mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-03-24 02:20:09 +08:00
translating by whatever1992
This commit is contained in:
parent
3303029dbd
commit
9e8b522c92
@ -1,41 +1,88 @@
|
||||
[translating by whatever1992]
|
||||
|
||||
Canonical Dev称Linux Mint“脆弱” ,不要用在网上银行上
|
||||
Canonical Dev Calls Linux Mint ‘Vulnerable’, Wouldn’t Use it For Online Banking
|
||||
================================================================================
|
||||
**Users of the popular Ubuntu-based operating system Linux Mint should not use it for online banking, a Canonical [engineer has advised][1].**
|
||||
|
||||
**流行的基于Ubuntu的Linux操作系统Linux Mint的用户不应将其用于网上银行,一个Canonical[工程师建议][1] 。**
|
||||
|
||||
*用户欢迎的Ubuntu操作系统Linux Mint不应该使用网上银行,一个典型的[工程师建议] [ 1 ]。* *
|
||||
|
||||
Mint’s decision to prevent packages with known security issues from updating – from the kernel and browser to the boot-loader and Xorg display server – leaves its users with a “vulnerable system”, says Oliver Grawert.
|
||||
|
||||
Mint的以禁止已知的安全问题的更新 - 从内核和浏览器到启动加载器和显示器的Xorg服务器 - 的决定提供给用户一个“脆弱的系统” ,Oliver Grawert说。
|
||||
薄荷的决定,防止包与已知的安全性问题,从更新–从内核和浏览器的引导加载器,xorg显示服务器–离开它的用户提供一个“脆弱的”,奥利弗说格劳韦特。
|
||||
|
||||
> “Instead of just integrating changes properly with the packages in the ubuntu archive they instead suppress doing (security) updates at all for them. i would say forcefully keeping a vulnerable kernel browser or xorg in place instead of allowing the provided security updates to be installer makes it a vulnerable system, (sic)”.
|
||||
>
|
||||
> “I personally wouldn’t do online banking with it.”
|
||||
|
||||
>而不是仅仅适当整合与变化在Ubuntu归档他们反而抑制做(安全)更新在所有的这些软件包> “ 。我会说有力地保持在一个地方弱势内核的浏览器或xorg的,而不是允许提供安全性更新将安装程序使其成为一个易受攻击的系统, (原文如此) “ 。
|
||||
>
|
||||
> “我个人不会做网上银行吧。 ”
|
||||
|
||||
> “而不是整合变化好包在Ubuntu档案而抑制做(安全)更新所有他们。我会说,有力地保持一个脆弱的内核的浏览器或xorg到位,而不是允许提供安全更新来安装是一个脆弱的系统,(SiC)”。
|
||||
>
|
||||
> “我个人不会用它网上银行。”
|
||||
|
||||
|
||||
Grawert certainly isn’t alone in considering Mint a sub-par choice for the security conscious. Mozilla contributor and former Ubuntu member **Benjamin Kerensa*** feels the same:
|
||||
|
||||
Grawert肯定不单单是考虑Mint的安全意识一分面值的选择。 Mozilla的贡献者和前Ubuntu的成员 **Benjamin Kerensa** 有同样的感觉:
|
||||
格劳韦特当然不是单独考虑薄荷低于平均标准的选择的安全意识。Mozilla贡献者和前Ubuntu成员*本杰明Kerensa ***有同样的感觉:
|
||||
|
||||
> “It is unclear why Linux Mint disables all of their security updates. I can say that it took them many months to get a fixed version of Firefox packaged while Ubuntu and Debian had already had security fixes in their package.
|
||||
>
|
||||
> This puts Linux Mint users at risk and is one of the key reasons I never suggest Linux Mint to anyone as an alternative to Ubuntu.”
|
||||
|
||||
> “目前还不清楚为什么Linux Mint禁止所有的安全更新。我可以说,他们需要花好几个月才能得到一个Firefox固定的版本,而Ubuntu和Debian已经同时在他们的包上打了安全补丁。
|
||||
>
|
||||
> 这是使得Linux Mint的用户处于危险之中的其中的一个关键原因,我从来不建议Linux Mint作为一种替代Ubuntu的系统之一。 “
|
||||
|
||||
|
||||
Oliver Grawert is no fly-by-night contributor. As one of Canonical’s Ubuntu Engineering bods he’s better placed than most to know what he’s talking about.
|
||||
|
||||
|
||||
Oliver Grawert是可靠的贡献者。作为Canonical公司下的Ubuntu工程师,他比大多数人更知道自己在说什么。
|
||||
奥利弗格劳韦特没有夜间飞行的贡献。作为一个典型的Ubuntu工程人他更好地了解他所说的。
|
||||
|
||||
**‘But are Mint users in actual risk? Yes and no…’**
|
||||
|
||||
|
||||
**‘但Mint的用户有实际的风险么?可以说对也可以说不对…’**
|
||||
|
||||
But are Mint users in actual risk?
|
||||
|
||||
但Mint的用户有实际的风险么?
|
||||
|
||||
Yes and no. The majority of security “holes” (for want of a better word) of the kind present in the packages that Mint’s developers steadfastly refuse to update are both documented and known, but rarely exploited by those of a nefarious breed. As such the “actual threat” posed to users remains, at least for now, largely a theoretical one.
|
||||
|
||||
|
||||
一半对一半错。大部分Mint的开发商坚决拒绝更新的现有包中的安全“漏洞”(想一个更好的词)都是有记录和已知的。而是由那些一个邪恶的品种很少利用包的那种大多数安全“漏洞” (对于想一个更好的词) 。因此造成用户“实际威胁”仍然存在,至少现在,很大程度上是一个理论。
|
||||
|
||||
That’s to say that there are no known incidents of identify theft or worse resulting from use of Mint (or any other Ubuntu-based distribution with unpatched packages) through any of the exploits referenced by Grawert on the Ubuntu Dev Mailing List.
|
||||
|
||||
也就是说,没有已知的由于使用Mint系统(或任何其他基于Ubuntu发行版的未打补丁的包)导致利用Grawert引用的Ubuntu开发邮件列表上的漏洞身份盗窃或者更糟的事故。
|
||||
|
||||
|
||||
But just because no-one has entered through the window left ajar thus far, isn’t to say someone won’t ever do it.
|
||||
|
||||
但是,仅仅因为迄今为止没有人曾经进入半掩的窗户,并不能说明其他人永远不会这么做。
|
||||
|
||||
**After seeing Ubuntu given a long and sustained kicking about its own (largely theoretical) privacy issues, it will be interesting to see if, now the boot is placed firmly on the other foot, the vehement concern for users’ wellbeing will extend to other distributions. **
|
||||
|
||||
**看到Ubuntu给出的一个长期和持续的谈论关于它自己的(主要是理论上)的隐私问题后,看看现在开机牢固地放在另一只脚的,用户健康的强烈关注将延伸到其他分类将很有趣**
|
||||
|
||||
*Notice: We reached out to Linux Mint for comment & clarification but received no reply.*
|
||||
*请注意:我们向Linux Mint征求意见和澄清,但没有收到任何答复。*
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: http://www.omgubuntu.co.uk/2013/11/canonical-dev-dont-use-linux-mint-online-banking-unsecure
|
||||
|
||||
译者:[译者ID](https://github.com/译者ID) 校对:[校对者ID](https://github.com/校对者ID)
|
||||
译者:[whatever1992](https://github.com/whatever1992) 校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
|
||||
|
||||
[1]:https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2013-November/014770.html
|
||||
[1]:https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2013-November/014770.html
|
||||
|
Loading…
Reference in New Issue
Block a user