Page 3 of 3
Re: Qeustion about update cycle
Posted: Fri Apr 18, 2025 9:36 pm
by CharlesV
uncle mark wrote: Fri Apr 18, 2025 8:32 pm
Noax wrote: Fri Apr 18, 2025 7:55 pm
Also thanks for your opinion again uncle Mark.
It seems like for me I worry too much?... hehe
Its precisely because I am coming fresh from windows that I still have this vigilance what drives me to ask this kind of qeustions...
Understood. We see it all the time with new adopters coming over from Windows. You'll notice there is no such thing as an anti-virus application (in any conventional sense) for Linux. There's a reason for that.
Enjoy carefree computing.
Actually, there are some very good antivirus programs for Linux. I run eset on one of my machines ( Love eset ) and there is Bitdefender, sophos, Avast and of course ClamAV.
I agree that *most* people dont need it.. however, there is concern for some people that are in hostile environments, dual boot windows, run windows and / or have a long history of windows files.
Example of this - I have a client that has years and years of emails and data from her clients... as well as some docs that were saved that were not legit. One of the paralegals that is helping her has a laptop running Mint and she comes into the office regularly. We setup eset on her machine and it has identified several legitimate problems it has found in those files - including several root kits. Probably would not be an issue on the mint laptop... but...;-/
Re: Qeustion about update cycle
Posted: Fri Apr 18, 2025 9:55 pm
by uncle mark
CharlesV wrote: Fri Apr 18, 2025 9:36 pm
Example of this - I have a client that has years and years of emails and data from her clients... as well as some docs that were saved that were not legit. One of the paralegals that is helping her has a laptop running Mint and she comes into the office regularly. We setup eset on her machine and it has identified several legitimate problems it has found in those files - including several root kits. Probably would not be an issue on the mint laptop... but...;-/
Not to be argumentative, but those AV hits are on stuff found in the Windows file system, are they not? And the Mint laptop hasn't been compromised, has it? Point being, in conventional use even if malware is detected in a data set you're accessing, the threat of your Linux OS being pwned is minuscule.
I'm curious, are the AV applications mentioned able to clean/repair the malware found? In a previous life I had a pretty lucrative side gig cleaning up and repairing infested Windows machines. At the time, I never did find a Linux program that would do the job like the Windows based tools I used.
Re: Qeustion about update cycle
Posted: Fri Apr 18, 2025 11:08 pm
by CharlesV
I have had several "cleans" of email ( linux only, incoming emails ), and seen several 'cleans" of clients machines as well. No Windows involved on these, but I would agree that I dont believe they would amount to too much either.
I read weekly about issues coming down on linux machines, including getting ahold of machines... however no I have not seen anything get a grip yet.
I *have* seen bitdefender find and remove malware that was dropped in on google chrome.
Re: Qeustion about update cycle
Posted: Fri Apr 18, 2025 11:39 pm
by FullScale4Me
FullScale4Me wrote: Fri Apr 18, 2025 5:22 pm
Check into the MX app User Installed Packages for capturing your apps and installing them on the new installation. It does have some limits:
- Anything 'installed' via copying, ie, not through 'apt install <program_name>' or a process that spawns it.
Added:
- Any apps installed via: Wine, WineTricks, PlayonLinux, Bottles, Lutris or Steam - not covered.
Re: Qeustion about update cycle [Solved]
Posted: Sat Apr 19, 2025 12:39 am
by asqwerth
Noax wrote: Fri Apr 18, 2025 7:55 pm
Thanks again for clarification DukeComposed.
So your advice for safely using Firefox for example for online banking is to upgrade to the newer MX OS version before it falls out of mainstream support?
So I misunderstood and the MX devs won't package new Firefox updates for the last two main MX OS releases? The updates will stop at june 26 for MX 23 except LTS for Kernel security stuff?
.......
There is some confusion here.
The MX packaging team is the one that packages Firefox,since Debian only provides Firefox-ESR, and the MX team have always continued to do so for the whole 5 years of normal+LTS life of the Debian base in question.
This is provided of course that the latest Firefox updates do not suddenly gain new dependencies that will conflict with the older Debian-base that the older MX is based on. And I am sure that if this suddenly is an issue, MX team will let everyone know.
And I agree that you are worrying too much. I wouldn't advise you to continue using EOL releases, but as long as an MX release is within the 5-year LTS period, there should not be a worry about security assuming you don't do foolish things yourself.
For your info, I run MX21 installs together with my MX23 ones on my PC, and MX21 is still receiving FIrefox updates. I just happened to be booted into MX21 XFCE today, and what do you know? Firefox updates! And google-chrome [from Google repo, and it still works]. And MX21 is also receiving the new MX tool, UEFI-manager, as well as fixes for the other MX Tools, 4 years into its release life.
Code: Select all
full upgrade
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
The following packages were automatically installed and are no longer required:
[snip]
......
The following NEW packages will be installed:
uefi-manager (25.5.02)
The following packages will be upgraded:
cli-installer-mx (5.3 => 25.4.01)
firefox (137.0~mozillabinaries-1mx21+2 => 137.0.2~mozillabinaries-1mx21+1)
firefox-l10n-xpi-zh-tw (137.0~mozillabinaries-1mx21+1 => 137.0.2~mozillabinaries-1mx21+1)
google-chrome-stable (135.0.7049.52-1 => 135.0.7049.95-1)
libglib2.0-0 (2.66.8-1+deb11u5 => 2.66.8-1+deb11u6)
libglib2.0-bin (2.66.8-1+deb11u5 => 2.66.8-1+deb11u6)
libglib2.0-data (2.66.8-1+deb11u5 => 2.66.8-1+deb11u6)
login (1:4.8.1-1 => 1:4.8.1-1+deb11u1)
mx-boot-options (25.2.06 => 25.4.02)
mx-bootrepair (24.4 => 25.4.01)
mx-packageinstaller (25.3.02 => 25.5.01)
mx-service-manager (24.3.02 => 25.4)
mx-snapshot (25.2 => 25.4)
passwd (1:4.8.1-1 => 1:4.8.1-1+deb11u1)
wpasupplicant (2:2.9.0-21+deb11u2 => 2:2.9.0-21+deb11u3)
15 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 197 MB of archives.
After this operation, 556 kB of additional disk space will be used.
I'll be using MX21 until its EOL next year, in 2026. Same thing I've done for all MX releases since the first one, MX14.
Re: Qeustion about update cycle
Posted: Sat Apr 19, 2025 1:17 am
by Noax
Thank you all again for your answers, especially the most recent one from asqwerth. That was "the" answer with the information I wanted. So 5 years per version are "fine".
Again: Thank you very much for answering an worrywart like myself.
I wish you all happy eastern! And an nice weekend. :-)
Re: Qeustion about update cycle
Posted: Sat Apr 19, 2025 4:15 am
by DukeComposed
FullScale4Me wrote: Fri Apr 18, 2025 11:39 pm
FullScale4Me wrote: Fri Apr 18, 2025 5:22 pm
Check into the MX app User Installed Packages for capturing your apps and installing them on the new installation. It does have some limits:
- Anything 'installed' via copying, ie, not through 'apt install <program_name>' or a process that spawns it.
Added:
- Any apps installed via: Wine, WineTricks, PlayonLinux, Bottles, Lutris or Steam - not covered.
And Nix packages, and "./configure; make; make install" and "curl | sh", oh my!
Re: Qeustion about update cycle
Posted: Sat Apr 19, 2025 6:17 am
by Jakob77
Noax
Maybe this link can also be useful:
https://endoflife.date/mxlinux
About updating and safety I don't believe there are any guarantees.
It is more about minimizing the risk.
For banking I have to recommend a full updated and fresh booted computer.
Maybe the most important is the Firefox settings, and also to keep an eye on they are not changed by updates.
And in general I believe, the closer you stay to the programs chosen by the MX team and install nothing else, the more sure you can be the developers can and will do their very best to protect you.
If you are lucky enough to have more than one computer it might feel good to keep one just for serious work and beside that to have one for update test and fun.
Wow... I just received an update for Firefox.. gotta go.! ;-)
Re: Qeustion about update cycle
Posted: Sat Apr 19, 2025 12:36 pm
by MXRobo
Noax wrote: Fri Apr 18, 2025 5:35 pm
But I am the type of guy who installs an completely new OS over the previous one and then installs the necessary software for printers, games etc.
I will simply back all data on my rusty ntfs hdd USB drive and copy them later back over.
I was too, and I won't be able to do this immediately on one of my laptops because I'll be installing a larger ssd because the current one is extremely small (~120GB), but I'm at least going to try (to see if I like it) and start installing the newest release
beside the current/old installation - only on a sufficiently sized ssd - so that I can simply copy over some /home/user files from the existing/old installation, e.g. .mozilla, etc. Although I haven't done this yet.
========
Also, with a bigger ssd - or an external one, you may later consider a separate DATA partition, again with your common Documents, Downloads, Music, Pictures, Videos (and personally added ones) showing as symlinks that point to the actual content in your DATA folder. Don't touch the DATA partition during an install, and then simply recreate symbolic links to the existing directories in the DATA folder, i.e. Documents Downloads Music Pictures Videos which (again) are linked to the symlinks in the home folder.
Reason, redundantly - easier to retain data during reinstall, just ignore the DATA partition, only recreate the symlinks.
Cheers