Nic wrote:
> I would be interested to hear from users who are using earlier versions
> of Linux Mint. Especially people who are using pre-19.1 versions.

How to create a new Subject thread/question.

- do not give the new subject thread a generic title like 'question'
nor ask a question in the subject
- I recommend creating the BODY of a new subject thread /first/ to
enable the best subject
- a new subject thread msg body should have complete sentences, no
ambiguity, and enough information for the readers to fully understand
any question contained as well as the question being posed
- the new *subject* of a complete msg body should be a brief *title*
to the msg, not the question of the msg's content, in this case such as
'pre-19.1 LM' since the group is Mint.
- by placing the question in the msg body, those who are answering the
question will be able to trim parts of your msg body but leave the
question context

--
Mike Easter

On Fri, 3 Mar 2023 10:46:07 -0800
Mike Easter <MikeE@ster.invalid> wrote:

> Nic wrote:
> > I would be interested to hear from users who are using earlier versions
> > of Linux Mint. Especially people who are using pre-19.1 versions.
>
> How to create a new Subject thread/question.
>
> - do not give the new subject thread a generic title like 'question'
> nor ask a question in the subject
> - I recommend creating the BODY of a new subject thread /first/ to
> enable the best subject
> - a new subject thread msg body should have complete sentences, no
> ambiguity, and enough information for the readers to fully understand
> any question contained as well as the question being posed
> - the new *subject* of a complete msg body should be a brief *title*
> to the msg, not the question of the msg's content, in this case such as
> 'pre-19.1 LM' since the group is Mint.
> - by placing the question in the msg body, those who are answering the
> question will be able to trim parts of your msg body but leave the
> question context
>
> --
> Mike Easter

Are these the absolute in stone rules?

You got the idea of my question, so if you do not have an answer you should not inject yourself into the thread.

--
Nic <Nic@none.net>

Nic wrote:
> Are these the absolute in stone rules?
>
Of course not; usenet is organized anarchy :-)

> You got the idea of my question, so if you do not have an answer you should not inject yourself into the thread.

Nono. Your thread is 'public fodder' for conversation. My msg, which
was 'off-topic' for your specific request, was what would be considered
a 'meta-' topical response.

That is, it was related to your msg in terms of 'what's wrong' w/ it,
such as a spelling or other 'error' but not a specific requested remark.

Consider it 'advice' re 'good usenet practices' as it applies to your
earlier msg.

--
Mike Easter

On Fri, 3 Mar 2023 11:20:10 -0800
Mike Easter <MikeE@ster.invalid> wrote:

> Nic wrote:
> > Are these the absolute in stone rules?
> >
> Of course not; usenet is organized anarchy :-)
>
> > You got the idea of my question, so if you do not have an answer you should not inject yourself into the thread.
>
> Nono. Your thread is 'public fodder' for conversation. My msg, which
> was 'off-topic' for your specific request, was what would be considered
> a 'meta-' topical response.
>
> That is, it was related to your msg in terms of 'what's wrong' w/ it,
> such as a spelling or other 'error' but not a specific requested remark.
>
> Consider it 'advice' re 'good usenet practices' as it applies to your
> earlier msg.
>
>
> --
> Mike Easter

Let us hope there more more people who can answer a question without having to evangelize.
--
Nic <Nic@none.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2023-03-03, Nic wrote:
> On Fri, 3 Mar 2023 10:46:07 -0800
> Mike Easter <MikeE@ster.invalid> wrote:
>
>> Nic wrote:
>> > I would be interested to hear from users who are using earlier versions
>> > of Linux Mint. Especially people who are using pre-19.1 versions.
>>
>> How to create a new Subject thread/question.
>> [...]
>
> Are these the absolute in stone rules?

For the most part, they're more like "guidelines for getting a response
you want" (or, in some cases; a response at all).

There must've been an error at e-s; as I can't pull the post Mike was
originally responding to -- but it's gonna be pretty pointless to be
asking about "pre-19.1" linux mint; as all earlier versions are End Of
Life (well, unless you mean LM19.0; which is basically identical to
19.1, so...)

> You got the idea of my question, so if you do not have an answer you
> should not inject yourself into the thread.

That's half the fun of Usenet posting though :D

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAmQCVJsACgkQbWVw5Uzn
KGCzchAAky0VRth94DZOoBWTN+gXjxYODbTxgCJ0TYOYkiiT7q3n0AGJVolGhkoX
ktwSRA1VTDXwpOvzDsZGk+wDc8dVQwC9OZlaOjrxR9S5hygjUPKkYkEJkRwxtJCq
pT5esyd1j6EO+NfU3fmKxq4hHsll0Tp5oUvI6qRw+SX8t6b+oh75RjMOt+bUWI/k
Ac14Z7kYO48AIkDcNekzxRZx80WAwqKh/u8iTriUr+QttClGsRjfYXyhBdxnt7/z
bjOAU98SZtORXy96hzWp8wZvYwhmtK5/0dzT4//wkDg7iG1ZfPC8Fq/qEdTe11VY
2euEaCnOzYmIfdbXc2YoydT8ggndxLczZHYmk1YhWNKls8yDWv0nueEoprkbt/sX
KzH2o2XWi+6GIPPhG49ObiRlqDSGTmgtvQo9tVUQupFc8uKoGxjacWqg9+EWnlHh
BrtC3agCk1NfgNJwTn0v9fChaE13HqO8LI9PEPz2BjiQ7SWBB2mh2ctDagVN8DBR
HszvRas/PTdsKHxwSIjIk8qsjbXDMbiIquAo4RR8F285ffKkO2kLAALnz9xw6tHn
fEBmaT0OX9eCIhlVquYgTlF6Vs10DjbbvBhvwz478iDZCRMSemqwTxW+6XYDcRPo
DSUyEZ6EKW2dQW2zXFZDtvjUQbIT8EPiKZDHER1nqaCS9a3tE1k=
=s9mH
-----END PGP SIGNATURE-----

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

On Fri, 3 Mar 2023 20:11:14 -0000 (UTC)
Dan Purgert <dan@djph.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2023-03-03, Nic wrote:
> > On Fri, 3 Mar 2023 10:46:07 -0800
> > Mike Easter <MikeE@ster.invalid> wrote:
> >
> >> Nic wrote:
> >> > I would be interested to hear from users who are using earlier versions
> >> > of Linux Mint. Especially people who are using pre-19.1 versions.
> >>
> >> How to create a new Subject thread/question.
> >> [...]
> >
> > Are these the absolute in stone rules?
>
> For the most part, they're more like "guidelines for getting a response
> you want" (or, in some cases; a response at all).
>
> There must've been an error at e-s; as I can't pull the post Mike was
> originally responding to -- but it's gonna be pretty pointless to be
> asking about "pre-19.1" linux mint; as all earlier versions are End Of
> Life (well, unless you mean LM19.0; which is basically identical to
> 19.1, so...)
>

>
That was the point of my question, to see if there were any users of pre-19.0 Linux Mint. From other groups I read that there are people who still use windows xp and w7, whose support ended long ago, there may be people who are still using very early versions of LM.
--
Nic <Nic@none.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2023-03-03, Nic wrote:
> [...]
> That was the point of my question, to see if there were any users of
> pre-19.0 Linux Mint. From other groups I read that there are people
> who still use windows xp and w7, whose support ended long ago, there
> may be people who are still using very early versions of LM.

I would certainly hope they wouldn't be using EOL versions of Linux
(same goes for the windows types...)

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAmQCWP8ACgkQbWVw5Uzn
KGCLChAAklXs0e7O/O92SxCJg/t+c+XvPk9CT53e/fmGKgOWb5MNdfUjapg1Wple
p2m1NgrqBjtt54lfPw8nlD312RSb5UmzoemrkFiZEgPd7LrLK0hpXEnNvJAuisBZ
73mkc55z1ul5ReoaLN52AaFZpQWXWXYfQVrNEzmelN51NU1xY0GVRsR6HIhdp0yS
CUMJzoMMOG8QU+ksAC/PNoDFvUrg9xb9ffqnI4ccHgonAM1k8Yw+dlixd/7IbDja
/sZMDz0UqqK7Ab330vIlTqgKOoxb0oxeQVUglZMRPEw4vAIX5LInSOKDJY1aztoh
SXA5BH1VpuM88kStNS0Mf4m4I8qknKdQ67HDWcoMpPNsXylLHjF08DLA14MxqbO8
Cj8aGjsTiH+lIjApcrnfkaXCGZo5xIocbfMPXYHOQGvsZRMi8mDrrFMP/pvrMJOM
Z3Ve6QrCLG8EJ7FHTLTNh/8Zw7Yfmqu3oGzAKCAeQpKKjGqCXuXzexmWaMW8ZUqH
8CM58azYHqX3tyzjxJSH17ofYJzNSpxVw8Vz8+g+UDRiTIkFleNQmz9KiVWg8UeF
nZdEWLYqY8S1hFB6Q0kZgQKH9mMyZx18I3D2JnpXVxP0QoDyReK4rgtuU+3+Kyay
VAZzuU8+EIjkmBXrfPnH8Ve7sDx+0M0uv+ywRXNcEb1jMYem+WI=
=4gcX
-----END PGP SIGNATURE-----

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

Nic wrote:
> there may be people who are still using very early versions of LM.

In the past, I have used v/s of LM past the EOL. I used LM 17.3 LTS
based on Ub 14.04 past its EOL 2019 Apr. Back then, there was both
64&32bit as well as KDE. There was also a KDE for LM 18 (LTS on Ub
16.04 EOL 2021 Apr) which also came in 64/32bit.

But I don't advise doing that, because you (or I) aren't wise enough to
know if the absence of security improvements after EOL are 'significant'
to your use or not.

In general, Mint does a good job of enabling you to update and upgrade
your distro v and in general as well, everyone should have adequate
backup in case anything goes wrong there.

I will 'admit' that it is much easier to install a distro v than it is
to fix something which gets b0rken. But, attempting to fix a b0rken
thing is educational and often successful w/ the help of those who are
wiser that we are.

So is (occasionally) compiling something. It is interesting to follow
the dev of Easy OS Barry Kauler who often ventures into untested waters
in his off-beat compiling strategies.

What is it you expect from someone using a currently out of EOL version?
Emotional support for doing so? I would say that going past the EOL
becomes progressively more 'risky' as the number of security fixes grows
w/ time. The /latest/ v of LM *earlier* than LM 19 is LM 18, which is
based on Ub 16.04, which is pretty old, going on 7 years.

--
Mike Easter

On Fri, 3 Mar 2023 13:11:04 -0800
Mike Easter <MikeE@ster.invalid> wrote:

> Nic wrote:
> > there may be people who are still using very early versions of LM.
>
> In the past, I have used v/s of LM past the EOL. I used LM 17.3 LTS
> based on Ub 14.04 past its EOL 2019 Apr. Back then, there was both
> 64&32bit as well as KDE. There was also a KDE for LM 18 (LTS on Ub
> 16.04 EOL 2021 Apr) which also came in 64/32bit.
>
> But I don't advise doing that, because you (or I) aren't wise enough to
> know if the absence of security improvements after EOL are 'significant'
> to your use or not.
>
> In general, Mint does a good job of enabling you to update and upgrade
> your distro v and in general as well, everyone should have adequate
> backup in case anything goes wrong there.
>
> I will 'admit' that it is much easier to install a distro v than it is
> to fix something which gets b0rken. But, attempting to fix a b0rken
> thing is educational and often successful w/ the help of those who are
> wiser that we are.
>
> So is (occasionally) compiling something. It is interesting to follow
> the dev of Easy OS Barry Kauler who often ventures into untested waters
> in his off-beat compiling strategies.
>
> What is it you expect from someone using a currently out of EOL version?
> Emotional support for doing so? I would say that going past the EOL
> becomes progressively more 'risky' as the number of security fixes grows
> w/ time. The /latest/ v of LM *earlier* than LM 19 is LM 18, which is
> based on Ub 16.04, which is pretty old, going on 7 years.
>
> --
> Mike Easter

I was curious if there were any such users and if and how they overcame that illusive 'security risk' that every one runs in terror in the other direction. It would be interesting if there was some one wiser than you or I that could elaborate or elucidate exactly what those risks are, instead of some 'blanket statement' that is at the very least ambiguous and has no supporting evidence.
--
Nic <Nic@none.net>

Nic wrote:
> It would be interesting if there was some one wiser than you or I that could elaborate or elucidate exactly what those risks are, instead of some 'blanket statement' that is at the very least ambiguous and has no supporting evidence

Well, since my fave playground is a live distro, that is how I would
approach the issue.

I would boot a live LM 18.3 (if you can find one) and use its update mgr
to get a big list of all the updates offered. I can't recall exactly
how that older mgr was configured in terms of how it used icons to
indicate security and system updates, but I recall wishing that updates
could have more than one icon, such as both security and system, or
should one just assume that all system updates are related to security,
which I doubt.

Personally I don't have a copy of an old LM 18.3

w/ a lot of trial and error, I found this old 18.2

https://ftp.heanet.ie/pub/linuxmint.com/stable/18.2/

Any of the 18s should work for the purpose I described above.

--
Mike Easter

On Fri, 3 Mar 2023 14:28:13 -0800
Mike Easter <MikeE@ster.invalid> wrote:

> Nic wrote:
> > It would be interesting if there was some one wiser than you or I that could elaborate or elucidate exactly what those risks are, instead of some 'blanket statement' that is at the very least ambiguous and has no supporting evidence
>
> Well, since my fave playground is a live distro, that is how I would
> approach the issue.
>
> I would boot a live LM 18.3 (if you can find one) and use its update mgr
> to get a big list of all the updates offered. I can't recall exactly
> how that older mgr was configured in terms of how it used icons to
> indicate security and system updates, but I recall wishing that updates
> could have more than one icon, such as both security and system, or
> should one just assume that all system updates are related to security,
> which I doubt.
>
> Personally I don't have a copy of an old LM 18.3
>
> w/ a lot of trial and error, I found this old 18.2
>
> https://ftp.heanet.ie/pub/linuxmint.com/stable/18.2/
>
> Any of the 18s should work for the purpose I described above.
>
> --
> Mike Easter

The trick would be to use it right out of the box and see if it even works. Could you browse? Too many broken sites? It is my opinion that the vector for malware always focuses on the latest versions and tend to overlook old and restired versions. Don't forget that most people use installed versions and not live distros. Maybe down the road persistence will be more a common feature with later distros.

--
Nic <Nic@none.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2023-03-03, Mike Easter wrote:
> Nic wrote:
>> It would be interesting if there was some one wiser than you or I
>> that could elaborate or elucidate exactly what those risks are,
>> instead of some 'blanket statement' that is at the very least
>> ambiguous and has no supporting evidence
>
> Well, since my fave playground is a live distro, that is how I would
> approach the issue.
>
> I would boot a live LM 18.3 (if you can find one) and use its update mgr
> to get a big list of all the updates offered. I can't recall exactly

That list probably wouldn't be all that big, since the repos are
somewhat "gone" these days.

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAmQCedMACgkQbWVw5Uzn
KGDzBQ//RwRRnD5k57rwG72Vrk8BN6VPbB5Jb64/HvS7kdTPjx74CuvbV16KF006
3yqlwbVBihMICHMn7YnWVlw9bvFBLSr2iS8xotkdjCHjRfwNd50taQrPE+qeXS5I
Z/MMTwFmXXt2O6BrLGvxM3IyKY6aE6n3CVPqrEgiJ3elYOMRbQrTnk7OmoorsWsp
u+qBsgmbfqmjcrbJTWkm/5qC5r/8aQAwvPjMcwJqr1bSdeqZmdR9O7Vd7wgO0xtD
+yvTkrhtescJIK7IgcXG2Evu2aB+r+5DODfzf8ep+WldH162EtK4eE/j0LlL5RNH
+dnmVNq3KdWWlnHNBjPofzmIm9zm/1WwNFop8CJPrHKg4slanh5pgHd0r28Kbu5V
F+toVPfYTqceDRkaQOvKjAVCCfbM/DV6W5Ny7IwtWnOOjcGLKrMlRZW1B6Ev2zct
3vRFi6PvrHEYkCP+E1eRz99BI2p0XUK6OY2ts7uUQ1lImQ0XaUe/ceAHBHboN/QP
DpgbfjsHHiuxibF7qcjdITPDv/0vey66/iIM6ltiBAl3GkV79jH1pccay3LIg5rW
OhK0EbZD1Wl4/LSaNQRZYVM2g8b8VRDvJ4dUQePAyQa5AbqC1ZZIj4NYSX0wSnVR
dD2pIiHqwjEmjXAfptgg24vy0rLfe2ZmHAkMX6CIQB1Dem9qJV0=
=mWlt
-----END PGP SIGNATURE-----

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2023-03-03, Nic wrote:
> [...]
> I was curious if there were any such users and if and how they
> overcame that illusive 'security risk' that every one runs in terror
> in the other direction. It would be interesting if there was some one
> wiser than you or I that could elaborate or elucidate exactly what
> those risks are, instead of some 'blanket statement' that is at the
> very least ambiguous and has no supporting evidence.

You mean the general risks of (if for example) using a LM 18 installer,
and trying to run firefox from 2016 without the current list of rootCA
trust? Or perhaps not having the Spectre / Meltdown patches from early
2017?

And that's just real quick off the top of my head / not even really
trying to dig into CVEs that would've been patched after April 2016.

_SOME_ things may be able to be mitigated with compiling from source;
but there's only so far you can take the system forward before you have
a breaking change (i.e. create dependency hell).

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAmQCe8IACgkQbWVw5Uzn
KGARJw/9FqJp+yuXw4QrM/NOlxASKI2h35Q8qZWCqA9shJFYlmx9f2CkRkhxvLY+
ZiJwgVAiSHIPAyZPUC2+2Rmf24wzMkAmmc87K67rmVKwEWEW7hMqkKf4Ai18D2ri
Jymne8PVNSShPF/+1RY5tCk9gRLKLp3nDjN2IaF2xdpp5PMQb0R6bpiF9F1nLzf7
CLJglkdm9Pjj4NEN+aL0D23FbFuM/bXis8LpHMikLawzPsrhlfZiDYrK+0Z/T+Xr
sg79KP94QtsgWRkj0N6MfO28R9Zzzqsux0CpSkAB5/THrwL34fqXkn+ZodwxDlow
3x/lPFF83y0AfWl57eAynoBDrJ1+xvVwZunbyXoxAVG//3/qHWVUnOSvtUMomvWR
zsKDZor70qupEMjuxTse7VDOb/JSOJ2Ln51CbmqdngP/081+ifyZCcHLDU6cfAuf
7V47Ru+HSeaAhT2eYWGeG52ssF50cty8vgyw0t8ZZIQvDPqeCAm5hivKmFSk48la
UDkVeBSa64Yx4xv+5/x08szt4mpFj4tJnXl+IYqqmupCX1aJTbYIKB0ROg7d/iBx
uEWlWLFPsPm99KBZGYPYRiQiRndIMpQZNNcLmkHux1eWsz8Nw91Fn0BSFCSdWoro
MXR25ZeX1k3EvDpd3N7qrk2UD2KLGJfuLUXAWvzjRpi4AeA7gtk=
=bL0J
-----END PGP SIGNATURE-----

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860

On Fri, 3 Mar 2023 22:58:17 -0000 (UTC)
Dan Purgert <dan@djph.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2023-03-03, Nic wrote:
> > [...]
> > I was curious if there were any such users and if and how they
> > overcame that illusive 'security risk' that every one runs in terror
> > in the other direction. It would be interesting if there was some one
> > wiser than you or I that could elaborate or elucidate exactly what
> > those risks are, instead of some 'blanket statement' that is at the
> > very least ambiguous and has no supporting evidence.
>
> You mean the general risks of (if for example) using a LM 18 installer,
> and trying to run firefox from 2016 without the current list of rootCA
> trust? Or perhaps not having the Spectre / Meltdown patches from early
> 2017?
>
> And that's just real quick off the top of my head / not even really
> trying to dig into CVEs that would've been patched after April 2016.
>
> _SOME_ things may be able to be mitigated with compiling from source;
> but there's only so far you can take the system forward before you have
> a breaking change (i.e. create dependency hell).
>
>
Might it be possible to update to the latest FF and TB in such an old version? What are CVEs?
This only shows my lack of knowledge or ignorance of the topic at hand, but curiosity abounds in all living creatures.
Nic <Nic@none.net>

On 4/03/23 11:28, Mike Easter wrote:
> Nic wrote:
>> It would be interesting if there was some one wiser than you or I that
>> could elaborate or elucidate exactly what those risks are, instead of
>> some 'blanket statement' that is at the very least ambiguous and has
>> no supporting evidence
>
> Well, since my fave playground is a live distro, that is how I would
> approach the issue.
>
> I would boot a live LM 18.3 (if you can find one) and use its update mgr
> to get a big list of all the updates offered.  I can't recall exactly
> how that older mgr was configured in terms of how it used icons to
> indicate security and system updates, but I recall wishing that updates
> could have more than one icon, such as both security and system, or
> should one just assume that all system updates are related to security,
> which I doubt.
>
> Personally I don't have a copy of an old LM 18.3
>
> w/ a lot of trial and error, I found this old 18.2
>
> https://ftp.heanet.ie/pub/linuxmint.com/stable/18.2/
>
> Any of the 18s should work for the purpose I described above.
>

Here ya go... take your pick;

http://ucmirror.canterbury.ac.nz/linux/mint/isos/stable/

On Sat, 4 Mar 2023 12:28:31 +1300
greybeard <nobody@nowhere.invalid> wrote:

> On 4/03/23 11:28, Mike Easter wrote:
> > Nic wrote:
> >> It would be interesting if there was some one wiser than you or I that
> >> could elaborate or elucidate exactly what those risks are, instead of
> >> some 'blanket statement' that is at the very least ambiguous and has
> >> no supporting evidence
> >
> > Well, since my fave playground is a live distro, that is how I would
> > approach the issue.
> >
> > I would boot a live LM 18.3 (if you can find one) and use its update mgr
> > to get a big list of all the updates offered.  I can't recall exactly
> > how that older mgr was configured in terms of how it used icons to
> > indicate security and system updates, but I recall wishing that updates
> > could have more than one icon, such as both security and system, or
> > should one just assume that all system updates are related to security,
> > which I doubt.
> >
> > Personally I don't have a copy of an old LM 18.3
> >
> > w/ a lot of trial and error, I found this old 18.2
> >
> > https://ftp.heanet.ie/pub/linuxmint.com/stable/18.2/
> >
> > Any of the 18s should work for the purpose I described above.
> >
>
>
> Here ya go... take your pick;
>
> http://ucmirror.canterbury.ac.nz/linux/mint/isos/stable/
>
>
Very Nice! Thanks

--
Nic <Nic@none.net>

Dan Purgert wrote:
> Mike Easter wrote:
>>
>> I would boot a live LM 18.3 (if you can find one) and use its update mgr
>> to get a big list of all the updates offered.
>
> That list probably wouldn't be all that big, since the repos are
> somewhat "gone" these days.
>
Oh, yeah; I forgot about that. The repo/s are gone/dead.

--
Mike Easter

Nic wrote:

>
> The trick would be to use it right out of the box and see if it even works. Could you browse? Too many broken sites? It is my opinion that the vector for malware always focuses on the latest versions and tend to overlook old and restired versions. Don't forget that most people use installed versions and not live distros. Maybe down the road persistence will be more a common feature with later distros.
>

Well, this is interesting. I still have about 35 old Mint isos,
including 1.0-beta, 2.0, 3, 4, 5... up to the most recent ones, so I
decided to experiment a bit.

Created a usb-stick with Mint 7 and one with Mint 11, but they wouldn't
even boot, probably because they're still 32-bit images.

Then I tried Mint 17, which is the first 64-bit image I have. It booted
fine, programs worked, everything was fast and snappy (and much more
beautiful to look at than those modern flat themes.)

Firefox 28.0 was installed, but when I launched it, I got this:

https://cjoint.com/data/MCegVyOmAKB_mint17.png

Tried installing Opera (12.16) with the Software Manager, but when I
wanted to go to a website, it said it was "unable to complete secure
transaction".

Installed Midori, and that one let me access the internet. Google worked
and even gave me search results, but the page formatting was very basic.
Yahoo and Aliexpress were accessible too, but terribly slow. There were
also a lot of elements missing on the screen, making them completely
unusable.

So it looks like there's no easy way to use older Mint versions, not on
modern machines anyway.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 2023-03-03, Nic wrote:
> On Fri, 3 Mar 2023 22:58:17 -0000 (UTC)
> Dan Purgert <dan@djph.net> wrote:
>> On 2023-03-03, Nic wrote:
>> > [...]
>> > I was curious if there were any such users and if and how they
>> > overcame that illusive 'security risk' that every one runs in terror
>> > in the other direction. It would be interesting if there was some one
>> > wiser than you or I that could elaborate or elucidate exactly what
>> > those risks are, instead of some 'blanket statement' that is at the
>> > very least ambiguous and has no supporting evidence.
>>
>> You mean the general risks of (if for example) using a LM 18 installer,
>> and trying to run firefox from 2016 without the current list of rootCA
>> trust? Or perhaps not having the Spectre / Meltdown patches from early
>> 2017?
>>
>> And that's just real quick off the top of my head / not even really
>> trying to dig into CVEs that would've been patched after April 2016.
>>
>> _SOME_ things may be able to be mitigated with compiling from source;
>> but there's only so far you can take the system forward before you have
>> a breaking change (i.e. create dependency hell).
>>
>>
> Might it be possible to update to the latest FF and TB in such an old version? What are CVEs?

If it were early/mid 2021? Eh, maybe. But 2 years after the LM-18
release has been EOL'd? Chances are there's at least one game-breaking
dependency now.

"CVE" is the computing industry acronym for "Common Vulnerabilities and
Exposures", and are used as a reporting/tracking identifier for all the
"bad things". For example, the Spectre side-channel attack against
Intel CPUs is CVE-2017-5753. Or Meltdown is CVE-2017-5754.

(And yes, I had to look up those CVE numbers again.)

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE3asj+xn6fYUcweBnbWVw5UznKGAFAmQDPq8ACgkQbWVw5Uzn
KGAitQ/8Cx4a2OxKm84hG3HVxaDU4rMttSu6NeTPjKSTOIJdj2EA/ZzDviv/6X0L
GBJostrdSs3AHQjzG5r00T9MZeET+qFF9iPhrfRkb0LI0iqYTeXc0waEW9Ztqg3D
gAsgwrdWTTUTndUjkOBByiYn7/wNK3co8rBi5vroXNIjUU0pVFAcbkS0aKJttCWu
feGw6aFUtFerRhR50Dy6r1WAxo5x/81WdV2dh3RaBsgydfeVPOZXdGVRXaJUnlww
0qpXapqX2zAfFtrqfXqh4r77iO3qF3SzU5/uvU8MIbSZ4dnNNUqiV2MFKP7zin0C
XRjlNDvyauSsTcn8UBbgwgpdpCNpVEsc0P2rR+hwJ5GOy/c/Eh6FltDpKab5dakk
Ufp1HNSJvHz5DpudaU32VLr/bFGx6bKNt58PeJRyACCdZvSTAehbVVU0x5iHP1+o
OAKclKjhuaTyegA4cPqgyMCApYKiqymeJZHfrG8Uiy4S5jA+5uexpz9+rk/EGuPl
7CsBp3IZHdCjOaqzAH4iPJwH9XxROjHCSFQFLZ73ydmG696iaK9HUB0Pdtnb353R
78nRwJ6114tRIVLDArafBO7rx5B3gTBEeeu0jph/C7fC0TcL/8vebJCr4o76eV6t
o7WzCkmqZrrxXPnkdEf1XNqAklUF3g0LRFqj7PlitBTESWxS2hQ=
=DyBZ
-----END PGP SIGNATURE-----

--
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1 E067 6D65 70E5 4CE7 2860