Ironically, just read an article recently about this exact issue.
The article: https://www.linuxteck.com/ubuntu-trust-problem-2026/
the malware one happens in most repos at some point, but the rest is why i dont use ubuntu.
Yes, that is not just OS repos. There have been plenty of cases with PIP and NPM hosting malware.
. . . and it all boils down to “Canonical being into rent-seeking and having weird NIH issues that make it push low-quality own software (snaps in the current iteration, but there have been others) over better solutions used by other distros.”
If anyone else would rather read text as text: https://www.linuxteck.com/ubuntu-trust-problem-2026/
Snap is the cancer of Linux. Go work for Micro$lop if you like to disrespect users.
Strong agree. I use a derivative that blocks snaps instead of direct Kubuntu now, and it wasn’t Just because of the snaps.
I use a derivative
Without Ubuntu Pro subscription the entire Universe repository does not receive any security updates by Canonical:
https://canonical.com/blog/ubuntu-pro-enhanced-security-and-manageability-for-linux-desktop
You should consider switching to an entirely independent distribution that does not lock security updates behind a paywall, perhaps something based directly on Debian or Fedora.
lock security updates behind a paywall
Saying this is like screaming “I don’t know anything about Ubuntu except that I hate it!!!”
Saying this is like screaming “I don’t know anything about Ubuntu except that I hate it!!!”
I posted a screenshot from Ubuntu’s own blog. So they hate themselves and lie to the world?
While Canonical deserves the criticisms leveled by op (that I agree with), it’s also incorrect to say that they lock security updated behind a paywall.
Anyone that does use Ubuntu gets security updated until they stop supporting that particular release version, which iirc is for six years (I may be wrong, thus is from memory).
If you want extended security updates for a specific version of the os, you can elect to sign up to Ubuntu pro without paying any money. You do have to make an account, and if you so choose you can populate the account info with garbage info and a disposable email, and you’ll get extended security updates for that release version.
While Canonical deserves the criticisms leveled by op (that I agree with), it’s also incorrect to say that they lock security updated behind a paywall.
Anyone that does use Ubuntu gets security updated until they stop supporting that particular release version, which iirc is for six years (I may be wrong, thus is from memory).
I quoted the relevant part and yet you still don’t understand that Universe is explicitly not covered by security support by Canonical without Ubuntu Pro.
Drink your verification can to install security updates.
The updates available through Ubuntu Pro wouldn’t have normally been available prior to Pro. It’s an added service, not something that was previously available that is now locked behind a paywall. There are plenty of reasons to not like Canonical but this isn’t one.
It’s an added service, not something that was previously available that is now locked behind a paywall.
I didn’t say anything about it having changed, so your “now” is disingenuous. Fact is, update support by Canonical for Universe is locked behind Ubuntu Pro. Non-Ubuntu distributions such as CachyOS/Fedora/Bazzite/openSUSE/Debian/… don’t have this hostile behaviour.
They also don’t provide those updates. I am a Fedora guy by the way. I’m not defending Canonical, just pointing out that this is a silly reason to dislike them.
What’s a better alternative that uses apt and KDE and has relatively up-to-date packages (other than Debian testing)?
Debian Sid!
What’s wrong with Debian?
I already know about it, so there’s no need to tell me.
Fair enough.
There’s also Pop and Mint, though I don’t know if their update model differs from Ubuntu at all.
But if you’re already familiar with Debian, why not use it? It’s widely recommended for a reason, it’s hard to beat.
uses apt
May I ask why you seem to be married to the use of
apt?Just couldn’t pass up on the opportunity to insert this banger.Fedora offers apt. AFAIK not by default, so it has to be installed via dnf first but then it’s available.
It’s been like that for years.
It’s maintained by my hardware OEM (Tuxedo) and I’m not even sure it has Universe - most things are flatpaks.
I’m not even sure it has Universe
I strongly suggest looking it up.
deleted by creator
i still have a server running ubuntu
i run snaps on it ewwwww!
it has never fucked me over
How much Days?
Lmao, they put ads in the terminal? Are they pandering to Win11 users?? :)
Worse, the ads on apt are because they put security updates behind a paywall for LTS - granted it’s free for home users but still requires to sign in to get access to them.
They are security updates that were never available otherwise. They didn’t take something that was freely available and put it behind a paywall. It was a new service.
Another TIL, that is even worse.
Original at https://www.linuxteck.com/ubuntu-trust-problem-2026/
I wondered why they didn’t mention that the Universe repository comes without any form of official support and that unpaid community members are expected to cherry pick bug fixes and backport them, usually resulting in no updates, a potential security risk.
Then I scrolled down and they’re suggesting Ubuntu derivatives that are also affected by this (Mint pop). I have the suspicion that they don’t mention to make these two look good.
See https://www.flu0r1ne.net/logs/ubuntu_withholding_universe_security_patches for a somewhat recent (2023) overview on that topic and how Ubuntu Pro plays into this.
ads in the terminal lol. back in 2009 I was a gentoo user and was distro shopping. looked at fedora Debian Ubuntu and arch and settled on Debian.
I don’t remember if ubunto had either snap or unity back then… but I saw Ubunto as mainly making Debian easier to use. I was coming from Gentoo… debian was already easy to use 🙂
now, I use arch btw. switched in 2019 (mainly cause I got new hardware and needed latest releases and latest bugs 🙂)
I don’t think snap existed in 2009?
But yeah Unity was the desktop iirc.Edit now I’m not sure about unity either.
With a title like that you know it’s going to be 100% FUD. Not that Canonical doesn’t deserve some of it.
Four statements of fact, but we’ve gotta get our little blurb in there, too…
Oh how I hated it when I experienced the snap shenanigan firsthand.
I’ve had that same silent Snap install issue, except for Docker CE. Anytime my dev containers die I know where to look.
What’s more trustworthy, Ubuntu or Manjaro?
since manjaro is on fire rn, the question is whether you want a distro by a malicious corp, or a corp that’s abandoned the distro, accompanied by an uprising.
For Manjaro, it remains to be seen how the restructure will workout. They will become a non profit organization. The previous leadership (phil) was one of the reasons why I stopped using Manjaro a while ago, maybe 2 years by now. Just looked into the link a bit and… it’s worse than I thought.
Ubuntu has its own problems, but I think if the core infrastructure and leadership cannot be trusted, then no other decision on the project matters. So my personal vote would go for Ubuntu and against Manjaro, if I were to decide which of them to use.
