me the most. Don't want to move from one questionable corporation to the next.

If the Mint devs got enough resources to have an eye on the security topic, like Smeejo suggested, I think I can live with it. In the end it's probably far more safe than Windows, and it's too much to ask for a jack of all trades. Sadly, most distro's just can't compete with Mint in terms of easy usability (even using the same Cinnamon version like Antergos, they're missing options and that smooth polishing Mint seems to enjoy).
Arch_Enemy wrote: Mon Apr 15, 2019 11:05 pmI have had far, far more issues adding PPAs than anything else I have done with Mint.
Just tried it in Virtualbox. I see what you meant... ^^
Arch_Enemy wrote: Tue Apr 16, 2019 1:25 am And, I think UFW is installed by default. If you want to "see" what you're doing you can install GUFW for a graphical interface, and with a small amount of reading can lock in or out anything you want to.
Saw that too. Nice to have a small but proper firewall, tho' I'm interested in a little bit more information about the kind of that network activity I see. :wink: I've heard about nethogs and will dig into that later this day.
phd21
Level 20
Level 20
Posts: 10103
Joined: Thu Jan 09, 2014 9:42 pm
Location: Florida

Re: Safety of Linux Mint

Post by phd21 »

Hi Sereiya (Luna),

Welcome to the wonderful world of Linux Mint and its excellent forum!

I just read your post and the good replies to it. Here are my thoughts on this as well.
Sereiya wrote:I'm currently trying out several distro's to determine what I like most and want to switch, because Windows is... well, Windows. Since I already used Linux Mint some years ago (should be when version 14 was around) and really like it I'd love to use it as my daily driver, but I'm concerned about its security.
Linux Mint is an excellent choice for an operating system. And it is more secure than MS Windows or Mac.

It would help to know more about your system setup. If you run "inxi -Fxzd" and "lsusb" from the console terminal prompt, highlight the results, copy and paste them back here, that should provide enough information. You can add somoe of this information to your forum signature as well.

There are additional procedures that Linux Mint users can do to make sure they are even more secure and there are many posts already in this forum on this topic.
- Enable the Linux software firewall (gufw)
- Use "firejail" sandboxing for all applications that access the Internet
- Add browser extension add-ons related to security (an ad blocker like "ublock origin", privacy protector plus or privacy badger, fingerprint blocker or masker, disconnect, etc...)
- Use good passwords (17-20+ mixed characters, with some numbers, and some symbols) NEVER store important secure passwords in your browsers, use a good password manager (keepassxc, etc...)
- Never open attachments in emails or browsers that you did not ask for (request) or do not know what it is.
- Change your default ISP connection's DNS server IP addresses to those from a secure DNS provider like Cloudflare. Recommend DNS over TLS as well.
- Use a VPN provider's servers for anonymity and encrypted Internet activity.
Sereiya wrote:As far as I know, Mint is based on Ubuntu, including their repos and bunch of their software. My information about Ubuntu and Canonical is that they broke with the open-source premise at some point, including closed code into their distro. Which obviously means that, theoretically, software from Canonical can't be checked for backdoors and such stuff.
I don't know how much of what software Mint is using and either software specifically developed for Mint is closed too, so my question is, how safe is Linux Mint in terms of software security and protection against compromised code? What's the dev's standpoint on this topic?- Luna
Using a sandboxing application like Firejail with applications accessing the Internet will prevent damage to the rest of your system including Adobe Flash and other potential threats. Updating your system with security updates, Linux Kernel updates, and application updates will usually protect you and your computer from known issues. I am very impressed with how quick Canonical and Ubuntu and other software developers come out with security updates when issues arise. FYI: Because there are still websites using Adobe Flash, I still have it installed but I make sure the browser settings are set to ask first before allowing Flash content (default settings in most browser now) except on websites where I have already given permission to allow flash to run automatically.

As for installing software, always look for additional software to install first from the Mint software repositories (Software Manager or Synaptic Package Manager (SPM)), then from other sources. Because Linux Mint is free and open source, in order to use some closed source software for added capabilities, Linux users must install those manually like when checking to install 3rd party software during installation.

If there is software that you want and it is not in the Mint software repositories, or there are newer versions available that have features and or bugfixes you want or need, then try to make sure it is from a reliable source.

Although I do not have the same aversion to PPA's as others do, I totally agree that everyone should be very careful when adding PPA's that they are from reliable sources or use the Linux deb files from the PPA. PPA's from the software developers are usually safe to install and use. Once in a while I have run into issues using PPA's, or adding software repositories, that have multiple software packages they did not create but maintain or offer that did conflict with other software. Anyone can always remove a PPA whenever they want. If you are unsure, ask here before adding them or search this forum and the Internet.

And, obviously backup or at least take a snapshot before installing anything that could have system wide ramifications, so that if anything does go wrong, you can restore.


Hope this helps ...
Phd21: Mint 20 Cinnamon & xKDE (Mint Xfce + Kubuntu KDE) & KDE Neon 64-bit (new based on Ubuntu 20.04) Awesome OS's, Dell Inspiron I5 7000 (7573) 2 in 1 touch screen, Dell OptiPlex 780 Core2Duo E8400 3GHz,4gb Ram, Intel 4 Graphics.
User avatar
Arch_Enemy
Level 6
Level 6
Posts: 1491
Joined: Tue Apr 26, 2016 3:28 pm

Re: Safety of Linux Mint

Post by Arch_Enemy »

Sereiya wrote: Tue Apr 16, 2019 10:38 am
Arch_Enemy wrote: Tue Apr 16, 2019 1:25 am And, I think UFW is installed by default. If you want to "see" what you're doing you can install GUFW for a graphical interface, and with a small amount of reading can lock in or out anything you want to.
Saw that too. Nice to have a small but proper firewall, tho' I'm interested in a little bit more information about the kind of that network activity I see. :wink: I've heard about nethogs and will dig into that later this day.
A quick read through the different ports available and what they are used for will help, and you can create rules in UFW that will deny access. I use DROP rather than Refuse, because if someone is knocking and they see a "Connection Refused" notification, they will keep pounding away until they might find a vulnerability.
DENY does not send a response (DROP) is another term used, so they send a 'bullet" and get no response. Usually after a few times they move on to lower-hanging fruit.

Likewise learn what you can about SSH, and if you don't need it (to connect to an external machine, or to connect to yours remotely) you can disable it to stop another back door for travellers to come in. Same with SAMBA and file sharing. If you don't need them, turn them off.
Last edited by Moem on Thu May 30, 2019 7:43 am, edited 1 time in total.
Reason: Trimmed a quote
I have travelled 37629424162.9 miles in my lifetime

One thing I would suggest, create a partition as a 50G partition as /. Partition the rest as /Home. IF the system fails, reinstall and use the exact same username and all your 'stuff' comes back to you.
hcentaur13

Re: Safety of Linux Mint

Post by hcentaur13 »

The reporitories of Mint contains some closed source AKA mcommercial software - but nothing of them gets installed magically. YOU have to install them explicity by software manager, synaptic or driver manager to get them installed. The installer is the first instance that lets YOU select some non free codecs installed.

Nothing you downloads from internet will be runable. It is on you to give it the right toi execute it by CPU or interpreter. filename extensions gives NO right for that. It is on YOU to give the eXecute right to the file.

Accessr ights are bounded to user groups and the ownership to files and groups. This is something windows has no knowledge about and can't handled by ntfs and (ex)FAT and other DOS filesystems.
Petermint
Level 9
Level 9
Posts: 2981
Joined: Tue Feb 16, 2016 3:12 am

Re: Safety of Linux Mint

Post by Petermint »

The question asks about security but the heading says "safety". Safety concerns that may or may not affect security:
* How easy is it to remove something bad?
* How easy is it to restore your system after something bad happens?
* How fast can the developers react to something bad?
* Will you lose your data?
Linux Mint has more care put into it, reducing the number of bad things. More of the proprietary "must haves" that most people do not need are optional installs, not something thrown in by the developer. Timeshift and other developments help you recover from anything bad. Of all the operating systems with a decent GUI, LM is the best and most stable, the one with the least down time and the most reliable updates.

Usage is also a factor. For a major upgrade, say from LM 18 to LM 19, I do a clean install to clear out all the old junk I may have not deleted or updated. I use NoScript, Firejail, etc, to reduce the way bad things can enter my computer.
User avatar
Greencedar
Level 4
Level 4
Posts: 291
Joined: Thu Jan 31, 2019 8:29 pm

Re: Safety of Linux Mint

Post by Greencedar »

Concerning safety and security issues, in computing OS's, from my experience, even with the issues involved, from a practical standpoint, it's hard to beat any Linux - Ubuntu OS's.
Greencedar
Crippled

Re: Safety of Linux Mint

Post by Crippled »

If there were any security issues in Ubuntu or Ubintu based distros this gentlemen would of had posted about it since his job is computer security. https://www.youtube.com/user/quidsup/videos What you should be more worried about is browser security. https://restoreprivacy.com/firefox-privacy/
User avatar
zcot
Level 9
Level 9
Posts: 2798
Joined: Wed Oct 19, 2016 6:08 pm

Re: Safety of Linux Mint

Post by zcot »

Sereiya wrote: Mon Apr 15, 2019 7:20 pm My information about Ubuntu and Canonical is that they broke with the open-source premise at some point, including closed code into their distro. Which obviously means that, theoretically, software from Canonical can't be checked for backdoors and such stuff.
"closed source" doesn't really mean that nobody can gleen how it works and that it is most likely out to get us and spy on us.

it probably more means there are "not-open" copyright licenses, even whether or not source code is available and viewable. You could see source code from a variety of "closed source" or "not open source" codecs and you can even use it, but it doesn't mean you can build a product or embed it and try to sell it on the market as your own. There's a good bit of hidden detail involved in the stuff that we don't typically see as dumb desktop users but there's probably an amount of involvement of the systems of capitalism.

My take is that anything Ubuntu is putting out can and is checked for backdoors and such stuff, absolutely.
User avatar
lsemmens
Level 11
Level 11
Posts: 3936
Joined: Wed Sep 10, 2014 9:07 pm
Location: Rural South Australia

Re: Safety of Linux Mint

Post by lsemmens »

Any time on the computer, especially when in Internet land is only as secure as you make it. If you publish your name, and all of your personal details (read: FACEACHE, TWITter, etc) Don't be surprised if someone picks up on your info. :D If you walk down a street alone at night in the seedy part of town looking like you've got more money than you can count, don't be surprised if you get held up (at the least).
Fully mint Household
Out of my mind - please leave a message
User avatar
Palebushman
Level 2
Level 2
Posts: 59
Joined: Fri May 03, 2019 8:29 am
Location: Queensland, Australia.

Re: Safety of Linux Mint

Post by Palebushman »

Pjotr wrote: Tue Apr 16, 2019 4:54 am Linux Mint is very secure. Even though it may contain some closed code, just like any other Linux distribution that's "halbwegs brauchbar" (of any use).

You'll never be able to achieve 100 % security. Not in real life and not in the digital world. Not even when your computer is running Linux.

You should always use your common sense. And even then it can go wrong. A certain amount of risk, however small, is unavoidable. A Frenchman would say: c'est la vie.
I'm sure a Frenchman would also shout:
Mon Dieu! Que se passe-t-il ici?

https://forums.theregister.co.uk/forum/ ... stro_list/ :cry:


.
My System Info.
Linux Mint 20.3 Una 64-bit (Legacy BIOS)
Kernel: 5.4.0-167-generic
Memory 7.8 GiB. CPU AMD Athlon 64 X2 Dual Core 5200+ × 2
Graphics: AMD CEDAR HDD space available 951.4 GB
Locked

Return to “Non-technical Questions”