Linux distributions are distinguished among other things by the freedom and control they offer the user. This control also affects a key section: it is that user who decides when they want to apply system updates if they want to apply them.
In Linux Mint they have realized that this ends up being dangerous: up to three out of 10 users are using Linux Mint 17.x, an insecure version of which they no longer offer security patches, so from now on there will be more Heavy with notices that you need to update. Some fear that will lead to a situation like the one experienced with forced Windows 10 updates, but we are far from that future.
The user is still in control, but just in case Linux Mint will insist that you update some packages
On February 20, those responsible for Linux Mint published a study after analyzing the data they had about how users behaved with system updates.
Their statistics were very sketchy because Linux Mint does not send data to a central server and it does not even count how many users they have. They can infer some data through the use of the Firefox browser, which through its user-agent allows determining if a user of that browser is also a Linux Mint user.
According to these data, “only 30% of users update their browser in less than a week.” In fact, they detected that there are users of recent versions of this distribution that do not seem to apply patches and updates: in Linux Mint 20, for example, part of the users continue with Firefox 77 —the version that was included when the distro was launched— when those days there were, for example, packages available to update it to Firefox 85.
What worried them the most was seeing that between 5 and 30% of Linux Mint users are using Linux Mint 17.x, an old version of the distribution that reached its end of life in April 2019: ” in other words, it stopped receiving security updates two years ago!”
For these developers the conclusion is obvious: users should try to update their system. To alleviate the problem, the software that manages these updates, called Update Manager, “will not only check for available updates, it will also keep track of specific metrics and be able to detect cases where updates are missed.”
Thus, they explained that from now on in this distribution the Update Manager “will be able to remind you to apply the updates. In a few, it could even insist. We don’t want it to be stupid and go where it is not called. It is there to help”.
Linux Mint doesn’t force anything, the question is, could Microsoft do something like that?
Some compare this turn of events with the policy that is followed with Windows 10, Microsoft’s system that forces many updates and takes control away from the user in this section – although there are ways to alleviate this behevior.
Nothing is further from reality. In Linux Mint they emphasize that ” this is your computer, not ours”. They simply want users to be more alert to updates that ensure the security of their system.
Those users will still be in control, and all Linux Mint will do is push a bit when recommending that certain packages be updated.
That philosophy contrasts with Microsoft’s with Windows 10: the problems and criticisms have been enormous, and their obsession with getting all users to upgrade to this version from Windows 7 even led to them scheduling that update without asking users.
The company has tried to take some steps to reduce these complaints and in recent times it allows for example to postpone updates (which are still automatic unless we deactivate them), but many of us wonder if Microsoft should follow a scheme in which more is given control to the user.
That would be great in many ways, but the reality is that the market share of Windows 10 (and its earlier versions) makes these systems much more exposed to vulnerabilities and forcing updates is one way to alleviate a greater evil.
Still, criticism of Microsoft persists because that way of forcing updates also serves to force users to install things that users find without asking, like the new Chromium-based Microsoft Edge.
Which can be a great browser, but if the user hasn’t asked for it, why is Microsoft forcing it to be installed ? Again, the argument is to have a more secure application with greater benefits whose automatic installation, by the way, was quite difficult to block and by the way, you cannot uninstall. Argh.
Somewhat more advanced users do know ways to take more control of their Windows operating systems, and we wonder what would happen if Linux had the quota that Microsoft’s system has: would they continue to give control to the user? Uhm.