Sebuah artikel menarik dari terkait kasus peretasan yang menimpa Linux Mint (situs dan file ISO)…

Well, Linux Mint is generally very bad when it comes to security and quality.
First of all, they don’t issue any Security Advisories, so their users cannot – unlike users of most other mainstream distributions – quickly lookup whether they are affected by a certain CVE.

Secondly, they are mixing their own binary packages with binary packages from Debian and Ubuntu without rebuilding the latter. This creates something that we in Debian call a “FrankenDebian” which results in system updates becoming unpredictable. With the result, that the Mint developers simply decided to blacklist certain packages from upgrades by default thus putting their users at risk because important security updates may not be installed.

Thirdly, while they import packages from Ubuntu or Debian, they hi-jack package and binary names by re-using existing names. For example, they called their fork of gdm2 “mdm” which supposedly means “Mint Display Manager”. However, the problem is that there already is a package “mdm” in Debian which are “Utilities for single-host parallel shell scripting”. Thus, on Mint, the original “mdm” package cannot be installed..

Wow… saya baru tahu kalau Linux Mint ternyata seperti ini sistemnya (belum pernah pakai lama).

Yang pertama mungkin hanya berpengaruh ke sebagian orang saja yang peduli dengan keamanan, tapi untuk yang kedua dan ketiga… Yang ketiga ini cukup parah, benar-benar bisa ngefek bahkan ke pengguna pemula (sasaran utama Linux Mint).