Dangerous updates?

What other apps and distros do you use to round out your studio?

Moderators: MattKingUSA, khz

User avatar
LinMusGuy
Established Member
Posts: 551
Joined: Wed Feb 27, 2019 9:33 pm
Has thanked: 22 times
Been thanked: 2 times

Dangerous updates?

Post by LinMusGuy »

I am considering to upgrade Linux Mint on my computer but am not sure about it as I just spent some days (and nights) installing the audio programs and files that I want to work with. I don't want to start all over again.

But first I have to deal with this question: what to do with the "red updates" below?
updatebeheer.png
updatebeheer.png (47.84 KiB) Viewed 1756 times
Last edited by LinMusGuy on Thu Mar 14, 2019 10:49 am, edited 1 time in total.
User avatar
sysrqer
Established Member
Posts: 2519
Joined: Thu Nov 14, 2013 11:47 pm
Has thanked: 319 times
Been thanked: 148 times
Contact:

Re: Dangerous updates?

Post by sysrqer »

It's only the kernel, should be fine. If not then you can boot in to the old one by choosing the grub menu when you first turn on your computer. If you don't have that then this might help - https://forums.linuxmint.com/viewtopic. ... 49#p951025 you should see a menu, one will show you the different kernels you have installed.
User avatar
Linuxmusician01
Established Member
Posts: 1524
Joined: Mon Feb 23, 2015 2:38 pm
Location: Holland
Has thanked: 756 times
Been thanked: 136 times

Re: Dangerous updates?

Post by Linuxmusician01 »

I try to never upgrade my distro (which is something other than update). As for the "red updates" you refer to: I speak Dutch, I use Mint but I do not use the program that you use to update software. So I don't know what it means... I use 'ye olde Synaptic.

I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
User avatar
lilith
Established Member
Posts: 1698
Joined: Fri May 27, 2016 11:41 pm
Location: bLACK fOREST
Has thanked: 117 times
Been thanked: 57 times
Contact:

Re: Dangerous updates?

Post by lilith »

Linuxmusician01 wrote:I try to never upgrade my distro (which is something other than update). As for the "red updates" you refer to: I speak Dutch, I use Mint but I do not use the program that you use to update software. So I don't know what it means... I use 'ye olde Synaptic.

I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
apt-get upgrade is updating. Maybe you mean distribution update?
User avatar
LinMusGuy
Established Member
Posts: 551
Joined: Wed Feb 27, 2019 9:33 pm
Has thanked: 22 times
Been thanked: 2 times

Re: Dangerous updates?

Post by LinMusGuy »

Just did it. :oops:

Result:
fout.png
fout.png (18.83 KiB) Viewed 1726 times
vertaling.png
vertaling.png (38.64 KiB) Viewed 1726 times
User avatar
LinMusGuy
Established Member
Posts: 551
Joined: Wed Feb 27, 2019 9:33 pm
Has thanked: 22 times
Been thanked: 2 times

Re: Dangerous updates?

Post by LinMusGuy »

Linuxmusician01 wrote:I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
Yes! That's exactly what is holding me back about upgrading. But there is a problem that very soon Linux Mint 17 (which I have) will no longer be supported. I don't know how bad that is....
User avatar
Linuxmusician01
Established Member
Posts: 1524
Joined: Mon Feb 23, 2015 2:38 pm
Location: Holland
Has thanked: 756 times
Been thanked: 136 times

Re: Dangerous updates?

Post by Linuxmusician01 »

lilith wrote:apt-get upgrade is updating. Maybe you mean distribution update?
I stand corrected! :)
User avatar
Linuxmusician01
Established Member
Posts: 1524
Joined: Mon Feb 23, 2015 2:38 pm
Location: Holland
Has thanked: 756 times
Been thanked: 136 times

Re: Dangerous updates?

Post by Linuxmusician01 »

LinMusGuy wrote:
Linuxmusician01 wrote:I wouldn't update/upgrade if I were you if everything is working fine. I believe very strongly in: "If it ain't broken don't try to fix it".
Yes! That's exactly what is holding me back about upgrading. But there is a problem that very soon Linux Mint 17 (which I have) will no longer be supported. I don't know how bad that is....
I use Mint 17.1 too. If it were me I'd still be on Ubuntu 10.04 which I had before that. Or on Windows XP for that matter. But some time after the LTS period ended I needed new software versions and security updates that weren't in the repo's. So I had to upgrade my distro. The repositories with all software will still be up for a long time. So you can install any software you want after the LTS period. However, they won't be updated. So if you want to install the latest version of something that is available for Mint 17.1 you can do that any time you want in the future. No need to update everything now.

BTW, like Lilith wrote above, I confused upgrading all your software w/ upgrading your distro. If you want to "update" software you'll have to update all info from the repositories that you use first. This can be done via your package manager (Synaptic) or more easily via the CLI:

Code: Select all

sudo apt-get update
After that command you can install software (sudo apt-get install name_of_application). I never use apt-get upgrade (updates all your software) or apt-get dist-upgrade (upgrades your distro: always goes wrong, PC won't boot or something like that...).

To make a long story short: you're fine w/ Mint 17.1 as long as you don't need a newer version of certain software. :)
User avatar
khz
Established Member
Posts: 1648
Joined: Thu Apr 17, 2008 6:29 am
Location: German
Has thanked: 42 times
Been thanked: 92 times

Re: Dangerous updates?

Post by khz »

Not to update an operating system and thus not to have an up-to-date one (security updates/packages) is ~courageous.

No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later.

Linux is not more secure than other operating systems.
<EDIT>The Internet is used by people, so anything is possible. ;-)
And not only bug fix, the system and application software is constantly evolving. If you want to install a current (music) software, the installation might fail because certain dependencies (outdated software) can not be resolved.</EDIT>

If you can dist-upgrade a *buntu I don't know.
A Debian or any other distribution does that ~problem-free.
I guess a *buntu has to be reinstalled every time a new version is released.
khz wrote:With the program https://packages.debian.org/de/stretch/ ... erties-gtk (or software-properties-kde) you can easily and conveniently keep your system up to date.
And from time to time

Code: Select all

apt-get update && apt-get -y upgrade
[...]

In Debian you might change the "/etc/apt/sources.list" if you explicitly entered "stretch" (release name) instead of "stable". So you have to log off your user every 3 years, <Ctrl> & <Alt> & <F2>, log in as root in the console, "/etc/init.d/gdm stop" and then enter a

Code: Select all

apt-cache clean && apt-get update && apt-get -y upgrade && apt-get -y dist-upgrade && apt-get autoremove && apt-get -f -y install
and then the "reboot" computer to stay current.
Upgrades from Debian >> https://www.debian.org/releases/stable/ ... ng.en.html
Debian-stable dist-upgrade with the KXStudio repository >> viewtopic.php?p=96528#p96528
KXRepos and Debian PPAs >> viewtopic.php?p=94589#p94589
  • Read what "apt-get autoremove" wants to uninstall. If "apt-get autoremove" wants to uninstall the 1/2 system answer the question "Do you want to continue? [Y/n]" rather with "no".
    With a Debian stable there should be no problems with this command. With Backports/Repository and/or a Debian testing/sid or *buntu could cause problems.
You should look at the backports before dist-upgrade! If elementary packages from the backports are installed (e.g. a kernel) you should uninstall them before dist-upgrade. After the dist-upgrade you can then install the packages from the (new) backports again.
. . . FZ - Does humor belongs in Music?
. . GNU/LINUX@AUDIO ~ /Wiki $ Howto.Info && GNU/Linux Debian installing >> Linux Audio Workstation LAW
  • I don't care about the freedom of speech because I have nothing to say.
User avatar
Linuxmusician01
Established Member
Posts: 1524
Joined: Mon Feb 23, 2015 2:38 pm
Location: Holland
Has thanked: 756 times
Been thanked: 136 times

Re: Dangerous updates?

Post by Linuxmusician01 »

khz wrote:Not to update an operating system and thus not to have an up-to-date one (security updates/packages) is ~courageous.

No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later.

Linux is not more secure than other operating systems.
<EDIT>The Internet is used by people, so anything is possible. ;-)
And not only bug fix, the system and application software is constantly evolving. If you want to install a current (music) software, the installation might fail because certain dependencies (outdated software) can not be resolved.</EDIT>

If you can dist-upgrade a *buntu I don't know.
A Debian or any other distribution does that ~problem-free.
I guess a *buntu has to be reinstalled every time a new version is released.
[...]
You're absolutely right. If you never update, like me, you're in danger because you miss out on security updates. That's why I updated a few years ago, something w/ wpa-supplicant, https or pgp, can't remember.

About upgrading your distro w/ apt-get dist-upgrade. If you use additional repositories - like the inevitable beloved KXStudio repo for us Linux musicians - then certain software breaks. No matter if you use Debian or a *Buntu distro. But if you use a vanilla Linux distro (i.e. you change NO repositories) then I think that there there will not be a lot of trouble. But I never risk it after learning a hard lesson. I backup (this is very important!) everything I have, shrink my main partition and install a vanilla distro on an extra partition. Then I copy files and setting over, re-install all software, etc. A process that's awful; it's the only downside to Linux if you ask me.

Just my two cents. :)
jonetsu
Established Member
Posts: 2036
Joined: Sat Jun 11, 2016 12:05 am
Has thanked: 10 times
Been thanked: 22 times

Re: Dangerous updates?

Post by jonetsu »

khz wrote:No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later. [/size] Linux is not more secure than other operating systems.
I remember making Debian packages that would 'phone home' when installed at a user computer. That was fun. This said, Linux is more secure that 'other operating systems' simply because the code is viewed by so many people. This does not mean that Linux is secure. It means that since there's no black box of code, there's no such thing as 'security by obscurity'. Although ...

This said again, it does not prevent something like the Speck cipher from the NSA to be inside the Linux kernel even though it was rejected by ISO for lack of technical details, but pushed into the Linux kernel by Google for the IoT support. It should be removed by 4.20 though. Not the first time. Another backdoored cipher made it into the Linux kernel some years ago, again by a government agency.
Detente
Established Member
Posts: 3
Joined: Thu Mar 14, 2019 9:06 pm
Contact:

Worry Reduction via Realism

Post by Detente »

IMPORTANT NOTE: quoted text block fixed! (I have no knowledge of Debian package makings nor of ciphers from organizations that I'm not sure about! please re-read twice previous and subsequent posts for clarity. thanks)
No matter if you use Linux, macOS or Windows, all operating systems have bugs and will be attacked sooner or later. [/size] Linux is not more secure than other operating systems.
I remember making Debian packages that would 'phone home' when installed at a user computer. That was fun. This said, Linux is more secure that 'other operating systems' simply because the code is viewed by so many people. This does not mean that Linux is secure. It means that since there's no black box of code, there's no such thing as 'security by obscurity'. Although ...

This said again, it does not prevent something like the Speck cipher from the NSA to be inside the Linux kernel even though it was rejected by ISO for lack of technical details, but pushed into the Linux kernel by Google for the IoT support. It should be removed by 4.20 though. Not the first time. Another backdoored cipher made it into the Linux kernel some years ago, again by a government agency.
Thanks for this realism and cross-cultural context.
I am one of these types of musicians who gets affected by both sides of the coin:

0) Sometimes I just give up and quit computing and keep my archives somewhere near my body (but NOT inside!).
1) I dodge updates to stay secure because they are pretty much wide open doors to me with heavey traffic.
2) During other OS implementations of us, I implement updates to stay secure and try to then stay offline.
3) When doing pretty well, I utilise more than one platform for downloading and testing and usage; yet this is expensive and time-consuming and typically requires a lot of cooperation with other users for me to get good enough results.

* Culturally, this only works when this world is NOT engaged in multiple digital battles of FLACK against itself.

P.S.=This world seems to me to be ironically engaged currently in multiple battles of FLACK and ATTRITION against itself. This needs to stop ASAP.

Peace be with y'all
Last edited by Detente on Fri Mar 15, 2019 6:40 pm, edited 1 time in total.
tramp
Established Member
Posts: 2335
Joined: Mon Jul 01, 2013 8:13 am
Has thanked: 9 times
Been thanked: 454 times

Re: Dangerous updates?

Post by tramp »

Linuxmusician01 wrote:I never use apt-get upgrade (updates all your software) or apt-get dist-upgrade (upgrades your distro: always goes wrong, PC won't boot or something like that...).

To make a long story short: you're fine w/ Mint 17.1 as long as you don't need a newer version of certain software. :)
I use apt update and apt dist-upgrade regular on my system. And, when you use a rolling release (debian/sid or testing) you must use apt dist-upgrade, otherwise you'll end up with a broken system, because sometimes not only packages get's updates, there may be new packages comes in which are needed to run your system smooth.
That is a major difference in maintain a stable or a rolling release system.
On the road again.
User avatar
Linuxmusician01
Established Member
Posts: 1524
Joined: Mon Feb 23, 2015 2:38 pm
Location: Holland
Has thanked: 756 times
Been thanked: 136 times

Re: Dangerous updates?

Post by Linuxmusician01 »

tramp wrote:
Linuxmusician01 wrote:I never use apt-get upgrade (updates all your software) or apt-get dist-upgrade (upgrades your distro: always goes wrong, PC won't boot or something like that...).

To make a long story short: you're fine w/ Mint 17.1 as long as you don't need a newer version of certain software. :)
I use apt update and apt dist-upgrade regular on my system. And, when you use a rolling release (debian/sid or testing) you must use apt dist-upgrade, otherwise you'll end up with a broken system, because sometimes not only packages get's updates, there may be new packages comes in which are needed to run your system smooth.
That is a major difference in maintain a stable or a rolling release system.
Okay, I didn't know that. Do you have the KXStudio repository installed? And what about commercial DAW's that one installs via a .deb file? Won't certain software break, that is from a non-standard repo or .deb?
tramp
Established Member
Posts: 2335
Joined: Mon Jul 01, 2013 8:13 am
Has thanked: 9 times
Been thanked: 454 times

Re: Dangerous updates?

Post by tramp »

Linuxmusician01 wrote:Okay, I didn't know that. Do you have the KXStudio repository installed? And what about commercial DAW's that one installs via a .deb file? Won't certain software break, that is from a non-standard repo or .deb?
No, I haven't KXStudio repository enabled, as I tend to build my software from source, preferable from git repository's. This way I could update them when ever I prefer and ain't depend on work done by falkTX.
However, the KXStudio repository's software is all build against the lowest set of library's, and usually works well with newer library's. I know some people who use it together with debian/sid without problems over years.
On commercial DAW's I only use Mixbus, and this one comes like Ardour with it's own set of library's it use, so it ain't depend on my system library's. For others, if a commercial DAW or plugin depend on my system library's, I would consider that a BUG and report it to the developer who selling the software.

And, I ain't use wine, I read from time to time that wine updates could break some VST's which may have work before, therefore some others which didn't work before may work then, so wine is a special cake I guess. :lol:
On the road again.
Post Reply