[Solved] easiest photo editor?

[Pjotr]

What risk are we talking about here, Pjotr? What makes a mono application any different from other Linux applications that get installed from the repos?

It's not those Mono applications themselves that pose a risk, of course. Those applications are perfectly safe.

It's the underlying Mono infrastructure that they need to run on. In essence it's an implementation of Microsoft's .NET that works on many platforms (including windows). That Mono infrastructure could potentially be abused by specially crafted cross-platform malware.

So I always remove that infrastructure from a Mint installation. Standard procedure for me. The two default applications that depend on it, get removed because of that as well. For those I install non-Mono replacements.

[theStreak]

Thanks Pjotr. I'm trying to understand specifically how this potential for abuse can occur. The way I see it, assuming that there is an unaddressed vulnerability in the Mono framework, it wouldn't even be exploitable without the help of additional software. You still have to execute an "infected" application that exploits that vulnerability in order for there to be a problem and if a Linux user only runs Mono applications that are installed from the repos (or other trusted sources), where's the risk? And this all assumes that an unaddressed vulnerability in the Mono framework exists to begin with, which is unlikely just given the links shared in Phd21's earlier post. Besides, if we have to accept that the Mono framework presents an actual risk to Linux Mint users beyond that presented by other Linux software installed from the repos, then what exactly does that make Clem and the rest of the Linux Mint team -- a bunch of evil doers or just a bunch of idiots? Of course, whichever is the case must apply equally to the Ubuntu, Debian and other distro teams as well... The fact is, there's no more risk involved with using Mono than there is with using any other Linux software installed from the repos. If the Mono framework can be abused to create malware, then what's to stop any other Linux library from being abused likewise? My apologies if I'm just overlooking something here and I mean no disrespect in any way towards you (or anyone else for that matter) but I've been hearing this claim made for years now and I've yet to see anyone provide an actual, solid basis in support of it.

[Pjotr]

Thanks Pjotr. I'm trying to understand specifically how this potential for abuse can occur.

You can see Mono as an attack vector that's all the more risky because it's a cross-platform attack vector. You don't want too many of those in your system. Java is another one; and that we have as well by default (openJDK). Not to mention Flash Player.

I consider it to be good security practice to remove those attack vectors from my system, that benefit me little and are relatively risky. That consideration leads me to keep openJDK and Flash Player (high risk, high benefit), but remove Mono (high risk, low benefit).

Note that it's generally not wise to wait until a theoretical risk becomes real. One should anticipate and weigh the pros and cons.... Which might differ for different people. For instance, I know people who remove openJDK because it has little or no benefits for them. Some even remove Flash Player.

[theStreak]

I think that you've missed the point that I'm making which is that a library -- whether cross-platform capable or not -- can't really be used by malware unless the malware itself is run on your system to begin with and as you previously stated yourself, any Mono apps installed from the repos are considered "perfectly safe". An attack vector is a path starting at entry into a system and ending at the point of damage done. Obviously, no attack vector is possible without an entry point. So where exactly is this entry point into a Linux user's system with regards to Mono?

[Pjotr]

I think that you've missed the point that I'm making which is that a library -- whether cross-platform capable or not -- can't really be used by malware unless the malware itself is run on your system to begin with and as you previously stated yourself, any Mono apps installed from the repos are considered "perfectly safe". An attack vector is a path starting at entry into a system and ending at the point of damage done. Obviously, no attack vector is possible without an entry point. So where exactly is this entry point into a Linux user's system with regards to Mono?

A more or less comparable entry point as Wine offers for Windows malware....

