The bad news is that as Knoppix was never designed to be installed to the hard drive, it doesn't have a security policy or procedure.

The good news is that it's based on Debian which does.

If you have installed Knoppix to your hard drive, there may be security updates you need to install. There is a basic Security Updates HowTo (http://www.knoppix.net/wiki/SecurityHowTo) in the Documentation section of this website. Please keep your machine updated.

Eadz, going to the link in your post, it suggests to add a few sites to your upfate/upgrade file, I added one, and the first apt- anything caused an error that you need to resolve something with the site, I am quite sure I added the site correctly, but had to comment the site out because it caused any apt-get to crash...

This is the entry:
# Security updates for "unstable" user inserted per SecurityHOWTO
# AptGet warnings on the below path REMOVED by user until resolved
#deb http://security.debian.org unstable/updates main contrib non-free

Cuddles

Eadz, going to the link in your post, it suggests to add a few sites to your upfate/upgrade file, I added one, and the first apt- anything caused an error that you need to resolve something with the site, I am quite sure I added the site correctly, but had to comment the site out because it caused any apt-get to crash...

This is the entry:
# Security updates for "unstable" user inserted per SecurityHOWTO
# AptGet warnings on the below path REMOVED by user until resolved
#deb http://security.debian.org unstable/updates main contrib non-free

Cuddles

It fails for me too you should leave it commented out. You can get security updates for unstable by subscribing to the Debian Security Announce mailing list at http://lists.debian.org and you will have the announcements emailed to you there is usually not many mails it is a low volume list. Then you can check to see if the package(s) in the announcement(s)is installed on your system with apt-cache policy package_name_in_announcemnet. To upgrade the package to the new one in the announcement apt-get install package_name_in_announcemnet/unstable.

is it still recommended to have deb http://security.debian.org unstable/updates main contrib non-free commented out?

out-comment the security update is not the best way i think. i was using these lines for my older 3.3 install of knoppix and it worked fine for me (i got all the security updates with apt-get update | apt-get upgrade)

i havent tried 3.4 yet. hopefully this evening though. but i will setup apt again because is the easiest way to keep your system up to date. no need for installing security patches the manual way or smth.

will apt-get upgrade deal with security updates as well even if security.debian.org is not in the source.list?

I highly recommend everyone head on over to Debian.org and check out the documentation section, particularly the FAQ and the reference manual. Provided you read everything in those two guides carefully, it should tell you most of what you need to know about runnig a Debian system.

With installing Knoppix, you're running Debian testing by default. Debian testing doesn't use the security updates branch because that branch is specific to stable. In other words, the only updates that stable receives are from security. Testing and Unstable are updated frequently, while stable is only updated when a security hole needs fixing. So yes, it's a good thing to comment out the security section.

Thanks for this info. I just ran my first apt-get & apt-upgrade while ssh'd into my box from work. It ran 170Megs worth of updates and is still updating. Only 5% of diskspace left! Cutting it really close here. Hope all goes well when I get home and reboot.. (Crosses fingers)

BTW, I ran into quite a few prompts asking if I wanted to keep my installed version of certain packages (default) or install the package maintainers version.. I choose the later on all these.. I figured if I'm updating I should update all packages instead of using the same one I was previous to update. Any suggestions? Some of the packages that asked if I wanted to update were:
auto.smb
gpm.conf
i2e.conf

TBH

Welp, I'm very sad to report this botched my knoppix load pretty bad. Now, instead of taking 2 days to boot up it takes 3 and then it wont' even load the Knoppix GUI. I can get into other GUI's but now I'll need to reload. Guess that'll teach me to hastly run updates without researching. I loved Knoppix but I think it's time I move on to a more HDD friendly package that has as many utilities as Knoppix but is also easily upgraded. Dedicated debian may be the answer at this point.

hi
the sources list for debian lenny kde 4.2.3 http://www.debian-desktop.org

The problems I originally encountered with knoppix slow boot were caused by using a high write speed when moving the .iso to CD. Try halfing your write speed. After this the hd install went smooth. I am using and upgrading the install without problems. I am already utilizing Knoppix to the same extent I was utilizing XP. The apt-get update, and upgrade went smoothly as well, except Open Office upgrade. I love Knoppix with the swap space on reiserfs. I loaded a distro to and extended (ext) and it was like a turtle stuck in mud. As a newbie, i would discount the advise to not use the hd install of Knoppix (for other newbies). Learn command line, relax and work out your bugs.

Halving the speed may not be enough. I suggest 4x and absolutely never use more than 8x for CDs and 4x for DVDs. Higher speed burns always have problems, but the problems are usually hidden by the error correction code. From what I've seen I don't think Linux has error correction enabled during boot, thus you need a good clean error-free burn. And personally I want that error correction code to be able to help other discs over time recover from scratches and disc rot, so I always use low speed burns. At first I didn't want to believe this, but I learned the hard way when I couldn't recover stuff that I had burn "successfully" and verified at high speed years ago, now all of my burns are at low speed. It is well worth the few extra minutes to get a burn that will boot properly, or one that has a much better chance of surviving over time.