Score:0

Ubuntu

Is Lubuntu as safe as Ubuntu?

koxige9113

4/21/24, 3:09 PM

I have to format some USB that could be infected. I know that all Linux systems are pretty safe so I shouldn't worry so much, but I would like to be as safe as possible (even if I know that is impossible be 100 % safe).

I always used Ubuntu, I always burnt the ISO on a DVD (so that it is physically read only and not infectable), start Ubuntu Live from the DVD and format the USB. But sadly the latest Ubuntu versions are too big for a DVD (I have not a dual layer DVD reader and I would like to avoid to buy one). Ubuntu 23.04 is 4.9 GB, but I saw that Lubuntu 23.04 is 2.9 GB so I can burn it on a DVD.

So I'm wondering: Are there any security cons if I burn Lubuntu 23.04 on a DVD and use it to do that instead of Ubuntu? Would it be safe exactly as Ubuntu 23.04?

389

4 + 6

security

lubuntu

livedvd

user535733

4/21/24, 3:17 PM

Safety and security are very broad topics. Did you have a specific safety or security worry in mind?

Thomas Ward

4/21/24, 3:17 PM

From a security standpoint, there's no *real* concern between Ubuntu Desktop and Lubuntu, except that LXQt is "newer" than GNOME. HOWEVER, the Lubuntu team is always on top of such security holes and work to get those patched where needed with the assistance of the Ubuntu Security Team to get those patches into the security pocket.

koxige9113

4/21/24, 3:25 PM

@user535733 I mean safe from malware that could exploit OS vulnerability and infect the PC. For example, I run the DVD Live, I open the PC partition, I make a backup of the USB on the PC partition, I format the USB and restart the PC. If the malware exploit some vulnerability of the OS that I runned on DVD Live, it could have infected the PC or worse the bios (i know it's rare, but as I said, I would like to stay as safe as possible). So the question is: Is Lubuntu safe as Ubuntu from malware and other stuff that could infect the PC?

Thomas Ward

4/21/24, 3:35 PM

@koxige9113 That's tantamount to asking "Can my computer running Any Operating System In Existence be infected by malware" which is a global "yes". It's no *less* safe from that risk that Ubuntu itself is, and it's no *more* safe than Ubuntu GNOME is.. And there's the implication of you the user using common sense and being safe online on *any* system you use regardless of the OS as part of the argument to begin with.

koxige9113

4/21/24, 3:42 PM

@ThomasWard ok thank you, you're definitely right about the fact that every system can be infected, but there are some OS safer than others. The classic example is that Ubuntu (or almost every Linux distro) is safer than Windows. So I was wondering if Lubuntu was as safe as Ubuntu or it could have more vulnerability

Thomas Ward

4/21/24, 3:49 PM

@koxige9113 see my answer. But also, I know the security risks first-hand, I'm the person in charge of the Lubuntu Team from executive operations perspectives. I also routinely keep an eye on the Security side of things on Lubuntu and help expedite security patches in as well where it's needed.

Score:3

Ubuntu

Thomas Ward

4/21/24, 3:44 PM

Based on your core question of "safe from malware that could exploit the OS and infect the PC", Lubuntu is no more and no less secure than Ubuntu which runs GNOME. You are equally at risk for Linux-targeted malware on Lubuntu as you are on standard Ubuntu.

A large part of "being safe" is properly securing your system and keeping an eye on processes, etc. for anything unusual, and properly scanning the system with things like ClamScan and other tools to identify malicious software that ends up on your system.

Another large part of "being safe" is having common sense - use adblockers to protect against malicious adverts and scripts, don't visit unsafe sites, etc.

+ 0

Score:2

Ubuntu

Artur Meinild

4/21/24, 3:15 PM

Mainly, yes. There are not any major differences with security patches between Ubuntu flavors. The kernel, main libraries etc. are the same, and they receive the same security patches.

The only thing that differs is the desktop environment - where Ubuntu uses Gnome and Lubuntu uses LXQt. In theory, there could be some security exploit in LXQT that isn't on Gnome, but it could as well be the other way around. Nobody will ever know.

+ 2

koxige9113

4/21/24, 3:31 PM

thank you for the reply, so Lubuntu very similar to Ubuntu, and the reason it is only 2.9 GB meanwhile Ubuntu is 4.9 is because LXQt is smaller than Gnome?

Artur Meinild

4/21/24, 3:34 PM

@koxige9113 yes, indeed. It's the DE and the default apps that are 2 GB lighter on Lubuntu than on normal Ubuntu.

Score:2

Ubuntu

guiverc

4/21/24, 10:44 PM

Don't forget Lubuntu is an official Ubuntu flavor, and is thus built on the same infrastructure by the same tools; just with a different seed files.

Lubuntu 23.04 seed - https://ubuntu-archive-team.ubuntu.com/seeds/lubuntu.lunar/desktop

Ubuntu 23.04 Desktop seed - https://ubuntu-archive-team.ubuntu.com/seeds/ubuntu.lunar/desktop

Its this seeds that cause different packages to install on the same Ubuntu base system.

The difference as I see it is Ubuntu Desktop only uses packages from the 'main' repository that get the attention/checked of the Ubuntu Security Team.

Lubuntu is a community flavor thus its packages are found in 'universe', which doesn't get the Ubuntu Security Team's checks (unless you select to enable and use Ubuntu Pro). In my view, the flavor teams put as much effort into the product (they enjoy doing it being a labor of love; they're volunteers don't forget), they just don't benefit from the paid members of the Ubuntu Security Team performing checks by default.

When it comes to security of the ISO, if you validated the ISO using checksums, and then had it verify the write of that ISO to your installation media; I'd feel as safe using either Ubuntu Desktop or the Lubuntu desktop (or other Ubuntu flavor). You can use the same command ubuntu-security-status to check the health of both; the difference is what packages are installed when used in my view.

+ 2

guiverc

4/21/24, 10:47 PM

Little additional detail here to other questions, except for (a) ISOs are built on same hardware/scripts only with different *seed* (recipe) files... and Ubuntu Security Team's processing of 'main' repository (cf. 'universe') alas that's a difference of the installed packages & not the ISO itself.. My 2c anyway

guiverc

4/21/24, 11:03 PM

The Lubuntu team (*Thomas, myself & other team members*) can influence what goes onto the Lubuntu ISOs via the *seed* file, but not the Ubuntu base system (*Ubuntu team members control that*), nor the ISO itself (Ubuntu Infrastructure handles that, with the *Ubuntu Release Team* handling the renaming/move of a RC (*release candidate*) image to a released image for main Ubuntu products & *flavors* like Lubuntu at the same time. We (*with product manager cred*) can login to ubuntu.com & cause a new ISO build (*during development cycle*), but we can only start the build - not influence it.

Score:1

Ubuntu

Raffa

4/21/24, 3:48 PM

Your security theorem based on read only vs. read/write media appears to be a bit outdated ... There was a time long ago when read only media e.g. CDs/DVDs were shipped directly from the creator/source publisher AKA genuine/original media ... Back then when creating a CD/DVD required some sophisticated equipment that were not readily available on personal computers, read only media were considered somewhat an extra layer of security for the sole reason that they were not easy/possible to create on the end user level.

But, these days ... Well ... No more.

CDs/DVDs can be burned/created on any below average and, ironically, preferably older personal computers as the new ones don't come equipped with a CD/DVD burner anymore :-)

What is more important to know, however, is that Writing an ISO image on your personal computer to either read only(if you still have it) CD/DVD or a read/write USB/disk actually involves the same level of risk as the ISO file is processed on your computer prior to writing/burning so whatever malware on that computer has an equal chance infecting your media both ways.

Luckily, Linux viruses/malware are rare and tied by the user privileges system unlike other OS(not to name Windows) where those bad bits of malicious code can run more freely and do whatever they might fancy.

In short ... If you download any official Ubuntu flavor ISO from trusted sources/mirrors and verify your downloaded file checksum/hash and use a clean Ubuntu machine to burn that ISO, I wouldn't really think twice choosing which type of media to write it to as all roads lead to Rome.

+ 2

koxige9113

4/21/24, 3:59 PM

the problem with the USB is that: I could burn a clean Ubuntu ISO. But when I insert the USB on an infected PC, it could infect the USB because it is writable. Meanwhile, a burned DVD can not be infected becasuse it is not writable anymore. I know there are USB with the read only switch, but many are not sold in my country or they are too expensive. [I even made a post asking if I could use a SD Card as read only unit but sadly it's not physically read only](https://security.stackexchange.com/questions/269799/sd-card-with-the-read-only-switch-can-the-sd-card-reader-still-get-viruses)

Raffa

4/21/24, 4:08 PM

@koxige9113 [SquashFS](https://en.wikipedia.org/wiki/SquashFS) is a read-only filesystem be it on a CD, DVD or USB.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Is Lubuntu as safe as Ubuntu?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.