Posted inInformation Technology

A Linux Distro That Doesn’t Force Updates Like Windows

I really hate it when a search takes me to a “Stack” site, especially a Linux based “Stack” site. Everybody who does anything serious with Linux is looking for a desktop distro that doesn’t force updates out. When you work in the safety critical systems world you will fail a binary audit if even one version of one library is different on the system.

So, I knew I shouldn’t click the link going to this question.

Does Ubuntu force updates like Windows or I can choose if I want to update?

Question found here

The 12 year old boys couldn’t race fast enough to vote it down. As such, I’m going to include it here so adults can find it long after it has been deleted.

The Answer

Yes, Ubuntu forces updates on you much like Windows. To start with they have unattended-upgrades, which is really a virus. I’ve written blog posts on how to nuke it. If you are running various versions of Ubuntu in different VMs, like for testing .deb packages or building for older systems, you can do nothing for a good 15 minutes while this virus locks the file in /var needed by your test install.

Why would you want to disable all updates?

One person asked that in this thread. Here’s the answer: Embedded systems development for safety critical devices.

By law/regulation noting can change on the development machine. You must also be able to replicate the development environment from scratch to an exact binary match. The reason for this is the intense amount of testing which must happen for medical devices (think surgical robots), mining equipment, even many aviation and satellite projects.

Change the version of even one core library and you really have to do all of that testing again. For surgical robots and some other things that can involve a multi-year clinical trial.

Updates don’t break things.

Someone uttered that (or close to it in this message thread.) You weren’t hear during the Broadcom debacle. After unattended-upgrades ran most network cards/adapters/ports using Broadcom chips ceased to function. Users rebooted and unless they had another computer to pull a patch down with, they were hosed.

For the past decade of my career I have worked in the embedded system/medical device world. We are absolutely desperate for a .deb compatible Linux distro with zero forced updates.

Safety critical development environments

Generally these development environments are spun up in a VM which gets exported and archived. Unless your client has deep enough pockets to set up their own Linux repo and customize where the desktop looks for updates, it is physically impossible to “recreate from scratch” because all Linux distros keep rolling updates into the repos. You basically have to wait until the repo has been migrated and follow instructions like these for Ubuntu 10.04.

When we spin up a Linux Dev environment it is in a VM. Sometimes we get licensed VPN software for the VM like the ones listed here. Normally the desktop OS, be it Windows or a Linux distro, has the full VPN and anti-virus on it. Unlike the Oracle VirtualBox default, once the VM is established we switch the VM so it only has local net not internet access. Problem here is that virus unattended-upgrades (and a few other things) keep hanging systems trying to connect to the Internet.

The industry is desperate for a singular stable linux distro that doesn’t push updates or advertising. Having to build a custom desktop using Yocto just so you can then safely do Yocto builds for your target really sucks.

Roland Hughes started his IT career in the early 1980s. He quickly became a consultant and president of Logikal Solutions, a software consulting firm specializing in OpenVMS application and C++/Qt touchscreen/embedded Linux development. Early in his career he became involved in what is now called cross platform development. Given the dearth of useful books on the subject he ventured into the world of professional author in 1995 writing the first of the "Zinc It!" book series for John Gordon Burke Publisher, Inc.

A decade later he released a massive (nearly 800 pages) tome "The Minimum You Need to Know to Be an OpenVMS Application Developer" which tried to encapsulate the essential skills gained over what was nearly a 20 year career at that point. From there "The Minimum You Need to Know" book series was born.

Three years later he wrote his first novel "Infinite Exposure" which got much notice from people involved in the banking and financial security worlds. Some of the attacks predicted in that book have since come to pass. While it was not originally intended to be a trilogy, it became the first book of "The Earth That Was" trilogy:
Infinite Exposure
Lesedi - The Greatest Lie Ever Told
John Smith - Last Known Survivor of the Microsoft Wars

When he is not consulting Roland Hughes posts about technology and sometimes politics on his blog. He also has regularly scheduled Sunday posts appearing on the Interesting Authors blog.

Leave a Reply