Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Ubuntu Pro? What's This?

  1. #1
    Join Date
    Mar 2009
    Location
    Annwn
    Beans
    251
    Distro
    Ubuntu 22.04 Jammy Jellyfish

    Ubuntu Pro? What's This?



    Do I need this, or is it unnecessary?



    I'm just a bloke with a laptop running Ubuntu. I'm not Mark Shuttleworth or any sort of computing boffin. So, do I need this level of protection?

    <snip>
    Last edited by coffeecat; December 11th, 2023 at 02:15 PM. Reason: Removal of personal abuse

  2. #2
    Join Date
    Jun 2007
    Location
    Arizona U.S.A.
    Beans
    5,739

    Re: Ubuntu Pro? What's This?

    If you would like to run the same version of Ubuntu LTS for 10 years total (5 years regular support + 5 years extended security support), this is for you. I use the service. No charge for up to 5 active machines.

    This is where you subscribe.
    https://ubuntu.com/pro/subscribe

  3. #3
    Join Date
    Mar 2009
    Location
    Annwn
    Beans
    251
    Distro
    Ubuntu 22.04 Jammy Jellyfish

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by Dennis N View Post
    If you would like to run the same version of Ubuntu LTS for 10 years total (5 years regular support + 5 years extended security support), this is for you. I use the service. No charge for up to 5 active machines.

    This is where you subscribe.
    https://ubuntu.com/pro/subscribe
    OK, thanks. So it's just an option then?

  4. #4
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by Daveski17 View Post
    OK, thanks. So it's just an option then?
    Yep. They use a bit of fear trying to get you into their tracking system. No need, provided you migrate to supported releases after the next LTS release happens (every 2 yrs, in April). Just plan to move to a new LTS every June (give the release a few months for early issues to be resolved) of even number years 2022, 2024, 2026 ... those are LTS releases. Odd years and all October releases are NOT LTS.

    And plan to wipe the system and start over every other upgrade (4 yrs). Basically, do 1 upgrade, no more, to avoid cruft in the system.

  5. #5
    Join Date
    Mar 2009
    Location
    Annwn
    Beans
    251
    Distro
    Ubuntu 22.04 Jammy Jellyfish

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by TheFu View Post
    Yep. They use a bit of fear trying to get you into their tracking system. No need, provided you migrate to supported releases after the next LTS release happens (every 2 yrs, in April). Just plan to move to a new LTS every June (give the release a few months for early issues to be resolved) of even number years 2022, 2024, 2026 ... those are LTS releases. Odd years and all October releases are NOT LTS.

    And plan to wipe the system and start over every other upgrade (4 yrs). Basically, do 1 upgrade, no more, to avoid cruft in the system.
    OK thanks Fu. I normally upgrade to LTS releases a short while after they're released anyway.

  6. #6
    Join Date
    Aug 2017
    Location
    melbourne, au
    Beans
    Hidden!
    Distro
    Lubuntu Development Release

    Re: Ubuntu Pro? What's This?

    As already covered, Ubuntu Pro primarily extends standard support.

    Ubuntu's default security applies only to packages in the 'main' or 'multiverse' repository; this has not changed; with those packages still maintained for 5 years (extended with Ubuntu Pro to 10 years).

    Ubuntu has never provided security for packages from 'universe'; ie. community supported packages; and those have never had any guarantee of support beyond the 9 months for all, or 3 years for those provided supported by Ubuntu flavor teams (included on their installation media). Despite this limit or guarantee of support; the 'universe' repository is still open for any community member to backport or make security patches anytime during the initial five years; so technically 5 years applies here too (thus my mention of guarantee).

    Ubuntu Pro includes security for packages from 'universe'

    This is a new service which is only available with PRO enabled. These are security fixes from the Ubuntu Security Team that go beyond anything provided in 'universe' by the Ubuntu community. You'll note these packages appearing in your update messages as having (optionally available) security fixes only if Ubuntu Pro is enabled. Not enabling it will keep you at the same security level you were before Ubuntu Pro existed.

  7. #7
    Join Date
    Mar 2009
    Location
    Annwn
    Beans
    251
    Distro
    Ubuntu 22.04 Jammy Jellyfish

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by guiverc View Post
    As already covered, Ubuntu Pro primarily extends standard support.

    Ubuntu's default security applies only to packages in the 'main' or 'multiverse' repository; this has not changed; with those packages still maintained for 5 years (extended with Ubuntu Pro to 10 years).

    Ubuntu has never provided security for packages from 'universe'; ie. community supported packages; and those have never had any guarantee of support beyond the 9 months for all, or 3 years for those provided supported by Ubuntu flavor teams (included on their installation media). Despite this limit or guarantee of support; the 'universe' repository is still open for any community member to backport or make security patches anytime during the initial five years; so technically 5 years applies here too (thus my mention of guarantee).

    Ubuntu Pro includes security for packages from 'universe'

    This is a new service which is only available with PRO enabled. These are security fixes from the Ubuntu Security Team that go beyond anything provided in 'universe' by the Ubuntu community. You'll note these packages appearing in your update messages as having (optionally available) security fixes only if Ubuntu Pro is enabled. Not enabling it will keep you at the same security level you were before Ubuntu Pro existed.
    Thanks for the info. I appreciate the options, but as I am careful where I surf (no social media), I reckon bog-standard security should be fine. As I am not employed by MI6 or GCHQ (or am I? lol) I doubt I need Q-Department levels of security. Well, not in my universe anyway.

  8. #8
    Join Date
    Mar 2010
    Location
    Squidbilly-Land
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by Daveski17 View Post
    Thanks for the info. I appreciate the options, but as I am careful where I surf (no social media), I reckon bog-standard security should be fine. As I am not employed by MI6 or GCHQ (or am I? lol) I doubt I need Q-Department levels of security. Well, not in my universe anyway.
    Being patched is important.

    Just a few days ago, a state actor was discovered, hacking Linux systems the last 2 yrs, in mostly 1 country, but all countries had instances of the multiple rootkits installed.
    https://arstechnica.com/security/202...d-for-2-years/

    Plus, if you have enabled Bluetooth in your BIOS, assume you can be hacked. Earlier this week, yet another BT bug was found that had been there for a very long time. Sadly, most vendors have the fix, but choose NOT to enable it. Only ChromeOS has the fix enabled. https://www.theregister.com/2023/12/...g_apple_linux/

    You may not think you are a target, but your computers ARE. Linux systems make excellent command and control nodes, even if your family video and photo collection isn't sensitive.
    https://krebsonsecurity.com/2012/10/...-pc-revisited/ They want the computing power, a little storage and your network connection. Anything beyond that is gravy.

    The idea that your computer isn't important enough to be used by someone else is like the "nothing to hide" argument. https://en.wikipedia.org/wiki/Nothing_to_hide_argument

    We all are in this together. Staying patched isn't hard. Mitigation of these things can be easy or impossible. Thankfully, most of the time, once they are know, a fix is created and silently pushed to all of us, though normal updates.

    I know you probably do stay patched based on the question. Don't downplay the good that does, not just for you, but for the rest of the connected world. We all need to stay patched if our computers are on a network.

  9. #9
    Join Date
    Mar 2009
    Location
    Annwn
    Beans
    251
    Distro
    Ubuntu 22.04 Jammy Jellyfish

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by TheFu View Post
    Being patched is important.

    Just a few days ago, a state actor was discovered, hacking Linux systems the last 2 yrs, in mostly 1 country, but all countries had instances of the multiple rootkits installed.
    https://arstechnica.com/security/202...d-for-2-years/

    Plus, if you have enabled Bluetooth in your BIOS, assume you can be hacked. Earlier this week, yet another BT bug was found that had been there for a very long time. Sadly, most vendors have the fix, but choose NOT to enable it. Only ChromeOS has the fix enabled. https://www.theregister.com/2023/12/...g_apple_linux/

    You may not think you are a target, but your computers ARE. Linux systems make excellent command and control nodes, even if your family video and photo collection isn't sensitive.
    https://krebsonsecurity.com/2012/10/...-pc-revisited/ They want the computing power, a little storage and your network connection. Anything beyond that is gravy.

    The idea that your computer isn't important enough to be used by someone else is like the "nothing to hide" argument. https://en.wikipedia.org/wiki/Nothing_to_hide_argument

    We all are in this together. Staying patched isn't hard. Mitigation of these things can be easy or impossible. Thankfully, most of the time, once they are know, a fix is created and silently pushed to all of us, though normal updates.

    I know you probably do stay patched based on the question. Don't downplay the good that does, not just for you, but for the rest of the connected world. We all need to stay patched if our computers are on a network.
    I don't disagree Fu, and I take as many precautions as I can (within reason). I'm usually patched and up to date (on Mac as well). I originally switched to Linux to avoid Windows and its dodgy security issues. I know Ubuntu isn't bulletproof, but I'm pretty sure I'm not compromised. I will probably never know for sure of course, unless I go off-grid and move into Faraday Cage. I am tempted sometimes ... lol.

  10. #10
    Join Date
    Jul 2013
    Location
    Wisconsin
    Beans
    4,952

    Re: Ubuntu Pro? What's This?

    Quote Originally Posted by Daveski17 View Post
    I'm just a bloke with a laptop running Ubuntu. I'm not Mark Shuttleworth or any sort of computing boffin. So, do I need this level of protection?
    If you use LTS releases AND lots of Universe software, then you might indeed have lots of attack surface for a long period of time. Those are the potential consequences for the choices you have made. You just didn't know about those vulnerabilities before.

    Canonical has never promised to provide security patches for Universe packages. That is a community responsibility, and the community hasn't been much doing it.

    So Canonical is offering an optional service that provides that missing coverage. And they structured it so that enterprise users pay for it to subsidize individuals getting it free. Some folks can suggest a sinister purpose, but to me it looks like an honest attempt to address a real problem. The previous community-upload avenue is still open and available; the community is welcome to take up the slack anytime and render Pro moot.

    Do you need this level of protection? Well, that's up to you. I prefer my CVEs to be mitigated, especially if I'll be sitting on that version for many years.

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •