On 07/19/2014 10:02 AM, Ned Slider wrote:
On 19/07/14 13:25, Chris Pemberton wrote:
On 07/18/2014 02:19 PM, Ned Slider wrote:
I note EPEL has a thunderbird package but it seems very out of date at version 24.5.0. Version 24.6.0 was released 10 June, nearly 6 weeks ago, and fixed 3 critical security issues. Is this normal for EPEL to be so far behind on security updates?
So what is everyone else using?
I'm using the EPEL package for my personal laptop. The odds of me getting bit by a 6 week old exploit are probably almost non-existent. The odds of me forgetting to keep a custom install of thunderbird updated outside of yum is very high.
Yes, the power of a centralized packaging system where everything can be updated in one hit can not be understated.
Firefox and Thunderbird do have a built in updating mechanism and are supposed to update themselves (this is disabled in packaged versions). I've no idea how well it currently works - I'll let you know when the next update comes out.
I am using the tarball for firefox and it notifies me when an update is available and ask if I want to install it. If I say yes it downloads it untars it and starts it up. So far it has worked great. I assume it is the same for thunderbird.
I'm far from any kind of security expert, but here are two things I do to keep my browser/email client safe:
- I only use gmail - as Google likes to scrub all of my data clean
before they steal it
- I install a custom hosts file ( http://someonewhocares.org/hosts/
). This protects all applications in one swoop, not just the browser.
Yes, great advice. There's another popular variant here:
http://winhelp2002.mvps.org/hosts.htm
I don't use any adblock browser/email plugins because I've never investigated where the list of re-directs are stored on the machine. Perhaps they are harmless... but it would be easy to place a few re-directs in there and get millions of machines to do bad things real fast.
~ Chris
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos