RE: Linux Users in Danger - Secure your PC Immediately

You are viewing a single comment's thread from:

Linux Users in Danger - Secure your PC Immediately

in security •  8 years ago  (edited)

It and your proposed solution leaves the system in an unpatched state where there are known exploits. It doesn't fix it, it makes it worse.

Here is a list of 72 known exploits your "fix" re-introduces.
https://www.ubuntu.com/usn/
You'll notice that the exploit you're concerned about is still on that list. So your solution doesn't fix the problem it just adds 71 more in addition to the heavy work of re-establishing the system configuration after an FFR. Which in the case of some computers requires manually editing config files just to get the internet functional, raid drivers running and don't get me started on 3D graphics.

I am not sure I follow you. What are you talking about here?

I have said in my article that if the solution is fixed, only then download he latest release. I was also implying but forgot to say that the latest "stable" release should be downloaded, if that is a more accurate explanation, i will edit it in the article.

Other than that how is it actually more risky to update than to leave the current flawed version on the PC?

Just for the record , I am not using Ubuntu. I was referring to Debian mostly.

security
8 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    3
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  8 years ago 

    The "latest release" is an iso file that was cut months ago. For 16.04 LTS that would mean rolling all the way back to April. For 16.10 it's only since October, but that's still a ton of vulnerabilities to reintroduce into your system.

    It's not like there's a daily snapshot you can grab, unless you're living dangerously and going onto one of the dev branches.

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00
      2 votes
      [-]
        ·  8 years ago 

      And you know, this guy's "fix" would also re-introduce the flawed apt package, which likely would already have been fixed. I don't understand why this guy has such a hard time understanding why he's wrong.

      Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

      • Disagreement on rewards
      • Fraud or plagiarism
      • Hate speech or trolling
      • Miscategorized content or spam

      Submit
      $0.00
        [-]
          ·  8 years ago 

        Well then just update the system manually. Get the latest apt package updated first, and then download the rest of the updates.

        It's bad if the new releases come out monthly, people need rely heavily on the updater then.

        You can always just use a RPM based distro until a new ISO image comes out for debian OS's for example.

        Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

        • Disagreement on rewards
        • Fraud or plagiarism
        • Hate speech or trolling
        • Miscategorized content or spam

        Submit
        $0.00