Hello, On Thu, Feb 01, 2018 at 11:53:36AM +0000, Michael Fothergill wrote: > Thus for anyone in the entire world who is new to linux,the most > efficient route at present could well be to install Fedora and be > stable and spectre protected out of the box rather than taking on > the indefatigable odyssey of installing Debian and waiting for > Debian security team to find solutions at whatever pace is > possible given the way the distro is currenty set up.
"The way the distro is [currently] set up" is that the upstream Linux kernel project will provide backports to long term supported kernel versions and these will get folded into Debian stable as a security update. What you call an "indefatigable odyssey" will for the average Debian user be an unremarkable kernel upgrade. And there will hopefully be minimal breakage because a lot of people will have tested it first. You appear to have a level of paranoia that requires you to build the latest kernel release with the latest GCC, and that has motivated you to learn how to do that on Debian, but I feel sure that that is not where the average Debian user is coming from. As you've seen, the method is there for you to do what you have decided you need to do. Or for the curious who want a learning experience. But with Meltdown dealt with by KPTI (already in the stable release) and the obvious javascript issues worked around by the browsers, you have to weigh up the risk of pushing hasty fixes into a stable kernel (and GCC) release. I don't think the sky has fallen just yet but if you do want to see the sky fall, push out a buggy Debian stable kernel package. Debian already has a place to test the latest and greatest (and most broken) versions of packages and it is not the stable release that new users are directed at. Cheers, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting