4 years ago
@Hammer459: I see your point, but the instability risk is small. While the security risk could be big. With potentially tremendous impact on people's lives.
I've been using Ubuntu (which doesn't classify updates like Mint) for eight years, and in those eight years I've had only one problem because of a kernel update (in 2006, to be exact). While there were countless security updates in those eight years, some for very severe vulnerabilities, for packages that Mint classifies as 4 or 5.
Yet I believe that Mint is right with excluding *ordinary* updates of level 4 or 5: for those, Mint's way is an improvement. But security updates are something else.
The idea is that they are safer without unverified updates that may destabilize their entire system. With those unverified updates you may introduce new flaws worse than the ones you are fixing. That is why it has to be a conscious act to turn those updates on. In the name of security nothing should be turned on by default if there is even a remote risk that an update makes things worse.
It is now a reasonable balance between the various risks. To alter that balance must be a personal choice.
Just consider how safe the unskilled users would feel if their system suddenly starts acting weird after a level 5 kernel update that messes with their graphics driver, or some such, but it removed a security risk...
The reason for them not being enabled by default is that they pose a small but actual risk of future instability and thus it is not wise to have that on for everyone.