Linux security & stability for storage computer

[Giganthrax]

Hello.

 

TLDR:

Spoiler

 

I have a bunch of leftover hardware from my old FX-8150 system that I want to use to build a storage PC for safeguarding important files, photos, videos, etc. This PC would be located at my parents' house and would probably see some (very) occasional use as a work (LibreOffice) and gaming (esport and F2P games, nothing too demanding) machine. 

 

My initial idea was to install Windows 10 on it as that's what I use on my other computers. However, unlike my other computers, this backup PC wouldn't have access to fast internet and would therefore receive updates extremely rarely. Since this includes security, anti-virus, and anti-malware updates, it's made me paranoid that I may accidentally infect it with a virus or something when I copy files to it from a USB or disc.

 

So now I'm considering installing Linux Mint Cinnamon, Lubuntu, or even Manjaro Cinnamon on this storage computer. Obviously, just having these on the backup computer will make it immune to whatever Windows viruses I might get on my other computer (the one I will ultimately copy all files from), but they still likely wouldn't be updated for months or maybe even years at a time. 

 

 

MY QUESTIONS:

- can Mint, Lubuntu, or Manjaro stay stable without regular updates over months or even years, or if only certain programs like LibreOffice, Steam, VLC, graphics drivers, and certain games get updated?

- how dependent are these Linux distros on regular security updates to stay secure? 

[Sauron]

5 minutes ago, Giganthrax said:

- can Mint, Lubuntu, or Manjaro stay stable without regular updates over months or even years, or if only certain programs like LibreOffice, Steam, VLC, graphics drivers, and certain games get updated?

Lubuntu and Mint, yes - Manjaro would probably break upon updating it after months of inactivity. Rolling releases like Arch (and by extension Manjaro) are designed to work best when updated regularly, waiting too long can cause things to break (not spontaneously, just on update).

 

Regardless, for this purpose I would recommend Debian, which is incredibly stable and every release remains supported for a very long time.

9 minutes ago, Giganthrax said:

- how dependent are these Linux distros on regular security updates to stay secure? 

If you don't connect them to the internet, not at all - there are no risks to shield you from. I wouldn't use a system that is years out of date to browse the web though.

 

Being hit by malware through a usb drive on Linux is less likely than being struck by lighting twice.

[Chunchunmaru_]

16 hours ago, Giganthrax said:

Hello.

 

TLDR:

  Hide contents

 

I have a bunch of leftover hardware from my old FX-8150 system that I want to use to build a storage PC for safeguarding important files, photos, videos, etc. This PC would be located at my parents' house and would probably see some (very) occasional use as a work (LibreOffice) and gaming (esport and F2P games, nothing too demanding) machine. 

 

My initial idea was to install Windows 10 on it as that's what I use on my other computers. However, unlike my other computers, this backup PC wouldn't have access to fast internet and would therefore receive updates extremely rarely. Since this includes security, anti-virus, and anti-malware updates, it's made me paranoid that I may accidentally infect it with a virus or something when I copy files to it from a USB or disc.

 

So now I'm considering installing Linux Mint Cinnamon, Lubuntu, or even Manjaro Cinnamon on this storage computer. Obviously, just having these on the backup computer will make it immune to whatever Windows viruses I might get on my other computer (the one I will ultimately copy all files from), but they still likely wouldn't be updated for months or maybe even years at a time. 

 

 

MY QUESTIONS:

- can Mint, Lubuntu, or Manjaro stay stable without regular updates over months or even years, or if only certain programs like LibreOffice, Steam, VLC, graphics drivers, and certain games get updated?

- how dependent are these Linux distros on regular security updates to stay secure? 

You may also consider BSD flavours like https://freenas.org/

[v0nN3umann]

If you really want your data to be secure don't store it on a PC with internet access. Just make regular backups on external drives.

20 hours ago, Sauron said:

If you don't connect them to the internet, not at all - there are no risks to shield you from. I wouldn't use a system that is years out of date to browse the web though.

Yes, but thats also true for a windows pc.

 

But why do you want to skip updates if this pc has an internet connection?

[Sauron]

1 minute ago, v0nN3umann said:

Yes, but thats also true for a windows pc.

Of course

[Giganthrax]

33 minutes ago, v0nN3umann said:

If you really want your data to be secure don't store it on a PC with internet access. Just make regular backups on external drives.

Yes, but thats also true for a windows pc.

 

But why do you want to skip updates if this pc has an internet connection?

External hard drives won't do because I want this information to be outside my house + I want to have a usable computer at my parent's home so I can do some occasional work and/or gaming there.

 

The PC will have an internet connection, but it'll be slow one, which would make downloading huge updates a chore. I would download them occasionally, of course, but it wouldn't be anything regular. 

[v0nN3umann]

22 hours ago, Giganthrax said:

External hard drives won't do because I want this information to be outside my house + I want to have a usable computer at my parent's home so I can do some occasional work and/or gaming there.

 I don't see your point. You can store external drives there and have a working computer there.

 

[Giganthrax]

2 hours ago, v0nN3umann said:

 I don't see your point. You can store external drives there and have a working computer there.

 

In that case, why not just have the said hard drive inside the same computer that I have there?  Why would I go through the bother of hooking it up every time? 

[v0nN3umann]

On 4/11/2019 at 8:39 PM, Giganthrax said:

In that case, why not just have the said hard drive inside the same computer that I have there?  Why would I go through the bother of hooking it up every time? 

Because that way your data would be safe from ransomware or other malware.

 

[FFY00]

On 4/9/2019 at 11:31 PM, Sauron said:

Manjaro would probably break upon updating it after months of inactivity

Manjaro would not break due to inactivity, actually no system will break due to inactivity. If you stay too long without updating and then proceed to update everything at the same time then something might go wrong, although it's not that likely. If you want to be safe just update your system by parts. It's usually a good practice to update the kernel separately of the rest of tthe system.

[lacion]

you can't keep anything secure if you don't update. period.

 

on the very very least you need to run constant security updates.

 

if you're looking for security and stability I can recommend Debian.

[Sauron]

8 hours ago, FFY00 said:

Manjaro would not break due to inactivity, actually no system will break due to inactivity.

Manjaro will probably break upon updating after months of inactivity, I didn't say it would break spontaneously.

8 hours ago, FFY00 said:

If you stay too long without updating and then proceed to update everything at the same time then something might go wrong, although it's not that likely. If you want to be safe just update your system by parts. It's usually a good practice to update the kernel separately of the rest of tthe system.

Arch and Arch based distros sometimes require manual intervention upon update, for various reasons; if you don't do that for too long fixing the problem becomes hard enough that I'd consider it a breakage. You can almost always fix it, but why bother when there are distros like debian that won't do this? His use case just isn't ideal for a rolling release distro.

[Steven123123]

1 hour ago, Sauron said:

Arch and Arch based distros sometimes require manual intervention upon update, for various reasons; i

I ued Arch for about two years. In that time arch failed once because an Xserver update was released that was not compatible with the latest Nvidia driver. That was really annoying and meant I had to hold back the kernel for almost a year. These days id rather not bother with that sort of thing, although i heard arch does now have a LTS kernel

[Sauron]

57 minutes ago, Steven123123 said:

I ued Arch for about two years. In that time arch failed once because an Xserver update was released that was not compatible with the latest Nvidia driver. That was really annoying and meant I had to hold back the kernel for almost a year. These days id rather not bother with that sort of thing, although i heard arch does now have a LTS kernel

Yes, there's an LTS kernel and it's solved most of these issues for me; still, updating some machines after months has given me some issues in the past. Nothing I couldn't fix, but if you use Arch it's a good idea to stay up to date.

[FFY00]

5 hours ago, Sauron said:

Manjaro will probably break upon updating after months of inactivity, I didn't say it would break spontaneously. 

Yeah, my bad.

[Giganthrax]

Thanks for the replies guys.

 

What I've gotten from this thread is that, while there are fewer viruses for Linux and therefore less chance of getting infected, updates really should be done no matter what if I want safety. So I'll probably just get Windows 10 for like $4 off of ebay (got two of those licenses running perfectly fine on my main PC and my laptop), and try to keep it updated while also taking the extra steps to do more regular virus and malware scans on my main PC to ensure I don't accidentally copy some malicious program onto the USB. I won't need to do this often so it shouldn't be too much of a hassle.

 

Win10 is a bit more of a risk still, but since I have a lot more experience with it than I do with Linux, I figure I would be able to troubleshoot any issues + the updated would be less likely to break my OS. 

[Steven123123]

I use linux for web surfing and use windows for games. I pretty much just have steam installed. I occasionally scan my drive from another windows install for viruses and I have never found anything.