[theStreak]

With Wine, the entry point is that you're actually running the malware yourself. With Mono, this isn't the case because the apps that you run originate from the repos -- not Joe Blow's Software Boutique website. So again, unless I'm overlooking something, there is no entry point and therefore, no attack vector involving Mono that presents a risk above and beyond that which already exists for any other Linux software installed from the repos. Again, were such a significant attack vector to exist in Mono -- worthy of your apparent need to warn others -- this would heavily imply that the Linux Mint team, the Ubuntu team and the Debian team must all be a bunch of conspiring evil doers or a bunch of idiots (granted, "lunatics" is a third possibility). I for one don't believe this to be the case, and I'm pretty certain that no other Linux Mint user believes this either -- including yourself. Am I wrong? Again, it's not my intent to disrespect anyone here. I just want good answers so that I can make good decisions involving my own software development, etc.; but I'm not one to just accept vague answers for why I should change my behavior and if that's all that you have to offer, then let's agree to disagree and just chalk it up as a difference of opinion if you will. In general, I -- and I'm sure many other Mint users -- have great respect for you and others who provide much needed assistance in these forums (even if I don't always agree with everything that is recommended).

[Pjotr]

With Wine, the entry point is that you're actually running the malware yourself. With Mono, this isn't the case because the apps that you run originate from the repos -- not Joe Blow's Software Boutique website.

Do you consider it unthinkable that somebody gets lured into running infected cross-platform Mono (.NET) software (which naturally doesn't come from the official repo's)?

I underline the fact that such malware would be cross-platform. Which means that the theoretical possibility of its (upcoming?) existence increases many times, because Windows is the usual attack target of nearly all existing malware in the wild. Which is a big and important difference with "ordinary" Linux software.... As a rule, staying away from the polluted Windows ecosystem whenever reasonably possible, is definitely beneficial for your security.

By the way: like yourself, I'm not waging this discussion for its own sake. It's not about winning or losing for me; there's no prestige involved. I think it's an interesting discussion and I'm certainly open for new views.

[theStreak]

Sorry for the delay... Lured by what means exactly? Like someone being tricked into downloading a .NET executable off of some random website and then being told to run it or else they won't be eligible to win the one million dollar sweepstakes? What I consider unthinkable is that anyone who would fall into this sort of trap could ever manage to install Linux to begin with, so I think your worries are over.

Seriously, if you're concerned with a specific scenario such as someone being tricked into downloading and running an executable, then why not simply remind users not to run any applications that originate outside of the repos? Why the insistence that Mint users remove Mono from their systems (a part of the base install, no less) when everyone knows there's likely to be an even greater risk involved with their attempting to do so?

Once again, I see no risk arising from having Mono installed on a system that's significantly worse than having any other Linux software installed on it. And even if there were such a risk, it's not like our only option would be to give up all hope and begin uninstalling software. If there's an attack vector entry point (such as that mentioned above), then it simply needs to be addressed, hopefully through sensible means!

Again, I have to ask, if this is such a significant issue worthy of bringing to everyone's attention, then why did the Linux Mint team include Mono into the base install to begin with?

[Pjotr]

Again, I have to ask, if this is such a significant issue worthy of bringing to everyone's attention, then why did the Linux Mint team include Mono into the base install to begin with?

Well, you'd have to ask *them* that, wouldn't you?

But my guess is: the default Linux Mint is already pretty secure, even with Mono. Note that my practice of removing Mono is simply meant to make the already good security of Mint even better.

Which for me hardly poses any practical problems, because for me there are good indigenous Linux alternatives around for the Mono / Microsoft .NET applications. Note that removing Mono causes no collateral damage at all, except for (obviously) the automatic removal of two or three Mono based applications that are present in the default installation.

You seem to think that the security of the default Linux Mint installation can't be improved. If so, you're wrong. It's always about usability versus security: what should prevail in which circumstances? People make different choices in such matters. As regards Mono, mine obviously differ from the Mint developers. That's OK with me.

As a final thought (because I don't think this discussion can be fruitful anymore) I'd like to share this programmers' wisdom with you:
"Everything can be cracked, nothing is entirely secure, so strive for as much nothing as reasonably possible".

[Superannuated]

In the irc I was advised to go with Shutter, but there I couldn't find how to delete text once it's in there, and I already managed to erase a great photo I had

Regarding Shutter, once you save your changes then you have a flat file and you can't go back and delete text or change any other editing. That's probably true of the other lightweight photo editor apps. Of course you can over-write your edits.

On the other hand, if you haven't saved your edits then you choose the select tool (big arrow), click on any edit you have performed (such as a text edit) even if it is the first of many edits, and either cut it or delete it using the Edit menu. You can also re-edit the edit, such as move, resize, change color, change font size, etc.

It is always a good idea to edit a copy of a photo.

[theStreak]

Well, you'd have to ask *them* that, wouldn't you?

Actually, I'm interested in your opinion and you do a pretty fair job of answering the question in your follow-up sentence. Thanks.

But my guess is: the default Linux Mint is already pretty secure, even with Mono.

My guess would be more or less the same as yours which is why I find it all the more puzzling that you recommend actually removing Mono.

Note that my practice of removing Mono is simply meant to make the already good security of Mint even better.

Fine. You can do to your own system(s) whatever you want, but as a senior forum member, urging others to remove Mono from their base install is inappropriate at best. There is no risk to justify removing Mono from any Mint user's system. That someone might be "lured" into harming their system by downloading a malware infected .NET executable from some cheesy website and then made to run it under Mono is so improbable that even the Debian, Ubuntu and Mint teams (not to mention others) clearly have no concern with this whatsoever. Plus, although your own assessment of the risk associated with using Mono apparently depends on your mood, you've nevertheless qualified the risk with such alarming statements as "Linux Mint is already pretty secure, even with Mono" and "...the risk is limited".

Secondly, not only is the risk associated with using Mono virtually nonexistent, your urging others to remove Mono from their systems ignores the real risk that someone will end up damaging their system as a result of carrying out your recommendation. Number nine in the list of ten "fatal mistakes" published on your own website is, "Never remove any application that's part of the default installation of Ubuntu or Linux Mint". In that section, you warn visitors that "when you remove a default application, you run a risk of seriously damaging the system. With some default applications this risk is bigger than with others, and with some there's no risk at all. But it's best to avoid this risk altogether." (emphasis added) So, in general, you don't recommend that users remove applications that get installed as "part of the default installation," due to the risk of "seriously damaging" their own system and yet somehow, this doesn't stop you from recommending to others that Mono be removed from their systems?

Third, if there actually was a significant risk involving the use of Mono itself, the thing for you to do would not be to recommend that Mint users remove Mono from their systems, (totally ignoring your own advice in the process). Considering that any such "risk" should logically threaten all Mint users and not just those who occasionally visit the forums, the appropriate response would be for you to alert the Mint team of the issue by submitting a bug report. Whether you've done this or not I don't know, but regardless, here you are urging Mint users to remove Mono from their systems, which not only introduces a risk of its own but it also has the side effect of denying them (and other Mint users as well), of their own free choice to benefit from using Mono; either by developing cross-platform Mono applications or just running those Mono applications that exist in the repos -- now, or in the future...

Which for me hardly poses any practical problems, because for me there are good indigenous Linux alternatives around for the Mono / Microsoft .NET applications.

On the contrary, there's nothing non-native about Mono applications. They're compiled on Linux and they run on Linux just like any other "indigenous" software found in the repos.

Plus, what works for you doesn't necessarily work for everyone else and just because there are alternatives to the Mono applications in the repos as far as you're concerned doesn't mean that the same holds true for everyone else. And incidentally, a major reason why you yourself may have had little difficulty finding alternatives to those Mono apps that exist in the repos likely has something to do with the holy war that has been waged over the past five or six years by some in the Linux community in opposition to Mono. Clearly, this war has had an effect on limiting the number of Mono apps in the repos. Therefore, to imply that Mono should be of little use to anyone because alternatives exist for the Mono apps in the repos -- assuming that you could even speak for everyone else to begin with -- is a bit like giving customers in your store just one choice of cigar and then claiming that they don't really want anything else because that cigar is all they ever purchase!

You seem to think that the security of the default Linux Mint installation can't be improved. If so, you're wrong. It's always about usability versus security: what should prevail in which circumstances? People make different choices in such matters. As regards Mono, mine obviously differ from the Mint developers. That's OK with me.

I'm sure that the security of the Mint base can be improved in many different ways but I'm also sure that the Mint team (and others) aren't somehow overlooking a significant security risk involving Mono that leaves the entire Mint community open to a bloody malware attack.

You seem to think that perfect security is achievable in a Linux system. I doubt that it can be if only because you can't exactly prove that a complex system is ever perfectly secure. If you require that your system be 100% secure then shut it down, leave it off and it'll be 100% secure. Sure, any Linux system can likely be made more secure but I don't believe that a tiny increase in security is worth butchering your OS. If you're so concerned with wanting to improve Mint's security for other users Pjotr, then why are you encouraging them to trade a risk that is so small that even you describe it as "limited", for another one which you feel has the potential for "seriously damaging" their system? I mean, what's the point?

As a final thought (because I don't think this discussion can be fruitful anymore) I'd like to share this programmers' wisdom with you:
"Everything can be cracked, nothing is entirely secure, so strive for as much nothing as reasonably possible".

Yes, that is a good quote. I've always found humor in it. Here's another one that I consider applicable to our discussion: "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Ben Franklin

I hope that you don't take any of this too personal but your recommendation that others remove Mono from their systems is way over the line as I see it and it leaves me no choice but to go on record in protest. On a positive note, I happen to agree with you regarding practically everything else I've ever seen you post on these forums. I think overall, you offer great advice to others. I just don't agree with you when it comes to encouraging others to remove Mono from their systems is all.

[Pjotr]

Number nine in the list of ten "fatal mistakes" published on your own website is, "Never remove any application that's part of the default installation of Ubuntu or Linux Mint". In that section, you warn visitors that "when you remove a default application, you run a risk of seriously damaging the system. With some default applications this risk is bigger than with others, and with some there's no risk at all. But it's best to avoid this risk altogether." (emphasis added).

So, in general, you don't recommend that users remove applications that get installed as "part of the default installation," due to the risk of "seriously damaging" their own system and yet somehow, this doesn't stop you from recommending to others that Mono be removed from their systems?

Indeed. I utterly fail to see the contradiction here.

Not removing stuff from the default installation for risk of serious collateral damage, is a fine example of a good standard rule, which nevertheless (like most rules) has some exceptions. Of which removing Mono is one. No collateral damage to speak of. Risk-free removal.

The final sentence "But it's best to avoid this risk altogether" is obviously aimed at people who want to start removing stuff on their own accord, without proper understanding.

By the way: a quick web search delivered this account of a recent malware attack by means of Mono:
http://askubuntu.com/questions/648386/d ... -with-mono
Note that the comments tend to downplay it a bit: "at most it could do harm to your /home". But that's far from reassuring: all documents, pictures and such, are in /home....

It just goes to show that sharing part of the polluted Windows ecosystem is something that's best avoided in Linux, whenever reasonably possible. The risks are not just hypothetical.

On a positive note, I happen to agree with you regarding practically everything else I've ever seen you post on these forums. I think overall, you offer great advice to others. I just don't agree with you when it comes to encouraging others to remove Mono from their systems is all.

Thanks.

[theStreak]

Not removing stuff from the default installation for risk of collateral damage, is a fine example of a good standard rule, which nevertheless (like most rules) has some exceptions. Of which removing Mono is one. No collateral damage to speak of. Risk-free removal.

How small the risk is of removing Mono in your particular case is pretty much irrelevant. What matters is that the risk for people removing Mono in general isn't likely to be lower than the risk associated with their using Mono. Again, if a Mint user has to first ignore all warnings about running executables that don't originate from the repos, be tricked into downloading and running a .NET executable and that executable has to be malware infected and it also must either target Linux specifically or be cross-platform capable, then the risk of using Mono is practically nil.

On the other hand, you can't know for sure how a given person will go about removing Mono from their system, so how can you be sure of the risk involved in their doing so? Any calculation of risk associated with the removal of Mono must obviously take into account the fact that people sometimes make mistakes when doing important things like removing software from their systems... So, at best you're urging people to risk bricking their own systems in exchange for absolutely no benefit to them whatsoever.

So why is Mono an exception to your rule when the risk to using it is practically nil and the risk to just leaving it on one's system unused is nil?

[Pjotr]

you can't know for sure how a given person will go about removing Mono from their system, so how can you be sure of the risk involved in their doing so?

Because I give the exact terminal command for it, in the relevant how-to's on my website. Have you even read them?

Doing it like that, the removal risk is zero. I fail to see why you choose to ignore that. It doesn't strike me as being particularly constructive.

Furthermore, apparently you also choose to ignore the recorded real life incident I named of an Ubuntu user accidentally running .NET malware by means of Mono (by clicking on an e-mail attachment). That's a use case which is not "practically nil" in likelihood, but something which could happen all too easily.

But this discussion has become as fruitless and therefore boring as I expected it would become. I'm out of this thread and will graciously grant you the opportunity of the last say. Take it, I'm pretty sure that it'll make you feel better.

Do as you please and may you live happily ever after.

[theStreak]

Because I give the exact terminal command for it, in the relevant how-to's on my website. Have you even read them? Doing it like that, the removal risk is zero. I fail to see why you choose to ignore that. It doesn't strike me as being particularly constructive.

I'm not ignoring anything. Certainly some of the individuals who hear of this supposed threat posed by Mono aren't necessarily going to be aware of your "exact terminal command" and nor are they necessarily of the same level of expertise as you when it comes to making changes to their system. Therefore, it stands to reason that the closest thing to a guarantee of zero risk is for them to do nothing.

Furthermore, apparently you also choose to ignore the recorded real life incident I named of an Ubuntu user accidentally running .NET malware by means of Mono (by clicking on an e-mail attachment). That's a use case which is not "practically nil" in likelihood, but something which could happen all too easily.

No, I'm not ignoring your "real life incident" either. I can't ignore what I haven't seen. Surely you flatter yourself if you think that I've read every line of immensely fascinating text that you've ever punched into a keyboard. Where exactly is this incident documented? I hope you realize that it shouldn't be all that difficult to find an instance of a Linux user destroying his/her entire hard drive using the DD command; so what's your point? Should all Mint users uninstall the terminal app just because someone might destroy their hard drive using it? Life is full of risks; but for those who learn to put them into perspective, it can also be full of rewards. I'm guessing that you're a "glass is half-empty kind of guy".

But this discussion has become as fruitless and therefore boring as I expected it would become. I'm out of this thread and will graciously grant you the opportunity of the last say. Take it, I'm pretty sure that it'll make you feel better.

Yes, I think I will take this opportunity of the last say... especially being as you took the opportunity of the first one (that is, your first post of this thread where you took it upon yourself to insinuate that Mono presents a risk worthy of removal). And yes, the truth can be boring to some and it can also be terribly inconvenient. I do apologize. And BTW, "gracious" would have been for you to accept my invitation made several posts back for us to end this discussion early on. You chose not to.

[Schultz]

Thanks Pjotr for the heads-ups on Mono. I've removed it from my system. I guess I'm going to have to learn how to use Gimp. I hated to let Pinta go, but I don't want anything that reeks of Windows (meaning mono) on my Mint.

[catch22]

... It is always a good idea to edit a copy of a photo.

You're so right there; and the one time that I carelessly play with an unbacked-up file of course it taught me a lesson about being negligent
And thanks for the Shutter info.