Page 1 of 2

Dangerous updates?

Posted: Wed Mar 13, 2019 7:02 pm
by LinMusGuy
I am considering to upgrade Linux Mint on my computer but am not sure about it as I just spent some days (and nights) installing the audio programs and files that I want to work with. I don't want to start all over again.

But first I have to deal with this question: what to do with the "red updates" below?
updatebeheer.png
updatebeheer.png (47.84 KiB) Viewed 1752 times

Re: Dangerous updates?

Posted: Wed Mar 13, 2019 7:16 pm
by sysrqer
It's only the kernel, should be fine. If not then you can boot in to the old one by choosing the grub menu when you first turn on your computer. If you don't have that then this might help - https://forums.linuxmint.com/viewtopic. ... 49#p951025 you should see a menu, one will show you the different kernels you have installed.

Re: Dangerous updates?

Posted: Wed Mar 13, 2019 7:42 pm
by Linuxmusician01
I try to never upgrade my distro (which is something other than update). As for the "red updates" you refer to: I speak Dutch, I use Mint but I do not use the program that you use to update software. So I don't know what it means... I use 'ye olde Synaptic.

I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".

Re: Dangerous updates?

Posted: Wed Mar 13, 2019 9:31 pm
by lilith
Linuxmusician01 wrote:I try to never upgrade my distro (which is something other than update). As for the "red updates" you refer to: I speak Dutch, I use Mint but I do not use the program that you use to update software. So I don't know what it means... I use 'ye olde Synaptic.

I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
apt-get upgrade is updating. Maybe you mean distribution update?

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 10:36 am
by LinMusGuy
Just did it. :oops:

Result:
fout.png
fout.png (18.83 KiB) Viewed 1722 times
vertaling.png
vertaling.png (38.64 KiB) Viewed 1722 times

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 10:40 am
by LinMusGuy
Linuxmusician01 wrote:I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
Yes! That's exactly what is holding me back about upgrading. But there is a problem that very soon Linux Mint 17 (which I have) will no longer be supported. I don't know how bad that is....

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 11:48 am
by Linuxmusician01
lilith wrote:apt-get upgrade is updating. Maybe you mean distribution update?
I stand corrected! :)

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 12:03 pm
by Linuxmusician01
LinMusGuy wrote:
Linuxmusician01 wrote:I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
Yes! That's exactly what is holding me back about upgrading. But there is a problem that very soon Linux Mint 17 (which I have) will no longer be supported. I don't know how bad that is....
I use Mint 17.1 too. If it were me I'd still be on Ubuntu 10.04 which I had before that. Or on Windows XP for that matter. But some time after the LTS period ended I needed new software versions and security updates that weren't in the repo's. So I had to upgrade my distro. The repositories with all software will still be up for a long time. So you can install any software you want after the LTS period. However, they won't be updated. So if you want to install the latest version of something that is available for Mint 17.1 you can do that any time you want in the future. No need to update everything now.

BTW, like Lilith wrote above, I confused upgrading all your software w/ upgrading your distro. If you want to "update" software you'll have to update all info from the repositories that you use first. This can be done via your package manager (Synaptic) or more easily via the CLI:

Code: Select all

sudo apt-get update
After that command you can install software (sudo apt-get install name_of_application). I never use apt-get upgrade (updates all your software) or apt-get dist-upgrade (upgrades your distro: always goes wrong, PC won't boot or something like that...).

To make a long story short: you're fine w/ Mint 17.1 as long as you don't need a newer version of certain software. :)

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 1:23 pm
by khz
Not to update an operating system and thus not to have an up-to-date one (security updates/packages) is ~courageous.

No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later.

Linux is not more secure than other operating systems.
<EDIT>The Internet is used by people, so anything is possible. ;-)
And not only bug fix, the system and application software is constantly evolving. If you want to install a current (music) software, the installation might fail because certain dependencies (outdated software) can not be resolved.</EDIT>

If you can dist-upgrade a *buntu I don't know.
A Debian or any other distribution does that ~problem-free.
I guess a *buntu has to be reinstalled every time a new version is released.
khz wrote:With the program https://packages.debian.org/de/stretch/ ... erties-gtk (or software-properties-kde) you can easily and conveniently keep your system up to date.
And from time to time

Code: Select all

apt-get update && apt-get -y upgrade
[...]

In Debian you might change the "/etc/apt/sources.list" if you explicitly entered "stretch" (release name) instead of "stable". So you have to log off your user every 3 years, <Ctrl> & <Alt> & <F2>, log in as root in the console, "/etc/init.d/gdm stop" and then enter a

Code: Select all

apt-cache clean && apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade && apt-get autoremove && apt-get -f -y install
and then the "reboot" computer to stay current.
Upgrades from Debian >> https://www.debian.org/releases/stable/ ... ng.en.html
Debian-stable dist-upgrade with the KXStudio repository >> viewtopic.php?p=96528#p96528
KXRepos and Debian PPAs >> viewtopic.php?p=94589#p94589
  • Read what "apt-get autoremove" wants to uninstall. If "apt-get autoremove" wants to uninstall the 1/2 system answer the question "Do you want to continue? [Y/n]" rather with "no".
    With a Debian stable there should be no problems with this command. With Backports/Repository and/or a Debian testing/sid or *buntu could cause problems.
You should look at the backports before dist-upgrade! If elementary packages from the backports are installed (e.g. a kernel) you should uninstall them before dist-upgrade. After the dist-upgrade you can then install the packages from the (new) backports again.

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 3:45 pm
by Linuxmusician01
khz wrote:Not to update an operating system and thus not to have an up-to-date one (security updates/packages) is ~courageous.

No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later.

Linux is not more secure than other operating systems.
<EDIT>The Internet is used by people, so anything is possible. ;-)
And not only bug fix, the system and application software is constantly evolving. If you want to install a current (music) software, the installation might fail because certain dependencies (outdated software) can not be resolved.</EDIT>

If you can dist-upgrade a *buntu I don't know.
A Debian or any other distribution does that ~problem-free.
I guess a *buntu has to be reinstalled every time a new version is released.
[...]
You're absolutely right. If you never update, like me, you're in danger because you miss out on security updates. That's why I updated a few years ago, something w/ wpa-supplicant, https or pgp, can't remember.

About upgrading your distro w/ apt-get dist-upgrade. If you use additional repositories - like the inevitable beloved KXStudio repo for us Linux musicians - then certain software breaks. No matter if you use Debian or a *Buntu distro. But if you use a vanilla Linux distro (i.e. you change NO repositories) then I think that there there will not be a lot of trouble. But I never risk it after learning a hard lesson. I backup (this is very important!) everything I have, shrink my main partition and install a vanilla distro on an extra partition. Then I copy files and setting over, re-install all software, etc. A process that's awful; it's the only downside to Linux if you ask me.

Just my two cents. :)

Re: Dangerous updates?

Posted: Thu Mar 14, 2019 6:40 pm
by jonetsu
khz wrote:No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later. [/size] Linux is not more secure than other operating systems.
I remember making Debian packages that would 'phone home' when installed at a user computer. That was fun. This said, Linux is more secure that 'other operating systems' simply because the code is viewed by so many people. This does not mean that Linux is secure. It means that since there's no black box of code, there's no such thing as 'security by obscurity'. Although ...

This said again, it does not prevent something like the Speck cipher from the NSA to be inside the Linux kernel even though it was rejected by ISO for lack of technical details, but pushed into the Linux kernel by Google for the IoT support. It should be removed by 4.20 though. Not the first time. Another backdoored cipher made it into the Linux kernel some years ago, again by a government agency.

Worry Reduction via Realism

Posted: Thu Mar 14, 2019 9:16 pm
by Detente
IMPORTANT NOTE: quoted text block fixed! (I have no knowledge of Debian package makings nor of ciphers from organizations that I'm not sure about! please re-read twice previous and subsequent posts for clarity. thanks)
No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later. [/size] Linux is not more secure than other operating systems.
I remember making Debian packages that would 'phone home' when installed at a user computer. That was fun. This said, Linux is more secure that 'other operating systems' simply because the code is viewed by so many people. This does not mean that Linux is secure. It means that since there's no black box of code, there's no such thing as 'security by obscurity'. Although ...

This said again, it does not prevent something like the Speck cipher from the NSA to be inside the Linux kernel even though it was rejected by ISO for lack of technical details, but pushed into the Linux kernel by Google for the IoT support. It should be removed by 4.20 though. Not the first time. Another backdoored cipher made it into the Linux kernel some years ago, again by a government agency.
Thanks for this realism and cross-cultural context.
I am one of these types of musicians who gets affected by both sides of the coin:

0) Sometimes I just give up and quit computing and keep my archives somewhere near my body (but NOT inside!).
1) I dodge updates to stay secure because they are pretty much wide open doors to me with heavey traffic.
2) During other OS implementations of us, I implement updates to stay secure and try to then stay offline.
3) When doing pretty well, I utilise more than one platform for downloading and testing and usage; yet this is expensive and time-consuming and typically requires a lot of cooperation with other users for me to get good enough results.

* Culturally, this only works when this world is NOT engaged in multiple digital battles of FLACK against itself.

P.S.=This world seems to me to be ironically engaged currently in multiple battles of FLACK and ATTRITION against itself. This needs to stop ASAP.

Peace be with y'all

Re: Dangerous updates?

Posted: Fri Mar 15, 2019 5:24 am
by tramp
Linuxmusician01 wrote:I never use apt-get upgrade (updates all your software) or apt-get dist-upgrade (upgrades your distro: always goes wrong, PC won't boot or something like that...).

To make a long story short: you're fine w/ Mint 17.1 as long as you don't need a newer version of certain software. :)
I use apt update and apt dist-upgrade regular on my system. And, when you use a rolling release (debian/sid or testing) you must use apt dist-upgrade, otherwise you'll end up with a broken system, because sometimes not only packages get's updates, there may be new packages comes in which are needed to run your system smooth.
That is a major difference in maintain a stable or a rolling release system.

Re: Dangerous updates?

Posted: Fri Mar 15, 2019 1:05 pm
by Linuxmusician01
tramp wrote:
Linuxmusician01 wrote:I never use apt-get upgrade (updates all your software) or apt-get dist-upgrade (upgrades your distro: always goes wrong, PC won't boot or something like that...).

To make a long story short: you're fine w/ Mint 17.1 as long as you don't need a newer version of certain software. :)
I use apt update and apt dist-upgrade regular on my system. And, when you use a rolling release (debian/sid or testing) you must use apt dist-upgrade, otherwise you'll end up with a broken system, because sometimes not only packages get's updates, there may be new packages comes in which are needed to run your system smooth.
That is a major difference in maintain a stable or a rolling release system.
Okay, I didn't know that. Do you have the KXStudio repository installed? And what about commercial DAW's that one installs via a .deb file? Won't certain software break, that is from a non-standard repo or .deb?

Re: Dangerous updates?

Posted: Fri Mar 15, 2019 1:30 pm
by tramp
Linuxmusician01 wrote:Okay, I didn't know that. Do you have the KXStudio repository installed? And what about commercial DAW's that one installs via a .deb file? Won't certain software break, that is from a non-standard repo or .deb?
No, I haven't KXStudio repository enabled, as I tend to build my software from source, preferable from git repository's. This way I could update them when ever I prefer and ain't depend on work done by falkTX.
However, the KXStudio repository's software is all build against the lowest set of library's, and usually works well with newer library's. I know some people who use it together with debian/sid without problems over years.
On commercial DAW's I only use Mixbus, and this one comes like Ardour with it's own set of library's it use, so it ain't depend on my system library's. For others, if a commercial DAW or plugin depend on my system library's, I would consider that a BUG and report it to the developer who selling the software.

And, I ain't use wine, I read from time to time that wine updates could break some VST's which may have work before, therefore some others which didn't work before may work then, so wine is a special cake I guess. :lol: