So why no security sub-forum in these forums ?

[ShadowFence8]

Like is it is not palatable or in bad taste to want to have a more secure system ? Would that be paranoid ? We mint users come in many categories I suppose. Some like an alternative to Windows, want and easy linux, and or want a generally more secure system than a mac or windows. Serious linux people will call many of us noobs and many of us are including myself, but it just strikes me as a bit arrogant or willfully ignorant to not have a security sub-section of these forums.
Most using mint are not "hackers" and definitely not pen testers, and or darker sorts of folks. I just want a system where I know I have done everything I can to secure my families records, and vital information. Convenience, and and an easy user friendly system does not really allow for a very hardened system. Still there are many options we can choose to reduce vulnerabilities, and they could be discussed in a a sub section of these official linux mint forums, without admitting weakness, and there should be such a sub forum. And my gosh, the update feature is just... well you better be the trusting sort.

[jimallyn]

There are discussions on the forums now and then about security. Probably the best things you can do are to keep your system up to date, and "sandbox" any applications that have access to the internet. Updates are "signed" which guarantees that it came from who it says it came from (Mint, Ubuntu, etc.).

Maybe you can get a discussion of security going here?

[Lucap]

Rather than a scattered approach a sticky thread for Security would be nice so we can post the latest OpenSSL update alerts and such.

[Moem]

I'm definitely in favour of a subforum / forum section on security, but it's been asked before, and apparently been deemed unnecessary.

[Lucap]

Could we have an unofficial poll just too gauge interest?

[jimallyn]

Could we have an unofficial poll just too gauge interest?

Anybody can set up a poll on the forums. Go for it.

[1.618]

This thread sits at the top of the newbies subforum, where people unfamiliar to how linux works inevitably ask about security

viewtopic.php?f=90&t=31723

However, it obviously gets missed as the same topics repeatedly appear on the boards and I myself have in the past considered starting a thread like this asking for a subsection for security.

[Pjotr]

I just want a system where I know I have done everything I can to secure my families records, and vital information.

You already have that. You might find this article interesting, that I've written about security in Linux Mint:
https://sites.google.com/site/easylinux ... t/security

That said: I wouldn't mind a security subforum as such. It just wouldn't be very useful (however strange that may sound to new Linux users)....

And it might lead new Linux users to believe, wrongly, that they would need to do all kinds of things to increase their security. Like they were used to do in, for example, Windows. A security subforum would perhaps attract too much attention to "toys for the paranoid".

[Lucap]

We would most definitely need a Cleansweep sticky.

[Cosmo.]

It just wouldn't be very useful (however strange that may sound to new Linux users)....

I assume, it would mostly have content (announcements, discussions), which are not OS-specific, like topics about flash, java, (vulnerable) routers, (compromised) web-services and more.

[Penn]

I'm definitely in favour of a subforum / forum section on security, but it's been asked before, and apparently been deemed unnecessary.

It just wouldn't be very useful (however strange that may sound to new Linux users)....

I assume, it would mostly have content (announcements, discussions), which are not OS-specific, like topics about flash, java, (vulnerable) routers, (compromised) web-services and more.

Quite an assumption! I think it would end up bringing a lot more FUD. Granted, at first some people would spend time in that sub-forum trying to set the record straight but eventually they would get sick of it and that will be when it will become the forum causing some people that don't know better to believe Linux is no safer than Windows.

Of course it could become a heavily moderated forum where only the types of topics Cosmo mentions are allowed, by rule. 2 of the 3 mods to comment so far in this thread are in favor of potentially increasing their workload so maybe that would work out.

I do get some people wanting to point out Linux and therefore Mint isn't totally immune. I recall at least 10 years ago a series of conversations with the only Linux user I knew. He was claiming Linux was immune. I told him no system is entirely immune but I did believe it could be a lot safer than Windows (I now know just how much safer) and used what was then recent Mozilla and Apple exploits as they became more popular. He adamantly disagreed.

A few weeks later he told me he was looking through is root directories (at the time I didn't even fully know what that was) and saw a folder he didn't recognize. Upon opening he found a trojan. It was a Windows trojan so it wasn't directly a threat and he knew it, BUT what he did see as a potential problem was someone needed to bypass or gain root access just to create the folder and place a file in it. A few days later he said he applied some new update that fixed the "problem". So someone had to realize Linux wasn't immune back then even if many of the users claimed it was.

Point I'm getting at - I get wanting to address security concerns but I just think the FUD with a new sub-forum would make things look worse than they really are. But if the mods feel they can compensate for the FUD, go for it. Meanwhile, didn't there used to be a sticky that pointed people to a good write up about Linux security and how to apply safety measures?

[NChewie]

Meanwhile, didn't there used to be a sticky that pointed people to a good write up about Linux security and how to apply safety measures?

I don't recall a sticky, but maybe there should be one which is read only and points to Pjotr's link above

[Moem]

2 of the 3 mods to comment so far in this thread are in favor of potentially increasing their workload so maybe that would work out.

Whoa, dude. I'm in favour as a user. I've not even thought about the chance of such a forum section increasing the mod's workload.

[Kardosh]

You might find this article interesting, that I've written about security in Linux Mint: https://sites.google.com/site/easylinux ... t/security

I read it now and there is a mistake I think.

but seeding torrents (serve), might require a temporal disabling of ufw.
It's easy to disable the firewall (should you wish to do so) with this terminal command:
sudo ufw disable
Press Enter.

For seeding torrents there is an option in the firewall configuration to add rule-category/network-subcategory/p2p-application/transmission. A few clicks in there enable seeding torrents without disabling the firewall.

[turtlebay]

Having used Linux and Mint for the past ten years it's noticeable that when newbs that are only used to Windows, start posting they can't believe how secure Linux is by comparison and spend a massive amount of time trying to prove the need for Windows-like security.

They really need to learn to relax and chill!

http://linux.oneandoneis2.org/LNW.htm

[silvatech]

Personally I would also like to see a security section. I would be happy to donate time to it in post. I actually have to deal with security of Linux servers and in a business environment. While, I do understand Mint is intended for a Desktop environment. A lot of the same common sense practices come into play.

[Pjotr]

Having used Linux and Mint for the past ten years it's noticeable that when newbs that are only used to Windows, start posting they can't believe how secure Linux is by comparison and spend a massive amount of time trying to prove the need for Windows-like security.

They really need to learn to relax and chill!

http://linux.oneandoneis2.org/LNW.htm

Well put, sir!

I have to admit that ten years ago, I displayed the same behaviour. I was then (justly) accused of spreading FUD about Linux security, and I remember feeling quite indignant about that.

I suppose it's a stage many of us have to get through, at the beginning....

[fabien85]

Hi,
I'm also in favour of a security sub-forum.
This could be something where only the relevant moderators can post stickies, in order to minimise their workload.

Reasoning : every once in a while, a security flaw is revealed, like heartbleed, shellshock, dirty cow...
This can or cannot affect a Mint user, possibly depending on the chosen desktop environment, installed software etc... Point is that an average user (like me or friends whom I converted) is looking for information, some statement.
Even if the statement is "don't worry", "Mint is not affected" or "It's already patched".
In more real situations, this could be "Apply all level 1&2 updates", "update your kernel to ...".

In my opinion, a sub-forum wouldnt necessarily need space for discussions, these discussions could be moved to "Newbies questions" or "Chat about Linux"...
Just a place where you would look for in times of doubt.
(and there could be some stickies explaining why we have virtually no viruses etc, for people needing reassuring. So you could just point to the thread when the question periodically comes back)

[NChewie]

@fabien85

I agree

[all41]

Regarding heartbleed, shellshock, dirty cow, etc.--these were reported and discussed on the forum--as they unfolded---
without being in a separate category.
I think a special subforum would need massive moderation and intensive explanations from admins.
Many posts would need to be relocated because they were wrongfully placed by new users.
as example:
newuser1:
"update reports a mergelist error--who is merging my files and how do I stop them?"