Re: Re: upgrade trinity

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/04/2019 09:03, deloptes wrote:

Thierry de Coulon wrote:


Anyway I think this "upgrade/update" craze is mostly the result from
Microsoft, Apple and Google having to frequently patch their buggy OSes
and using this to force users to adopt their latest control options. Now
it's become a fashion.

I have here a few installs with fairly old Linux versions and never got a
problem - I agree I'm certainly not a prime taget for hackers...

I disagree here, because if you look at what was recently upgraded in
Stretch, these are openssh and similar, which are critical and I would not
advise anyone with access to the internet to not upgrade frequently.
.. and I disagree with you. On the basis of your argument, we should not use the internet full stop as any software we use must be suspect as it will be continually upgraded. I'm not saying don't upgrade but to blindly upgrade is as bad as blindly not upgrading. Why should I believe ANY upgrade is more secure than the last? Upgrades are screwed up on a regular basis both by introducing security flaws and bugs and also removing/changing features that one needs. Do we read all the changelogs before doing apt upgrade? No, but we should if we want reliability. 


This is also not "Microsoft, Apple and Google" madness, but a normal
software cycle. If you want to have latest bug and security fixes, do
upgrade regularly.


Read above.



Now for TDE, it is so stable, that you may have the impression you do not
need it, but still the system should be up to date, to not allow undesired
intrusions.


Upgrade for improvements, no problem, but read above.



If you are target or not - you do not know. I see in the last couple of
months constant brute force attacks on my ssh server
and upgrading will stop that? No. A bit of  filtering of known spam IPs would help much more.
Security for security's sake is a nightmare. If somebody can utilise a security flaw in my TDE desktop, I've already got big, big problems. 

--
Mike Howard


---------------------------------------------------------------------
To unsubscribe, e-mail: trinity-users-unsubscribe@xxxxxxxxxxxxxxxxxxxxxxxxxx
For additional commands, e-mail: trinity-users-help@xxxxxxxxxxxxxxxxxxxxxxxxxx
Read list messages on the web archive: http://trinity-users.pearsoncomputing.net/
Please remember not to top-post: http://trinity.pearsoncomputing.net/mailing_lists/#top-posting
[Index of Archives]     [Trinity Devel]     [KDE]     [Linux Sound]     [ALSA Users]     [ALSA Devel]     [Linux Audio Users]     [Linux Media]     [Kernel]     [Gimp]     [Yosemite News]     [Linux Media]     [Trinity Desktop Environment]
  Powered by Linux