this post was submitted on 23 Jun 2024
453 points (87.9% liked)

linuxmemes

19676 readers
122 users here now

I use Arch btw

Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
poopsmith
Linuxmemed
Geert
453
Debian used to be so good. What happened!? (lemmy.world)
submitted 1 week ago by renzev to c/linuxmemes
94 comments fedilink hide all child comments
 

Firefox on Debian stable is so old that websites yell at you to upgrade to a newer browser. And last time I tried installing Debian testing (or was it debian unstable?), the installer shat itself trying to make the bootloader. After I got it to boot, apt refused to work because of a missing symlink to busybox. Why on earth do they even need busybox if the base install already comes with full gnu coreutils? I remember Debian as the distro that Just Wroks(TM), when did it all go so wrong? Is anyone else here having similar issues, or am I doing something wrong?

top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 59 points 6 days ago (2 children)

My bank used to complain that my browser was out of date. I wrote an email to customer service explaining to them that:

A) debian's "out of date" browser actually includes all up to date security patches. B) simply reading the browser agent isnt really security. I had simply been spoofing my browser agent to get around their silly browser "security" policy

They removed the browser check 2 weeks later. Not sure if it was because of me

[–] efstajas 21 points 6 days ago (1 children)

simply reading the browser agent isnt really security

It's not for their security, but for that of genuinely clueless people that are just running an actually outdated browser that might have known and exploitable security flaws.

[–] [email protected] 6 points 5 days ago (2 children)

It is not about security at all. They do not want to test or support old browsers. So, they set a minimum version and tell you that you need to upgrade to that.

If they only support one browser, it is going to be Chrome. Chrome has more zero-day vulnerabilities than any other project I can think of. It is not about security.

[–] efstajas 3 points 5 days ago* (last edited 5 days ago)

How do you know this? Of course there are lots of reasons for why they'd want to enforce minimum browser versions. But security might very well be one of them. Especially if you're a bank you probably feel bad about sending session tokens to a browser that potentially has known security vulnerabilities.

And sure, the user agent isn't a sure way to tell whether a browser is outdated, but in 95% of cases it's good enough, and people that know enough to understand the block shouldn't apply to them can bypass it easily anyway.

[–] [email protected] 3 points 5 days ago (1 children)

Yeah if it were about security they'd check the version of HTTPS, SSL, TLS and all that stuff.

[–] efstajas 2 points 5 days ago* (last edited 5 days ago)

Doing that would tell you nothing about whether the browser might have un-patched, known vulnerabilities elsewhere.

[–] [email protected] 20 points 6 days ago

The hero we need rn tbh

[–] [email protected] 24 points 6 days ago (1 children)

[–] [email protected] 2 points 4 days ago

I use NixOS Unstable btw

[–] Siegfried 35 points 6 days ago

Ehm... im using debian stable, no website is telling me to update Firefox (I'm on deb 10, 11 and 12 in different PCs).

Deb 12, my home computer, is on unstable and running smoothly.

Debian isn't "just works" but "it's a freaking rock" + "open source hardcore philosophy".

Maybe I got lucky?

[–] [email protected] 12 points 5 days ago

As everybody else has said, Debian is working as intended. To respond to the actual post though, Debian is working exactly as it always has.

If you think Debian used to be good, you must really love it now. It is better than ever.

Unlike in the past, the primary drawback of Debian Stable ( old package versions ) has multiple viable solutions. Other have rightly pointed out things like the Mozilla APT package and Flatpaks. Great solutions.

My favourite solution is to install Arch via Distrobox. You can then get all the stability of Debian everywhere you need it and, anytime you need additional packages or newer packages, you can install them in the Arch distrobox. Firefox is a prime candidate. You are not going to get newer packages or a greater section than via he Arch repos / AUR ( queue Nix rebuttals ).

[–] agelord 17 points 6 days ago (1 children)

It got better, that's what happened. You're using Firefox ESR, it's not unsafe.

Mozilla also provides a Deb repo for Debian and its derivatives: https://support.mozilla.org/en-US/kb/install-firefox-linux#w_install-firefox-deb-package-for-debian-based-distributions

[–] [email protected] 9 points 6 days ago

Yeah and Flatpaks also exist.

Flatpaks are probably the best generic solution for using an LTS release like Debian Stable on a desktop system. You get the best of both worlds: up to date desktop packages and a stable base.

[–] umbraroze 15 points 6 days ago (2 children)

Debian's Firefox is Firefox ESR, or Extended Support Release. It's behind the bleeding edge, but gets security updates.

If you want the bleeding edge Firefox, you can add Mozilla's own APT repository and install it. Doesn't even conflict with Debian (firefox-esr vs firefox, it even uses a separate user profile by default). Instructions are on the Firefox download page somewhere.

[–] [email protected] 3 points 6 days ago

Bleeding edge? Isn't that just called stable?

[–] [email protected] 3 points 6 days ago

Also, Flatpak

[–] mlg 7 points 5 days ago

Kali: I have no such weakness!

trips and falls on postgres upgrade

[–] [email protected] 10 points 6 days ago

I manage over 40 Debian clients in production use. All are managed with ansible. It's the easiest time in my sysadmin time ever.

My own systems are fedora and Debian unstable. Why? Because I test upcoming changes and features. And think how it would be if all 40 clients run on unstable or fedora, every day updates of 20-60 packages for nothing the user would care about.

Debian stable is my hero.

[–] [email protected] 14 points 6 days ago

Debian is as great as it's ever been.

[–] [email protected] 10 points 6 days ago* (last edited 6 days ago) (1 children)

Debian stable and flatpaks, I don't see all the fuss

[–] [email protected] 2 points 6 days ago

Why does the installer still explode sometimes when I use it on my computers. I use it on my mother's computer or our movie server and it works fine.

Maybe it just eats shit when it sees a btrfs partition or something. Nothing against Debian but I tried to install Debian testing weekly and it just refused to install on my system 76 laptop. After flashing arch on my USB drive to wipe the disk I just said fuck it and installed arch on my laptop again. I haven't had any issues with arch since I've installed it on my desktop five years ago. If arch blows up on my laptop I'll try Debian again.

[–] iopq 5 points 6 days ago (2 children)

What's why we have NixOS. The unstable channel is more stable than most other distros and when it's not, you just roll back

[–] [email protected] 4 points 4 days ago

"I use NixOS, btw"

[–] [email protected] 1 points 5 days ago

Ctrl+F "NixOS"

Anytime stability is mentioned somebody has to chirp up with NixOS. It's the law.

Anti Commercial-AI license

[–] [email protected] 6 points 6 days ago (1 children)

Debian testing is complelty okay. If you want to have the most up to date security use apt to grab sid security updates. https://wiki.debian.org/DebianTesting

[–] [email protected] 1 points 6 days ago (1 children)

I mean they can still be broken, especially if you mix Sid into it.

[–] debil 1 points 6 days ago

The fix comes to sid first. (Not counting experimental.) The right way to do it is to run mixed testing/unstable with apt-pinning so that nothing gets pulled from unstable unless spcifically requested.

That said, stable with Firefox from Mozilla's site and Neovim built from sources and gpack'd into deb package runs perfectly fine with much less hassle.

[–] [email protected] 2 points 5 days ago

Sounds like you need to be using slackware.

[–] TCB13 4 points 6 days ago

What if you just get your browser using their own repositories or flatpak? 🌈

[–] [email protected] 2 points 6 days ago

Just use the Mozilla .deb

[–] MehBlah 1 points 6 days ago

I can't remember the last time I installed Debian and it failed. I last installed it a month ago. Gnome takes some tweaking for me. Mostly to get that stock Ubuntu feel. Nothing extension manager can't do.

[–] [email protected] 2 points 6 days ago

I don't have issues yet on stable 12.5 but I plan to switch to nixos eventually.

load more comments
view more: next ›