Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Operating Systems Linux IT

Linux Mint Developers Will Force Updates on Users Like Microsoft Does with Windows 10 (ghacks.net) 142

AmiMoJo shares a report: Last month, the Linux Mint team published a post on the organization's official blog about the importance of installing security updates on machines running the Linux distribution. The essence of the post was that a sizeable number of Linux Mint devices was running outdated applications, packages or even an outdated version of the operating system itself. A sizeable number of devices run on Linux Mint 17.x, according to the blog post, a version of Linux Mint that reached end of support in April 2019. A new blog post, published yesterday, provides information on how the team plans to reduce the update reluctance of Linux Mint users. Next to showing reminders to users, Linux Mint's Update Manager may enforce some of the updates according to the blog post.

"In some cases the Update Manager will be able to remind you to apply updates. In a few of them it might even insist." Upcoming versions will provide information on the implementation, how the "insisting" part may look like, and whether the installation of updates will be enforced. All of this boils down to a single question: how far should operating system developers go when it comes to updates?
BetaNews adds: "And now, it seems the Linux Mint developers are taking a page out of Microsoft's playbook by planning to force some updates on its users. Yes, folks, Linux Mint is becoming more like Windows 10."
This discussion has been archived. No new comments can be posted.

Linux Mint Developers Will Force Updates on Users Like Microsoft Does with Windows 10

Comments Filter:
  • by iamhassi ( 659463 ) on Monday March 01, 2021 @03:50PM (#61112930) Journal
    Developers do not know what every end users usage is, so there is no reason to always force updates on all users. There should always be a way for users to disable updates.
    • by thegreatbob ( 693104 ) on Monday March 01, 2021 @04:02PM (#61112976) Journal
      I have a suspicion that disabling these won't require one or more of :
      • Some special edition of the product
      • Mangling the system configurationUse of third-party tools that more or less do the same (or probably even downloading of additional software)
      • Disconnecting the system from the network

      Personally, I don't have an issue with an opt-out for automatic software updates, so long as it is:

      • Respected in perpetuity
      • Doesn't result in loss of normal functionality
      • Not overly complicated to effect, preferably an option at time of first setup.
      • Any Debian-based system allows disabling of automatic updates. I think regular updating is fairly important on workstations, but an absolute no-no on servers, but Mint is mainly a desktop distro so I don't see a problem with it being on by default, providing it can be disabled.

      • by AmiMoJo ( 196126 )

        Doesn't result in loss of normal functionality

        Well, there's the issue. At some point one software component you need will have to be updated for some reason, e.g. your browser due to a security flaw. And then it starts a chain reaction, you need other stuff to be updated because it depends on it or no longer supports the old version.

        You might ask why the developer doesn't keep supporting older version of the OS/kernel and other "infrastructure" software. Well, if you pay they do, e.g. Microsoft's relatively long term support for Windows. But particular

    • by bloodhawk ( 813939 ) on Monday March 01, 2021 @04:05PM (#61112998)
      forced no, but automatically updating should be the damn default always, especially for security updates. As the linux gains more of the great unwashed masses of incompetent users that think they know better the security of everyone is put at risk. It should be a very conscious technical choice to not be installing updates.
      • Opt Out. Yes!

        Make it clear. Make it simple. Make it optional.

        The default should be AUTOMATIC UPDATES .

      • ... the great unwashed masses of incompetent users ...
        well said
        it is so sad Linux has come to this
        scene, not herd is a thing of the past ?

      • by swilver ( 617741 )

        As long as update do not:

        1) break things

        2) remove things

        3) lose open unsaved work

        4) require me to re-open all my programs

        Then I'm fine with it. Miss any of those, and I'm turning them off and handling my own security.

        ps. Yes, I live in a country where power is so reliable you can just put your computer to sleep and expect everything to be as you left it in the morning, without a UPS.

      • Comment removed based on user account deletion
      • As the linux gains more of the great unwashed masses

        We're talkin' reality here, chum.

      • As the linux gains more of the great unwashed masses of incompetent users that think they know better the security of everyone is put at risk.

        What do you mean unwashed masses. The Linux world is full of people bragging about how long they haven't rebooted their system, effectively publically advertising every kernel / low system level security issue they have, all the while bragging that the odds of their system successfully coming up after they attempt to fend off your attack are slim.

        Oh look my server has an uptime of 15 days and says "**** Server Restart Required ****" when I log in. May as well do that now.

      • Automatic updates on Linux are a completely idiotic idea, that's why they aren't usually used. Some updates may require manual configuration during or after update, fully automatic updates will surely, sooner or later, break something important.
        But I have to admit, much more worse than automatic updates are those idiots who don't keep their systems up-to-date and fail to instaall updates for themselves. So which of the two evils do we choose?

    • by Kisai ( 213879 ) on Monday March 01, 2021 @04:31PM (#61113126)

      No kidding. If I allowed Linux to auto-update things, the feature-creep would be extreme.

      Like there are cases where V 0.x.x of a program will have 2 or 3 dependencies, but then version 1.x.x will have 3000 dependencies as they depended on a 4th library that then pulls in 100's of libraries, which pulls in 100's more.

      I hate that. Basically Linux can not be Windows in this regards, because Windows is a complete OS and the default use case is a desktop/workstation, a separate version exists for servers that has different defaults.

      Linux, rarely ever works in this way. People pick a OS distro because of how it's setup, and add the stuff they need on top. So that can be from Desktop Ubuntu with stupid amounts of things installed on (which is what Google did so they could standardize on one distro before they made their own) to gentoo which allows that fine-control by recompiling everything things.

      In an ideal situation "DLL" type of mechanics would go away and everything would be statically linked. GPL/LGPL unfortunately pretty much requires everything to be a chaotic mess of shared libraries, and thus the resultant binaries are massive as they pull in more and more unused functionality.

      • A couple of years go I wrote a book - I make a shameless promotion for it in my sig below.

        Today I tried to compile it (it's in LaTex and calls various programs to build images and tables, so there's a make script).
        The book would not compile because at some point since I last compiled it, the lua dynamically linked library updated one second order version tick. So gnuplot would not run.

        That's what happens when you let computers auto update.

        • by AmiMoJo ( 196126 )

          This has been an issue for developers forever. The best thing to do seems to be to move your toolchain into a VM or Docker container, and keep it at the version you used to build the software originally.

      • In an ideal situation "DLL" type of mechanics would go away and everything would be statically linked. GPL/LGPL unfortunately pretty much requires everything to be a chaotic mess of shared libraries, and thus the resultant binaries are massive as they pull in more and more unused functionality.

        This is a bad idea for more reasons than that, when a bug is identified in a dependency everything that uses it would have to be rebuilt. Packages are not built by a single entity, you'd end up playing whack-a-mole. The reason shared libraries are used is nothing to do with the licence, it's the correct deployment model.

    • Developers do not know what every end users usage is, so there is no reason to always force updates on all users. There should always be a way for users to disable updates.

      Fair enough, but if your internet connected systems become part of a DDOS botnet, or sending spam or serving malware, it should be fair game for anyone to disable them with extreme prejudice as well.

    • Developers do not know what every end users usage is, so there is no reason to always force updates on all users. There should always be a way for users to disable updates.

      Or just use a different distro, there's plenty of Linux distros out there to choose from. Or just modify Mint yourself, it's open source afterall.

    • Microsoft took an enormous reputational hit because of the lax update policies of Windows XP and previous versions. You could even say they bear some responsibility for the vulnerabilities that persisted because of that lax policy. Ultimately, consumer devices need to be forced to update because the consumers can't be trusted otherwise. Enterprise devices can be controlled through GPO as the people administering those systems should, in theory, be competent professionals.
    • I was annoyed with Linux mint that I couldn't easily enable auto updates. Now I have auto updates with time machine turned on. I agree that updates should be forced by default and then allow it to be manually turned off for anyone pretending their desktop is some mission critical service running on a server. (when it's really just a porn and pirate content downloading machine)
    • Developers do not know what every end users usage is, so there is no reason to always force updates on all users. There should always be a way for users to disable updates.

      True for many users, but not all users. For military/corporate/enterprise users, the decision point on when to apply patches needs to be shifted downstream to people who know the environments, and know the threats, and can make rational decisions about the risks, i.e. the goddamn sysadmins. For for all other users, somebody needs to make the decision on their behalf, and that means as far upstream as possible, and that could very well mean the damn devs.

      Hacking a naive linux user provides the same payoff

  • Screwed Again (Score:3, Insightful)

    by lsllll ( 830002 ) on Monday March 01, 2021 @03:54PM (#61112948)
    Should've just moved from Fedora/Cent-OS to Debian and be done. Why put these other distros in the middle?
  • by Thelasko ( 1196535 ) on Monday March 01, 2021 @03:56PM (#61112952) Journal
    The problem with Linux Mint is you generally need to do a clean install to update to the next version. There are tools to update "automatically". However, it's anything but automatic, and it can really screw up your system. I've had much more luck upgrading between Ubuntu versions in the past.

    Basically, they have a bunch of users on unsupported versions because they made it a PITA to update the system.
    • That's a real problem on EVERY point-release distro, not just Mint. That's the main reason I've been using only rolling-release distributions for the last 12 years.

    • by chrish ( 4714 )

      I upgraded in-place from 19.x to 20.x without any problems. I'm relatively new to Mint though, so I don't know if I got lucky or if this is a new feature of the distro.

      This seems like a fairly basic requirement for a desktop-oriented distro. If I have to do a clean install I'll be annoyed about having to reconfigure everything... the point of using a friendly distro is that I can just use it, without pain.

      I guess if that happens I'll give Manjaro another look, but I'll still be annoyed.

      • I just did the same. I had to make some repairs to get the system to boot. I've used Ubuntu from 2007 until 2017 or so. Upgrading was much simpler and more integrated into the OS. It seems to be an afterthought in Mint.

        Mint's upgrade system seems to be getting better with every release though. It just started way behind compared to other distributions.
  • by Anonymous Coward
    Who the fuck uses mint? I thought that died years ago.
  • by renegade600 ( 204461 ) on Monday March 01, 2021 @04:01PM (#61112970)

    as long as the updates does not require reboot, I really don't have a problem with it. However, if they start requiring reboots, I will have to treat mint just like microsoft and move on.

    • Being able to opt out is the key though. Nothing, absolutely nothing pisses users off more than some company assuming they have ownership of your hardware.
      The only reason MS is able to get away with it is due to their uncanny knack to exploit lock-in.

    • Oh? You don't like applying low level security updates? Good to know.

      - PRC

  • Obnoxious clickbait (Score:5, Informative)

    by steveha ( 103154 ) on Monday March 01, 2021 @04:01PM (#61112972) Homepage

    From the summary:

    BetaNews adds: "And now, it seems the Linux Mint developers are taking a page out of Microsoft's playbook by planning to force some updates on its users. Yes, folks, Linux Mint is becoming more like Windows 10."

    Okay, let's see what the Linux Mint blog post actually says.

    In some cases the Update Manager will be able to remind you to apply updates. In a few of them it might even insist. We don't want it to be dumb and get in your way though. It's here to help. If you are handling things your way, it will detect smart patterns and usages. It will also be configurable and let you change the way it's set up.

    https://blog.linuxmint.com/?p=4037 [linuxmint.com]

    I guess you can compare that to Windows 10, but it's not a useful comparison. They are doing something sort of the same, for some of the same reasons, but we have no reason to expect that the things we don't like about Windows 10 are going to be replicated.

    But this style of journalism seems fun... can I try?

    "Mother Teresa took a page from Hannibal Lector's playbook: she decided to eat food when she was hungry." Exactly the same level of insightful news you can use!

    • Here's the problem. I don't want to be reminded or harassed about any update at any time, forever. I never want to see any notice for anything. I'll update when and if I damn well please.

      Windows 10 and is continual bouts of harassment has gotten on my last nerve. I'm looking into moving to Linux at home. If Mint follows anything remotely similar to Windows 10 and harasses me about any update for anything, I won't use it.

    • But this style of journalism seems fun... can I try?

      You're in the Slashdot comments section. No need to try, you already have that style of journalism.

      Though in this case I'm confused. Given the article talks about both I'm not sure if I can whore some cheap mod points by taking a stab at Windows, or at Systemd. So conflicting!

    • We don't want it to be dumb and get in your way though. It's here to help. If you are handling things your way, it will detect smart patterns and usages. It will also be configurable and let you change the way it's set up.

      Everything about that reads like a marketing pitch. "Detect smart patterns" sounds like a recipe for bugs and general fuckups to me.

      Last time I tried to do a system upgrade (which can only be done via the command line), it downloaded gigs of updates, THEN told me the upgrade was halted until I did a full system snapshot using their own backup utility, which had to be installed separately (also from the command line). Given that I was just using a test system, I was surprised it refused to allow the upgrad

    • The betanews article dedicates most of the space to the actual announcement. It raises a controversial point of discussion, but that's a fine way to engage readers.

      The slashdot post then boils the article down to the discussion, to get some nerd rage. That's where the clickbait is.

  • This is what Apple's been claiming is necessary for years - either they have complete control over the [eco]system and can ensure some[what high] level of security, or else cannot.

    I'm torn on what level should be enforced on the user - hopefully Mint will have learned from MS's mistakes (like forcing it at inopportune times).

    I guess the silver lining is that updates on Linux are more optimized (for installs - last I hear anyways) vs. the mess that Windows is.

    • by lsllll ( 830002 )

      I'm torn on what level should be enforced on the user

      I've got the answer to that. Nothing. Nada. Zilch. Zero. You shouldn't force the user to do anything. Give them the extra paragraph that not doing something could have devastating consequences all you want, as long as then can click an X and get rid of it I'm fine with that.

  • On the one hand, this should be a choice..

    On the other, however, there are far too many lazy/dumb people in tech who are too busy looking busy to actually do the work of keeping their servers and desktops up to date. I recently went into a customer's network as we were installing some new equipment and discovered they had not touched the drivers in 8 years. Not even that, they had changed their network structure several times and features that worked fine when they were installed weren't even on the same

    • In severe cases, forcing the user to go offline to avoid updates is the solution. Many systems should be offline anyway and that is the security threat. We certainly don't need to crash the city treatment plant's machines which have old drivers that no longer work but function perfectly fine for 100 years if you just keep the system from updating.

      There was a time where computers existed and functioned without internet. Really, I'm not making it up! I lived it.

      Run a virtual machine or emulator; keep it o

      • "There was a time where computers existed and functioned without internet. Really, I'm not making it up! I lived it."

        My first computer booted right up to a Basic prompt. You didn't need the internet, a disk drive, or even a tape recorder to be able to type in and run simple Basic programs. It even had a built in calculator 'app' (inherent to rom basic) so you could use it as a fancy adding machine without having to type in a Basic program first.

        OS boot times were blazingly fast too, just a couple seconds. T

    • by Tablizer ( 95088 )

      What's wrong with merely warnings and reminders? The frequency of the reminders could depend on the level of the security threat being patched.

      The message could display a risk grade and reminder period option:

      It's recommended you update this operation system for security reasons.

      Threat level: C+

      {Delay reminder for}: [1 day |v]

      {Update Now}

      More info [hyperlink]

      Here, {...} are buttons and [...|v] is a drop-list of durations. The default duration would depend on the threat leve

  • There is an unattended upgrade service that runs occasionally on Ubuntu 18.04 that does this. Power up a system that hasn't been used in a while and then go to shutdown, except you have to wait for this process to finish. That or you run apt something or other and find files locked in /var because the service is running.

  • This obsession with updates to make the version number go up like a cryptocurrency will eventually cause serious problems. One day we will wake up to mass brickings or death by updates. This comment has been updated while I typed this.
  • by VAElynx ( 2001046 ) on Monday March 01, 2021 @04:04PM (#61112990)
    with a ten-foot pole.

    I have a host of packages that I *need* for work, and I can't and won't rely on hope that a forced update doesn't break them. Example: I keep to a specific version of VirtualBox since I run windows XP there with a host of software I need, and it turns out that beyond a particular update it started locking up when unattended for a while. There's other examples like that, including machines that have specific hardware that has began to elude compatibility beyond a particular point.

    Long story short, this is a really stupid idea - on top of being insulting to users, it might render your distribution useless.
  • by thevirtualcat ( 1071504 ) on Monday March 01, 2021 @04:08PM (#61113008)

    If they want to make automatic upgrades the *default* setting, I'm all for it.
    If they want to make automatic upgrades the *only* setting, I'm not okay with that.

    For my part, I'd prefer to not have the automatic upgrades because I have a few sources that need to be updated manually after doing a dist-upgrade. I can also see issues where an end user installs a program that adds its own source that will get disabled during the upgrade and they won't notice. (Google Chrome, for instance.)

  • I'm running Ubuntu on a couple/three systems at home.

    I usually wait a bit on new kernels and wait quite a while on hardware/boot system updates. Non-kernel security updates I usually apply pretty quickly.

    Like most operating systems, you NEVER want to be the first to find issues.

    I've only really only had one or two issues with updates, once where the boot system apparently "forgot" which disk was my boot drive. It took a little while before I figured it out.

    In Microsoft's case, you're usually going to end u

  • by MMC Monster ( 602931 ) on Monday March 01, 2021 @04:10PM (#61113022)

    The Linux Mint Blog is clear that it will be a default in new installations that all upgrades will be installed automatically. It will also have a box you can uncheck in Update Manager so that you can disable automatic updates.

    Also, given that updates that require reboots are extremely rare (I only see them when updating to a new Linux Mint Base edition or forcing a kernel update), I'm not too concerned about this.

    In other words: The article is pure clickbait.

    • actually, it's just something the developers are talking about, not even decided they'll do it. *Really* makes this article click bait.

  • Clickbait (Score:5, Insightful)

    by inhuman_4 ( 1294516 ) on Monday March 01, 2021 @04:11PM (#61113028)

    Why didn't you just link to the actual LinuxMint blog post [linuxmint.com] instead of this clickbait? This is what the developers actually said:

    In some cases the Update Manager will be able to remind you to apply updates. In a few of them it might even insist. We don’t want it to be dumb and get in your way though. It’s here to help. If you are handling things your way, it will detect smart patterns and usages. It will also be configurable and let you change the way it’s set up.

    We have key principles at Linux Mint. One of them is that this is your computer, not ours. We also have many use cases in mind and don’t want to make Linux Mint harder to use for any of them.

    We’re still forming strategies and deciding when and how the manager should make itself more visible so it’s too soon to speak about these aspects and get into the details which probably interest you the most here. So far we worked on making the manager smarter and giving it more information and more metrics to look at.

    And this is what your headline reads:

    Linux Mint Developers Will Force Updates on Users Like Microsoft Does with Windows 10

    You don't know that! The developer were very clear that they haven't decided. The headline should "may" or "are considering". This is clickbait garbage. Shame on both of you msmash and AmiMojo. Just link directly to the source next time.

    • It’s here to help. If you are handling things your way, it will detect smart patterns and usages.

      This is the part that concerns me. The last thing I want is for the computer to try to figure out what I want before I do. We're increasingly running into situations where the system will "accidentally" do something automatically, even in situations where you explicitly turned a feature off, and then the developers claim that it's just a bug.

      I don't want "smart" updates. I want a list of options and the OS to just do what I tell it. Fully automatic can certainly be the default, but for heaven's sake, st

  • Like the latest version having a bug that makes it unacceptable on my system? Which includes some new "design" choices, like removing features because that is all the iRage nowadays.

    Or me just sitting somewhere, where updates aren't feasible. Like being on throttled tethering, and needing the bandwidth for something else?

    This is yet another nail in the coffin of the misassumption that anything Ubuntu-like is still Linux. Let's he honest: It is OpenMacOS. (And KDE used to be OpenWindows, until they jumped on

  • Many years ago I tried all sorts of distros. Eventually I settled on Ubuntu for a while. Eventually I got tired of their updates breaking my system fairly regularly. Easy enough fixes usually, but annoying. I then moved to PCLinuxOS until they dropped support for Gnome. Have been on Mint ever since. Recently it seems they value having these updates out over everything else. Doesn't matter if anything else is ready. I have one machine in my house running Mint 20. The rest are still on 19 as I have a bunch of
    • Re: (Score:2, Interesting)

      by AcidFnTonic ( 791034 )

      Called Gentoo...

      And even that is starting to be ruined. Seems like every update that breaks or has problems is because of something Michal Gorny decided to mask/unmask/remove.

      I use Gentoo specifically to develop software, being able to exactly specify the version desired for every library and program on the system.... That is until Michal comes and blindly trashes that with a bunch of messages about old software not building with new software (that I'm not using).

      It's not like I'm building redistributable b

    • Ack... you deserve mod points but I already posted.

  • If you can't keep your app updated to function with the updated OS then your app should not be used.
  • Luke moves to Germany. Yes, folk, Luke is becoming more like Hitler.

    It's baiting for argument, and it got it.

    If forced updates can be done without any other unrelated UI or behavioral changes, I'd be less bothered by it. I remember my parents operating Linux Mint a while back and getting regular Firefox updates. The UI changed enough on them that I had to give them a lesson in software lifecycles so they wouldn't be pissed at me.

  • As if anyone with even moderate chops when it comes to Linux couldn't change the config so these 'forced' updates aren't 'forced' anyway. Or just change distros.
  • As the GNU/Linux ecosystem continues to evolve, we are seeing better and better core utilities, with package management being among them.

    One of the things that I am waiting patiently for is the idea of allowing a user to select their tolerance for stability down to a per-application level. I’ll try and illustrate what I mean by using LibreOffice as an example. If you got to the LO download page, you will always see two different versions of the package available. One is clearly marked as ‘sta
  • My several TBs are ready do go puff.

  • Comment removed based on user account deletion
  • by martynhare ( 7125343 ) on Monday March 01, 2021 @08:12PM (#61114056)
    Nobody is forced to receive updates on any OS. However, being an anti-patcher is the cyberspace equivalent of being an anti-vaxxer. People who do not patch their systems get compromised and then act as vector to compromise others, much like anti-vaxxers spread otherwise avoidable diseases. If you are following best practice anyway (regular full system backups alongside your data) and truly know what you are doing then you should have no reason to refuse patches in the first place. Best practice says you will have already installed them on your test systems long before they hit a stable repository bound for something important anyway!
  • The default should be auto-update, with an option to allow users to disable the automation IF the user chooses to disable it. A nice option would be a two or three day delay for updates that can't be externally exploited such that a bad update would be pulled in a day and those on "update delay" wouldn't get bit.

  • Don't do it Mint devs...

    Don't you DARE.

    I don't use Ubuntu because of update shenanigans... Apple's unkillable update reminders baloney is annoying as hell... Windows... Well, there hasn't been any saving that OS since 8.

    Feel free to enable auto-updates, but if I know enough of my ass from a hole in the ground to turn them off, don't you f-ing DARE force them on me.

  • like Mint and Ubuntu and other newish handholding distros, i think they spy on their users, and after 60 years of observing human nature i know even benign relatively good people can be corrupted by greed & stupidity so i rather not trust them despite the original good intent of this so-called spying,
  • Power corrupts. Absolute power corrupts absolutely.

  • I'm on a laptop and mostly only close the lid and the laptop sleeps. Turning it off usually means going somewhere (or something is severely borked, it's Windows after all). Nothing worse than Windows deciding turning it off is a good time to update, and I have to go somewhere with it.

    Still annoyed about MS downloading something like 6 GB for the Win10 upgrade I didn't want. Twice. I was offshore and got my internet cut off for downloading too much.

Do you suffer painful hallucination? -- Don Juan, cited by Carlos Casteneda

Working...