Page 3 of 4 FirstFirst 1234 LastLast
Results 21 to 30 of 34

Thread: Exactly how vulnerable are unsupported versions of Ubuntu?

  1. #21
    Join Date
    Jul 2013
    Location
    Perth, Western Australia
    Beans
    30
    Distro
    Xubuntu

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Quote Originally Posted by whitesmith View Post
    I trust FOSS because there is no central source for a government to coerce into complicity. Say, for instance, you're the NSA and you want to compromise implementation of the PKS in Linux. Who do you turn to for help? Linux is the work of a community, not a company, so carrots and sticks are useless. Even--and this is probably the extreme limiting case--you could persuade Torvalds to cave in the name of "national security" or some such bugaboo, that would have no effect on developers around the world tasked with maintaining the PKS piece. Compare that with the NSA's "black room" at AT&T's San Francisco switch. The NSA asked. AT&T complied. All traffic carried by that network went through the filter, whose existence only became public knowledge after the Justice Department mistakenly put defense lawyers on a cc list in an unrelated FOIA matter. Central points of management are easily exploited. Distributed management makes funny business immeasurably more difficult. That is what I like about Linux.
    I'm not saying I don't trust FOSS. I'm saying there's no guarantee of anything, however unlikely it may seem you can not exclude the possibility.
    If even some "standard" encryption algorithms have been compromised how can we know anything for sure?

    And maybe I should have said: I doubt it that there are no backdoors ON Linux instead of IN Linux.
    Let's assume linux itself is "safe". How can I be sure that Opera, the browser I'm writing this in is not compromised? How do I know my filezilla isn't? How can I find out if my router is? How about my nvidia drivers? My flash player? Maybe some of the chips on my mobo even? My networking card/chips? There are so many variables that it's impossible to know anything for sure.

    How can I feel so much more secure on Linux now that we know that SSL/https and the whole shebang is already compromised? Now that we know AT&T/intel/google/facebook/microsoft/yahoo ... the list goes on... are all in bed with "the enemy"?
    Being on Linux may give a lot of people a false sense of security, just like running viruscheckers, anti-malware programs and a lot of other security measures do. Encrypting my drive or some directory knowing that the encryption is probably compromised doesn't make me feel more secure anymore. So why would I even bother anymore?

    Linux is just one element in this complicated and complex equation.

    And let's be honest and realistic, linux and ubuntu also have their share of security fixes and therefore security issues, despite all the code monitoring and all the checking and double checking that would - according to you - protect us.
    Never underestimate the enemy
    Last edited by Mephisto Pheles; September 13th, 2013 at 06:32 PM.
    Stick 'em up Punk it's the fun lovin' criminal! (FLC)

    The higher you soar, the smaller you seem to those who cannot fly. (Nietzsche)

  2. #22
    Join Date
    Jul 2008
    Location
    Northants, UK
    Beans
    272

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Right. Thanks to all.

    From all the above, i gather that - as long as a user surfs safely and conscientiously - an unsupported old version (eg 10.04) is perfectly fine to use on older machines that simply won't run the newer builds (whether because of updated kernels' dropped support for certain hardware, or the increased resource needs of later versions).

    I think my question has been answered

  3. #23
    Join Date
    Nov 2011
    Beans
    2,336
    Distro
    Ubuntu

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Quote Originally Posted by Hylas de Niall View Post
    ...

    From all the above, i gather that - as long as a user surfs safely and conscientiously - an unsupported old version (eg 10.04) is perfectly fine to use on older machines that simply won't run the newer builds (whether because of updated kernels' dropped support for certain hardware, or the increased resource needs of later versions).
    Surfing safely can reduce risk. But, it can't eliminate vulnerability. By staying with unsupported code, you are assuring, if nothing else, that you will receive no fixes for new attacks developed to exploit weaknesses in code on your machine.

    Unless you are prescient, you can't know the risks that will appear tomorrow.

  4. #24
    Join Date
    May 2009
    Location
    Indiana
    Beans
    1,971
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Current versions of lighter variants of Ubuntu should mitigate that vulnerability while not exceeding the power of the machine you have running 10.04, and still meet your needs.
    Jane, stop this crazy thing!

  5. #25
    Join Date
    Nov 2011
    Beans
    2,336
    Distro
    Ubuntu

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Quote Originally Posted by newb85 View Post
    Current versions of lighter variants of Ubuntu should mitigate that vulnerability while not exceeding the power of the machine you have running 10.04, and still meet your needs.
    Plus, any version of any distribution can be made to require fewer resources by avoiding unecessary startup applications and services, and by running applications with fewer resources demands. Don't take the word of other people or random web posts. Make changes to your system and measure the differences. A great deal of Conventional Wisdom exists about this subject. Most of it seems to be unvalidated echo chamber noise.

  6. #26
    Join Date
    Oct 2009
    Location
    Reykjavík, Ísland
    Beans
    13,647
    Distro
    Xubuntu

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Quote Originally Posted by Hylas de Niall View Post
    Right. Thanks to all.

    From all the above, i gather that - as long as a user surfs safely and conscientiously - an unsupported old version (eg 10.04) is perfectly fine to use on older machines that simply won't run the newer builds (whether because of updated kernels' dropped support for certain hardware, or the increased resource needs of later versions).

    I think my question has been answered
    You had decided to follow that path even before writing the initial post, hadn't you? No problem, you are of course free to do what you want on your own computers but please don't encourage others to use unsupported versions (not thereby saying that you have done so).
    Bringing old hardware back to life. About problems due to upgrading.
    Please visit Quick Links -> Unanswered Posts.
    Don't use this space for a list of your hardware. It only creates false hits in the search engines.

  7. #27
    Join Date
    Feb 2008
    Location
    Land of fire and drought
    Beans
    Hidden!
    Distro
    Xubuntu

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Quote Originally Posted by mörgæs View Post
    ... please don't encourage others to use unsupported versions (not thereby saying that you have done so).
    +1. Also not insinuating that has been done.

  8. #28
    Join Date
    Mar 2011
    Beans
    701

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    If you are running an unpatched system you are not secure. If you think otherwise you're fooling yourself.
    sig

  9. #29
    Join Date
    Jul 2008
    Location
    Northants, UK
    Beans
    272

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Quote Originally Posted by mörgæs View Post
    You had decided to follow that path even before writing the initial post, hadn't you? No problem, you are of course free to do what you want on your own computers but please don't encourage others to use unsupported versions (not thereby saying that you have done so).
    Not at all.

    All my machines are running up-to-date Debian derivatives.

    Rather than trying to encourage others to use unsupported OS's I was hoping to help assure them that their old XP machines - and there are very many of those which may be as much as ten years old - need not be sent to the dumpster. Such machines couldn't even run the lightweight spins of recent releases, as you know.

    So what are those folks's options for replacing XP? A modern, command-line only Ubuntu (which is likely all many of those machines could run) to replace a full (though defunct) GUI in XP - or an older version of a more secure system than they had?

    If you would rather let folk believe their old machines are of no more use when XP reaches OEL next April, with respect that's up to you. I believe in keeping my machines running for as long as possible, as far as is possible.

    As i clearly don't understand - as a layman - what the big deal is, i started this thread to try to find out. I thought my question had been answered. It seems not.
    Last edited by Hylas de Niall; October 10th, 2013 at 08:29 PM. Reason: bad English.

  10. #30
    Join Date
    Nov 2011
    Beans
    2,336
    Distro
    Ubuntu

    Re: Exactly how vulnerable are unsupported versions of Ubuntu?

    Well, "the big deal" is that if you run software that no longer receives security patches then that software is, at the least, vulnerable to attacks created after support ended for that software. Browsing habits, safe surfing, and all that are fine. But, they aren't a substitute for software patched to block a specific attack.

    XP users, after its EOL, would gain some, unknowable, degree of security if they moved to even an unsupported Linux, given the reduced number of attacks targeting that OS. So, in an absolute sense, they'd be better off. They'd certainly avoid the flood of XP attacks we're likely going to see after XP support ends. (I'd also bet we will see scammers pushing $49.95 "lifetime security" kits for XP, too.)

    Whether on old XP machine can run any modern Linux desktop depends, of course, on the hardware. Only one way to find out. If that old machine really can't run Linux, then their best option is to unplug it from the net.

Page 3 of 4 FirstFirst 1234 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •