Re: Potential (security) issue for beginners/non-experts when release is End Of Life: Fedora doesn’t consider the behavior of beginners/non-experts sufficiently

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You can lead a horse to water but you can't make it drink: https://fedoraproject.org/workstation/

Each version is updated for approximately 13 months, and upgrades between versions are quick and easy

It's right next to the download button :-) Likewise here: https://docs.fedoraproject.org/en-US/project/#_first 

Users are gonna user, if someone wants to not read any of the docs about what Fedora is, hit that button and put F38 on a machine and run it for 10 years they will. We can only be very clear about what is in support and what is not, and I think the people responsible for that do a great job. For what it's worth, I know there are Fedora devs out there running EOL versions of Fedora, so it is not just new users doing this. Not everyone has the same "upgrade first; ask questions later" attitude to OS updates I have it would seem ;-)

I seem to recall a thread from a few months back discussing how a machine can work out for itself whether it is EOL (or about to be) but I can't seem to find it. Hopefully someone will be able to elaborate on that part of your discussion because that reminder would be helpful.

Cheers,

Chris

On Fri, 11 Aug 2023 at 15:25, Christopher Klooz <py0xc3@xxxxxxxxxx> wrote:
The below is a duplicate from discourse (I suggest to focus the discussion there): https://discussion.fedoraproject.org/t/potential-security-issue-for-beginners-non-experts-when-release-is-end-of-life-fedora-doesnt-consider-the-behavior-of-beginners-non-experts-sufficiently/87311/1

I just became aware of another topic from a user who elaborates their problem and “by the way” mentions to use Fedora 35. The user provides this information in order to give an overview of his system configuration and thus does not consider this as part of the problem.

I have seen many of these topics over time, and I guess there are many more users out there who use obsoleted Fedora releases (the less experienced they are, the more they are likely to end up with obsoleted releases, and the less likely they are to end up on ask.fedora so that we can make them aware).

We officially want to make Fedora usable for average users (or beginners), but many (if not most) average users deploy their systems in a “fire and forget” manner: once they made it work, they maybe enable updates and such and then they no longer care if everything seems to work fine.

I assume that many of these users are not aware that they no longer receive updates, which can be dangerous.

First of all, I don’t use my Fedora installations until their end of life, so I don’t know if we have any means in place that shall make users aware once their release reaches end of life?

If not, does it make sense to add some means?

If we promote Fedora for average users/beginners, we have to also consider their behavior.

On one hand, it would be cool to make them a month or two before end of life aware with a warning message that automatically forwards them to the GUI upgrade with a click and also allows them to click “warn me again tomorrow” or such.

On the other hand, more easy to implement solutions like that of Tails could be sufficient solutions, too: once the Tails ISO image is started (live system) and online, it checks if there are new images available. If so, it opens a warning window that makes the user aware that this image should no longer be used and shows a link and a short elaboration of how to get the new one.

Of course there are alternatives, too. Even an apparent bullet point on getfedora.org would be a good first step (we could link it to Fedora being always up to date with most modern technologies, to link it to something positive). In either case, I think a short discussion of this makes sense.

This also applies to all Spins.


Best,
Chris

_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux