Newest Gnome versus LTS

classic Classic list List threaded Threaded
30 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Newest Gnome versus LTS

Volker Wysk
Hi!

I've run Ubuntu 19.04 for some days now, and I didn't notice any  
corruption (see thread "Filesystem corruption"). It may be because of  
the BIOS has been upgraded, some bug in Kubuntu, replaced SATA cables,  
no more dm-cache (SSD as a cache for HDD), or...

Now I am about to set up my machine anew. But I still can't completely  
make up my mind, which release I should use. I have the choice between  
a more stable 18.04 LTS, and a more up to date 19.04.

I tend to choose 18.04 LTS, but I wonder what I'll be missing compared  
to 19.04. I've found out about Gnome Tracker. It looks like what I've  
looked for in KDE, the difference being that it (seems to) actually  
work (really! ;-) ). I'm wondering if this project has made big  
progress in the past year. Progress which would be missing in 18.04  
LTS. I'm also wondering how hard it would be to backport a specific  
part of Gnome to the older 18.04.

Liam Proven wrote that this has already been answered, but I couldn't  
find it (sorry!): Are there Gnome PPAs, which let you install the  
latest Gnome, the same way as there are KDE-PPAs in Kubuntu?

I don't like to fight with the (potentially hazardous) release upgrade  
every six months. Therefore I tend to 18.04 LTS.

Being LTS doesn't guarantee that the release upgrade will go smoothly,  
however. When I tried to do-release-upgrade from Kubuntu 16.04 LTS to  
18.04 LTS, it completely wrecked my installation.


Happy hacking,
Volker



--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Paul Smith-2
On Tue, 2019-07-16 at 21:59 +0200, Volker Wysk wrote:
> I've found out about Gnome Tracker. It looks like what I've looked
> for in KDE, the difference being that it (seems to) actually work
> (really! ;-) ). I'm wondering if this project has made big progress
> in the past year. Progress which would be missing in 18.04 LTS.

Some info on this can be found here:

https://gitlab.gnome.org/GNOME/tracker/blob/master/NEWS

> Are there Gnome PPAs, which let you install the latest Gnome

Not as far as I'm aware.

GNOME has a very wide set of parts that all work together, both
applications in the foreground and frameworks that the applications
rely on in the background, so updating just one of them is very
unlikely to be successful.  Some GNOME applications don't maintain
backward-compatibility even one release back.  Those that do maintain
backward-compatibility rarely do so for MORE than one release back.

The effort of providing a PPA that could update the entirety of GNOME
is not something anyone has undertaken.



--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Volker Wysk

Zitat von Paul Smith <[hidden email]>:

> On Tue, 2019-07-16 at 21:59 +0200, Volker Wysk wrote:
>> I've found out about Gnome Tracker. It looks like what I've looked
>> for in KDE, the difference being that it (seems to) actually work
>> (really! ;-) ). I'm wondering if this project has made big progress
>> in the past year. Progress which would be missing in 18.04 LTS.
>
> Some info on this can be found here:
>
> https://gitlab.gnome.org/GNOME/tracker/blob/master/NEWS

Lots of fixes...

>
>> Are there Gnome PPAs, which let you install the latest Gnome
>
> Not as far as I'm aware.
>
> GNOME has a very wide set of parts that all work together, both
> applications in the foreground and frameworks that the applications
> rely on in the background, so updating just one of them is very
> unlikely to be successful.  Some GNOME applications don't maintain
> backward-compatibility even one release back.  Those that do maintain
> backward-compatibility rarely do so for MORE than one release back.
>
> The effort of providing a PPA that could update the entirety of GNOME
> is not something anyone has undertaken.

I see.

Thanx,
Volker


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

RE: Newest Gnome versus LTS

J.Witvliet
In reply to this post by Volker Wysk
See below

-----Original Message-----
From: ubuntu-users [mailto:[hidden email]] On Behalf Of Volker Wysk
Sent: dinsdag 16 juli 2019 22:00
To: [hidden email]
Subject: Newest Gnome versus LTS

<snap>
Now I am about to set up my machine anew. But I still can't completely
make up my mind, which release I should use. I have the choice between
a more stable 18.04 LTS, and a more up to date 19.04.

I tend to choose 18.04 LTS, but I wonder what I'll be missing compared
to 19.04
</snap>

One of the things I noticed, is that 19.04 has  an up-2-date version  of all sorts of security related packages.
Eventhough those packages were upstream available before the release-date of 18.04, they choose not to include them.
Due to network-instability of 18.04 we might skip it alltogether, and jump from 16.04 to 19.04

Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Oliver Grawert
hi,

Am Mittwoch, den 17.07.2019, 07:12 +0000 schrieb [hidden email]:
>
> One of the things I noticed, is that 19.04 has  an up-2-date
> version  of all sorts of security related packages.
> Eventhough those packages were upstream available before the release-
> date of 18.04, they choose not to include them.

for LTS releases like 18.04 packages typically stay at their versions
that were recent before the big QA run on a release begun (about the
middle of the cycle). Any security related fixes or patches for the
supported set of software are typically backported as a cherry pick by
the security team without changing the major version of a package. So
while checking a version of a package, you should always also check its
patchlevel [1]. 

if you actually require newer versions of packages you can ask for a
stable-release-update [2]. 

ciao
        oli

[1] https://people.canonical.com/~ubuntu-security/cve/
[2] https://wiki.ubuntu.com/StableReleaseUpdates
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

ubuntu-users mailing list
In reply to this post by J.Witvliet
On Wed, 17 Jul 2019 07:12:06 +0000, [hidden email] wrote:
>One of the things I noticed, is that 19.04 has  an up-2-date version
>of all sorts of security related packages. Eventhough those packages
>were upstream available before the release-date of 18.04, they choose
>not to include them.

Hi,

this is a feeble argument. Let me explain why.

First a user needs to understand in what way packages are maintained.

"Main

[snip] When you install software from the main component, you are
assured that the software will come with security updates and that
commercial technical support is available from Canonical." -
https://help.ubuntu.com/community/Repositories#Main

"Restricted

[snip] Please note that it may not be possible to provide complete
support for this software because we are unable to fix the software
ourselves - we can only forward problem reports to the actual authors.
[snip]" - https://help.ubuntu.com/community/Repositories#Restricted

"Universe

[snip] Canonical does not provide a guarantee of regular security
updates for software in the universe component, but will provide these
where they are made available by the community. Users should understand
the risk inherent in using these packages. [snip]" -
https://help.ubuntu.com/community/Repositories#Universe

"Multiverse

[snip] This software is not supported and usually cannot be
fixed or updated. Use it at your own risk." -
https://help.ubuntu.com/community/Repositories#Universe

Second a user needs to understand what security maintenance means.
Users cannot just rely on the good work of security teams.

Major distros provide detailed information, for Ubuntu
see https://usn.ubuntu.com/.

For Arch Linux see https://security.archlinux.org/.

How to use this information? You either need to read the notices or to
use a tool that takes a look at the affected packages. Some times
vulnerabilities are already known, but fixes do not exist.

For example on my Arch install are at least 9 official packages
vulnerable, but a fix is only available for one package:

[rocketmouse@archlinux ~]$ echo $(arch-audit -f "%n | " | sort) | sed s/.$//
chromium | gettext | glibc | inetutils | libmp4v2 | libtiff | openjpeg2 | python2 | sdl | sdl2 | unzip
[rocketmouse@archlinux ~]$ arch-audit --upgradable --quiet
chromium>=75.0.3770.142-1

Most likely Ubuntu 16.04 packages from "main" provide "all sorts of
security related" upgrades. Yesterday I mentioned that 16.04 contains a
very risky package, but webkitgtk is from "universe", see
https://packages.ubuntu.com/xenial-updates/libwebkitgtk-1.0-0. This
package is still provided for 18.10,
https://packages.ubuntu.com/cosmic/libwebkitgtk-1.0-0.
It isn't available for 19.04, but such an issue could happen for
packages from 19.04, too.

_Even_ packages from the Ubuntu "main" repository or from official Arch
Linux repositories sometimes can't get a security fixes immediately.
The user needs to decide what to do with those packages. Packages from
other Ubuntu repositories might be unsupported and the user is warned
about it.

Note! New releases have fixes for old vulnerabilities, but they have
unknown new vulnerabilities.

The user has to do some security related maintenance as described
above. Running after the latest and greatest gains nothing at all,
since the Ubuntu security team does fix issues for old releases, too
and doesn't fix issues for unsupported packages of new releases, too.

Regards,
Ralf




--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

ubuntu-users mailing list
On Wed, 17 Jul 2019 11:28:36 +0200, Ralf Mardorf wrote:
>For example on my Arch install are at least 9 official packages
>vulnerable, but a fix is only available for one package:
>
>[rocketmouse@archlinux ~]$ echo $(arch-audit -f "%n | " | sort) | sed
>s/.$// chromium | gettext | glibc | inetutils | libmp4v2 | libtiff |
>openjpeg2 | python2 | sdl | sdl2 | unzip

Oops, those are 11 packages ;).


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

ubuntu-users mailing list
In reply to this post by Oliver Grawert
On Wed, 17 Jul 2019 10:55:44 +0200, Oliver Grawert wrote:
>So while checking a version of a package, you should always also check
>its patchlevel [1].

Right now I wanted to explain this, too, by another post scriptum :).

However, security maintenance requires some user action. The users get
informed by notices provided by the security teams, as soon as security
flaws are known, even if fixes do not exist. To care about this is not
only required related to packages, but also related to hardware. Does
vendor foo still provide fixed microcode/firmware for old hardware?
People are wining about 32-bit support dropped by several Linux
distros, but they ignore that the old hardware is a security risk,
discontinued and unsupported since long ago.


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Bret Busby-2
On 17/07/2019, Ralf Mardorf via ubuntu-users
<[hidden email]> wrote:

> On Wed, 17 Jul 2019 10:55:44 +0200, Oliver Grawert wrote:
>>So while checking a version of a package, you should always also check
>>its patchlevel [1].
>
> Right now I wanted to explain this, too, by another post scriptum :).
>
> However, security maintenance requires some user action. The users get
> informed by notices provided by the security teams, as soon as security
> flaws are known, even if fixes do not exist. To care about this is not
> only required related to packages, but also related to hardware. Does
> vendor foo still provide fixed microcode/firmware for old hardware?
> People are wining about 32-bit support dropped by several Linux
> distros, but they ignore that the old hardware is a security risk,
> discontinued and unsupported since long ago.
>
>

Nowadays, all computer users, especially the users who access the
Internet or World Wide Web (which runs on top of the Internet), should
subscribe to and monitor incoming CERT advisories;

"
A copy of this publication is available at www.us-cert.gov [
https://www.us-cert.gov ]. If you need help or have questions, please
send an email to [hidden email]. Do not reply to this message since
this email was sent from a notification-only address that is not
monitored. To ensure you receive future US-CERT products, please add
[hidden email] to your address book.

OTHER RESOURCES: Contact Us [ http://www.us-cert.gov/contact-us/ ] |
Security Publications [ http://www.us-cert.gov/security-publications ]
| Alerts and Tips [ http://www.us-cert.gov/ncas ] | Related Resources
[ http://www.us-cert.gov/related-resources ]

STAY CONNECTED: Sign up for email updates [
http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new ]
"

From memory, the CERT was previously a part of Carnegie Mellon
University, then it got taken over by the USA government.

The advisories are free, and, worthwhile.

--
Bret Busby
Armadale
West Australia
..............

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

....................................................

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Oliver Grawert
In reply to this post by ubuntu-users mailing list
hi,
Am Mittwoch, den 17.07.2019, 12:00 +0200 schrieb Ralf Mardorf via
ubuntu-users:

> However, security maintenance requires some user action. The users
> get
> informed by notices provided by the security teams, as soon as
> security
> flaws are known, even if fixes do not exist.

not really, that would kind of defeat the purpose of having a security
team that cares for all of this ...

what a user really only needs to care about is to keep the system up to
date. notices about security issues really dont help here because 90%
of them are kept undiclosed after their discovery until they have been
discussed between security entities, upstream programmers etc and a
security fix exists (to not broaden the attack vector via press hype
while the systems are vulnerable) ...

so while it might be nice for some advanced user to also get
notifications about disclosed security holes and fixes, it is more
important that you trust your distros security team to include fixes
fast and to keep your installation updated with the latest fixes they
provide ... all a "normal user" should typically do is to check for
updates and apply them regulary.

ciao
        oli
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Oliver Grawert
In reply to this post by Bret Busby-2
hi,
Am Mittwoch, den 17.07.2019, 18:12 +0800 schrieb Bret Busby:

> Nowadays, all computer users, especially the users who access the
> Internet or World Wide Web (which runs on top of the Internet),
> should
> subscribe to and monitor incoming CERT advisories;
>

what would my mom (or my dad) who barely knows that the browser icon
"opens the internet" do with that information ? 

ubuntu has a quite well staffed security team whose job it is to care
for exactly that all day ... all my mom needs to know is that she needs
to apply the updates immediately when the system offers them to her and
this is true for the vast majority of users, more than subscribig to
some notification system that sends you info you do not understand ...

i agree that an admin in an enterprise should indeed watch CERT
advisories and cross check that fixes are coming in, but definitely not
a "normal user" ...

ciao
        oli
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Liam Proven
In reply to this post by J.Witvliet
On Wed, 17 Jul 2019 at 09:14, <[hidden email]> wrote:

> Due to network-instability of 18.04 we might skip it alltogether, and jump from 16.04 to 19.04

You can't.

You can go either from every Ubuntu release to the following release,
or direct from LTS release to the next LTS release, but that's all.

19.04 is not an LTS. They come out every 2 years, on even-numbered years.

To get from 16.04 to 19.04 you would have to go:

16.04 → 18.04 → 18.10 → 19.04


--
Liam Proven - Profile: https://about.me/liamproven
Email: [hidden email] - Google Mail/Hangouts/Plus: [hidden email]
Twitter/Facebook/Flickr: lproven - Skype/LinkedIn: liamproven
UK: +44 7939-087884 - ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Bret Busby-2
On 17/07/2019, Liam Proven <[hidden email]> wrote:
> On Wed, 17 Jul 2019 at 09:14, <[hidden email]> wrote:
>
>> Due to network-instability of 18.04 we might skip it alltogether, and jump
>> from 16.04 to 19.04
>

I am wondering what is this "network-instability of 18.04"?

I am running 18.04 on one of my computers, and, whilst, as I have said
elsewhere, I have some issues with 18.04, I have not encountered any
problems with network stability.

I have my 18.04 computer as one of the computers that I connect via
wifi to my cellphone as a wifi hotspot, and, have found it to be
stable in its connection. Previously, the 18.04 computer was connected
via ethernet, to a modem/router via a LAN switch, without any problems
(in terms of the network connectivity of the 18.04 computer - the
problems that I had encountered, were to do with the series of
modem/routers provided by the ISP, and, were independent of the
operating systems used on the client devices).

With 16.04, from what I understand, support lasts until April 2021
(five years, as 16.04 is an LTS version), for 18.04, also an LTS
version, five years' support means it is to be supported until April
2023, but, for 19.04, being not an LTS version, EOL is expected in
January - six months from now, due to the life of support, being only
nine months, for non-LTS versions.

See
https://help.ubuntu.com/community/EOL
and
https://wiki.ubuntu.com/Releases


So, if you go through the required sequence of updates,
16.04 -> 16.10 -> 17.04 -> 17.10 -> 18.10 -> 19.04
(as you want to skip 18.04, and, if all of those versions are still
available, and, if that path of system upgrades is possible)
then, within the next six months, you will need to perform yet another
system upgrade, as 19.04 has forecast EOL, and, End Of Standard
Support, in January 2020, six months from now.

I am clearly no Linux expert, but, as 16.04 has EOL 15 months after
EOL of 19.04, if you  are afraid of upgrading from 16.04 to 18.04,
then, I suggest that you stay with 16.04. 16.04 still has another 21
months of security updates, and, in April 2021; EOL for 16.04, it may
be time to replace the hardware, anyway, with a system with an i12 CPU
or equivalent (given that i9 systems are currently available).

Or, you could simply perform an LTS system upgrade, from 16.04 to
18.04, depending on what exactly is the issue of the
"network-instability of 18.04", and, whether it can be resolved.

--
Bret Busby
Armadale
West Australia
..............

"So once you do know what the question actually is,
 you'll know what the answer means."
- Deep Thought,
 Chapter 28 of Book 1 of
 "The Hitchhiker's Guide to the Galaxy:
 A Trilogy In Four Parts",
 written by Douglas Adams,
 published by Pan Books, 1992

....................................................

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

ubuntu-users mailing list
In reply to this post by Oliver Grawert
On Wed, 17 Jul 2019 12:21:46 +0200, Oliver Grawert wrote:
>what a user really only needs to care about is to keep the system up to
>date.

Hi,

I disagree, if a package from "main" such as openssl suffers from
something like Heartbleed, it might be better to wait a few days for a
fix, before continue using such a package's software.

It was even announced by television news and Bruce Schneier said:
"Catastrophic is the right word. On the scale of 1 to 10, this is an
11."

The Ubuntu help explains that not all repositories are supported and
warns regarding the risk using packages from those repos.

"Main

[snip] When you install software from the main component, you are
assured that the software will come with security updates and that
commercial technical support is available from Canonical." -
https://help.ubuntu.com/community/Repositories#Main

"Restricted

[snip] Please note that it may not be possible to provide complete
support for this software because we are unable to fix the software
ourselves - we can only forward problem reports to the actual authors.
[snip]" - https://help.ubuntu.com/community/Repositories#Restricted

"Universe

[snip] Canonical does not provide a guarantee of regular security
updates for software in the universe component, but will provide these
where they are made available by the community. Users should understand
the risk inherent in using these packages. [snip]" -
https://help.ubuntu.com/community/Repositories#Universe

"Multiverse

[snip] This software is not supported and usually cannot be
fixed or updated. Use it at your own risk." -
https://help.ubuntu.com/community/Repositories#Universe

Regards,
Ralf


--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Colin Watson
In reply to this post by Bret Busby-2
On Thu, Jul 18, 2019 at 02:18:57AM +0800, Bret Busby wrote:
> So, if you go through the required sequence of updates,
> 16.04 -> 16.10 -> 17.04 -> 17.10 -> 18.10 -> 19.04
> (as you want to skip 18.04, and, if all of those versions are still
> available, and, if that path of system upgrades is possible)

This path is unsupported and may or may not work.  (It's not uncommon to
drop special upgrade handling code in packages just after an LTS
release, on the basis that everyone is supposed to upgrade through the
LTS; so 17.10 -> 18.10 is the problematic step.)

If you have some objection to 18.04 that you believe to be fixed in
19.04, then you'd be better off going 16.04 -> 18.04 -> 19.04 (18.10 is
going EOL and will be removed from archive.ubuntu.com relatively soon if
it hasn't already, and direct 18.04 -> 19.04 should be fine).  It's not
like you'd be running 18.04 for very long in that scenario.

--
Colin Watson                                       [[hidden email]]

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Oliver Grawert
In reply to this post by ubuntu-users mailing list
hi,
Am Mittwoch, den 17.07.2019, 21:03 +0200 schrieb Ralf Mardorf via
ubuntu-users:

> On Wed, 17 Jul 2019 12:21:46 +0200, Oliver Grawert wrote:
> >
> > what a user really only needs to care about is to keep the system
> > up to
> > date.
> Hi,
>
> I disagree, if a package from "main" such as openssl suffers from
> something like Heartbleed, it might be better to wait a few days for
> a
> fix, before continue using such a package's software.
you mean keeping your system vulnerable for a few extra days makes much
sense ?

>
> It was even announced by television news and Bruce Schneier said:
> "Catastrophic is the right word. On the scale of 1 to 10, this is an
> 11."

my mom: "who is bruce schneier ?"

>
> The Ubuntu help explains that not all repositories are supported and
> warns regarding the risk using packages from those repos.

and because of this what i said is not true? 

yes, there are repo parts that are maintained by the community that
possibly get security fixes in a slower cadence (or probably none at
all, which is one of the reasons snap packages exist). but thats
completely orthogonal to the fact that you should immediately pull in a
security fix if it is available ... and that you should do this when
the update manager notifies you about it.

90% of ubuntu users out there install their software by simply clicking
the install button in the software-center, they dont know what
heartbleed is or who bruce schneier is, they only want to use their
computer. and the most important thing to keep these peoples machines
secure is to teach them to always apply the updates their system offers
them ASAP ... keeping your system up to date with the updates it offers
to you is the number one security rule no matter wether you are a
computer nerd who is best friends with bruce schneier or my mom ... 

ciao
        oli
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

ubuntu-users mailing list
On Thu, 2019-07-18 at 10:22 +0200, Oliver Grawert wrote:

> hi,
> Am Mittwoch, den 17.07.2019, 21:03 +0200 schrieb Ralf Mardorf via
> ubuntu-users:
> > On Wed, 17 Jul 2019 12:21:46 +0200, Oliver Grawert wrote:
> > > what a user really only needs to care about is to keep the system
> > > up to
> > > date.
> > Hi,
> >
> > I disagree, if a package from "main" such as openssl suffers from
> > something like Heartbleed, it might be better to wait a few days for
> > a
> > fix, before continue using such a package's software.
>
> you mean keeping your system vulnerable for a few extra days makes much
> sense ?

No, I said as long as there is no security update available, it is not
good to continue using something high risky vulnerable. If such a
vulnerability is know, it could still take a while before a security
upgrade is available.

Your point is, that user only need to care about upgrades and nothing
else, IOW it is actually you who recommend to use high risky vulnerable
packages.

> > It was even announced by television news and Bruce Schneier said:
> > "Catastrophic is the right word. On the scale of 1 to 10, this is an
> > 11."
>
> my mom: "who is bruce schneier ?"

If it's mentioned by the German news, then somebody from the CCC
explained the risk, not Bruce Schneier. However, it doesn't matter who
explains the risk. Nobody needs to have the skills of an electrician to
understand, that if smoke comes out of the light switch, you need to
turn off power by the fuse immediately and wait until it is repaired,
before you continue using the light switch.

> > The Ubuntu help explains that not all repositories are supported and
> > warns regarding the risk using packages from those repos.
>
> and because of this what i said is not true?
>
> yes, there are repo parts that are maintained by the community that
> possibly get security fixes in a slower cadence (or probably none at
> all, which is one of the reasons snap packages exist). but thats
> completely orthogonal to the fact that you should immediately pull in a
> security fix if it is available ... and that you should do this when
> the update manager notifies you about it.

webkitgtk is still in the 16.04 universe repo and users even recommend
to use a browser based upon webkitgtk from this repo ;). People who are
able to read the user manual of their washing machine, should read the
"user manual" of Ubuntu, IOW learn what the differences between the
repositories are.

Don't discourage users by claims that only computer freaks are able to
understand it.

You don't need to be a washing machine freak, to understand the user
manual of a washing machine.

> 90% of ubuntu users out there install their software by simply clicking
> the install button in the software-center, they dont know what
> heartbleed is or who bruce schneier is, they only want to use their
> computer.

They don't know what smoke is, that comes out of a light switch? You
claim 90% of the Ubuntu users are mentally challenged.

> and the most important thing to keep these peoples machines secure is
> to teach them to always apply the updates their system offers

Yes, but if smoke comes out of the computer case they should turn it off
and asked an expert how to proceed!



--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

Re: Newest Gnome versus LTS

Oliver Grawert
hi,
Am Donnerstag, den 18.07.2019, 11:01 +0200 schrieb Ralf Mardorf via
ubuntu-users:

> Your point is, that user only need to care about upgrades and nothing
> else, 

no, my point is that 90% of users *do* only care about upgrades, thats
the only visible thing for them if they do not subscribe to some
vulnerability announcement list or whatnot ... based on that reality,
the most basic thing for them to do is to keep their system up to
date. 

watching vulnerability announcements is the job of the security team
... be assured that the canonical security team also helps the MOTU
(masters of the universe) team that maintains universe packages where
they can and that the canonical team will even supply patches to
universe packages if a very widely used package there has a heartbleed
grade security issue (they are not only canonical employees, they are
community users too !)

in any case, keeping your system up to date is the number one thing to
do, completely independent from reading security announcements (which
most users will never do). it is also completely orthogonal to what you
said about "keeping an insecure package running" *they will do that
anyway* but a potential fix *will only come in* if they upgrade on a
regular base.

indeed it is bad to run insecure stuff i dont argue with you here, but
to get any potential fixes you need to upgrade ;)

if you are an administrator for any internet facing site, it is
irresponsible to not inform yourself about security issues, no doubt
here either ... but the simple fact is that the majority of users out
there is neither an admin nor do they know (or want to know) what a
 vulnerability is, they are just users.

also ... do you remember that the CCC on TV said "upgrade as soon as a
fix is offered by your software provider" ? i definitely do ;)

ciao
        oli
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

signature.asc (188 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

RE: Newest Gnome versus LTS

J.Witvliet
In reply to this post by Liam Proven
Hi Liam,

You replied by raising lots of topics... (hence commenting here)
We oversee the use of many tens-of-thousands instances. Therefor stability, is our second concern (after security)
We do want to progress from 16.04 forward, as we need to support newer hardware.
Though we observed instable behavior with regards to default gateways, and name-resolving in combination with tunnel product.
Something we never observed in 16.04. This "might" be related to the ever expanding influence of systemd...

The support-period of any release is not such a big deal, as long as we are ahead of any dead-line.
My goal is to provide quarterly (or even more monthly) new ready-to-run images, with as much of the latest drivers and patches.
And rather take smaller steps, than the bigger leaps between each LTS



Kind regards,
Hans Witvliet, J, Ing., DMO/OPS/I&S/APH, Kennis Team Opensource
Coldenhovelaan 1 Maasland 3531RC Coldehovelaan 1, kamer B213


-----Original Message-----
From: ubuntu-users [mailto:[hidden email]] On Behalf Of Bret Busby
Sent: woensdag 17 juli 2019 20:19
To: Ubuntu user technical support, not for general discussions
Subject: Re: Newest Gnome versus LTS

On 17/07/2019, Liam Proven <[hidden email]> wrote:
> On Wed, 17 Jul 2019 at 09:14, <[hidden email]> wrote:
>
>> Due to network-instability of 18.04 we might skip it alltogether, and jump
>> from 16.04 to 19.04
>

I am wondering what is this "network-instability of 18.04"?

I am running 18.04 on one of my computers, and, whilst, as I have said
elsewhere, I have some issues with 18.04, I have not encountered any
problems with network stability.

I have my 18.04 computer as one of the computers that I connect via
wifi to my cellphone as a wifi hotspot, and, have found it to be
stable in its connection. Previously, the 18.04 computer was connected
via ethernet, to a modem/router via a LAN switch, without any problems
(in terms of the network connectivity of the 18.04 computer - the
problems that I had encountered, were to do with the series of
modem/routers provided by the ISP, and, were independent of the
operating systems used on the client devices).

With 16.04, from what I understand, support lasts until April 2021
(five years, as 16.04 is an LTS version), for 18.04, also an LTS
version, five years' support means it is to be supported until April
2023, but, for 19.04, being not an LTS version, EOL is expected in
January - six months from now, due to the life of support, being only
nine months, for non-LTS versions.

See
https://help.ubuntu.com/community/EOL
and
https://wiki.ubuntu.com/Releases


So, if you go through the required sequence of updates,
16.04 -> 16.10 -> 17.04 -> 17.10 -> 18.10 -> 19.04
(as you want to skip 18.04, and, if all of those versions are still
available, and, if that path of system upgrades is possible)
then, within the next six months, you will need to perform yet another
system upgrade, as 19.04 has forecast EOL, and, End Of Standard
Support, in January 2020, six months from now.

I am clearly no Linux expert, but, as 16.04 has EOL 15 months after
EOL of 19.04, if you  are afraid of upgrading from 16.04 to 18.04,
then, I suggest that you stay with 16.04. 16.04 still has another 21
months of security updates, and, in April 2021; EOL for 16.04, it may
be time to replace the hardware, anyway, with a system with an i12 CPU
or equivalent (given that i9 systems are currently available).

Or, you could simply perform an LTS system upgrade, from 16.04 to
18.04, depending on what exactly is the issue of the
"network-instability of 18.04", and, whether it can be resolved.

--
Bret Busby
Armadale
West Australia
..............

Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
Reply | Threaded
Open this post in threaded view
|

RE: Newest Gnome versus LTS

J.Witvliet
In reply to this post by J.Witvliet

-----Original Message-----
From: ubuntu-users [mailto:[hidden email]] On Behalf Of Liam Proven
Sent: woensdag 17 juli 2019 13:04
To: Ubuntu user technical support, not for general discussions
Subject: Re: Newest Gnome versus LTS

On Wed, 17 Jul 2019 at 09:14, <[hidden email]> wrote:

> Due to network-instability of 18.04 we might skip it alltogether, and jump from 16.04 to 19.04

You can't.
You can go either from every Ubuntu release to the following release,
or direct from LTS release to the next LTS release, but that's all.
19.04 is not an LTS. They come out every 2 years, on even-numbered years.
To get from 16.04 to 19.04 you would have to go:
16.04 → 18.04 → 18.10 → 19.04


--
Liam Proven - Profile: https://about.me/liamproven
Email: [hidden email] - Google Mail/Hangouts/Plus: [hidden email]
Twitter/Facebook/Flickr: lproven - Skype/LinkedIn: liamproven
UK: +44 7939-087884 - ČR (+ WhatsApp/Telegram/Signal): +420 702 829 053

--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

-----Original Message-----

Yes, we can.
We never upgrade, but always perform a complete fresh install from scratch.


Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.

This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
--
ubuntu-users mailing list
[hidden email]
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12