The new version of Linux Mint has been released so I went ahead and downloaded it and reviewed it on my latest Dell XPS 13 Kaby Lake machine. That\u2019s when I came across the persistent Linux Mint messaging to its users that discourages software updates. That spreads a very dangerous notion that once you get everything working, you shouldn't touch it.\n\n\nLinux Mint has experienced some security breaches lately, so they should not be encouraging such behavior. Linux Mint project leaders seem to undermine the value of updates and upgrades. Clement Lefebvre, the founder and project leader of Linux Mint wrote in a blog post:\n\n\n[ 5 rock-solid Linux distros for developers ]\n\n\n\nUpgrade for a reason\n\n\n\u201cIf it ain\u2019t broke, don\u2019t fix it\u201d.\n\n\nYou might want to upgrade to 18.1 because some bug that annoys you is fixed or because you want to get some of the new features. In any case, you should know why you\u2019re upgrading. As excited as we are about 18.1, upgrading blindly for the sake of running the latest version does not make much sense, especially if you\u2019re already happy and everything is working perfectly.\n\n\n\nI am not sure about the target audience of Linux Mint, but I am assuming these are not necessarily developers and sysadmins who often keep themselves informed about security bugs. \u00a0A majority of these users may not be reading security advisories; there are no centralized advisories for desktop Linux. Different distros have their own advisories. And I don\u2019t recall if Linux Mint even publishes any such advisories.\n\n\nA few days ago there was a bug in Ubuntu apport that allows anyone to hijack Ubuntu based systems, including Linux Mint. There was another 0-day bug in Ubuntu and Fedora that compromised a system. Every month we come across new vulnerabilities in Linux that are patched by the kernel community or the upstream projects immediately. However, I have never seen any vulnerability reports on the Linux Mint site.\n\n\nI am not sure if Linux Mint users really keep an eye on such bug reports. You can\u2019t really keep up with them unless it\u2019s a focus area for you.\n\n\nSecurity is not an \u201cIf it ain\u2019t broke, don\u2019t fix it\u201d problem.\n\n\nI recall a meeting with Greg Kroah Hartman, the leading Linux kernel developer, where he talked about the importance of keeping your system updated: \u201cWe make a lot of changes, and we're not just making changes because we like to, because that's more work. We're really lazy. We're making changes because we have to. We're making changes because the world changes. The model of 'you make a box and you make it static and you throw it in the corner' doesn't work, because that box has to touch the world and the world changes. Everything interacts, so you have to evolve. If your operating system does not change, it is dead. It's that simple. If your device does not change based on the world it interacts with, it is dead. It's that simple. So look at operating systems that don't change, nobody uses them anymore.\u201d\n\n\nLinux Mint doesn\u2019t have an automatic update mechanism like Chrome OS or Ubuntu Snappy, and discouraging updating systems puts users at risk.\n\n\nMy advice to every Linux Mint user out there is to always run the latest version of your software. Developers are not \u2018wasting\u2019 their time making release after release. They are fixing something; they are improving something. Take advantage of that work. By staying on latest packages you will also be giving back to the projects that you use. If you come across any bugs, you can file a bug report and help developers fix them.\n\n\nMy advice to Linux Mint developers is to:\n\n\n1) Build Linux Mint in a way that it is upgrade proof.\n\n\n2) Build mechanisms and move LM toward an automatic updating system\n\n\n3) Stop discouraging users from upgrading their systems and encourage them to stay updated.\n\n\nDon\u2019t wait for it to break; protect it from breaking by staying updated. All the time.