Good morning all, I'm working on a small project to provide small devices that can be used for the following: - thin client for rdp and vnc over ssh. - local ubuntu LTS OS (probably trusty) - secure: must track latest (ubuntu) kernel to include all security fixes, include iptables I have a UDOO quad on order (love the SATA port!) and the first two items are easy to deliver. Running an up-to-date kernel I think it is not possible judging by the posts on the forum. The workflow I'm looking for is as follows: - ubuntu issue a kernel specific USN (e.g. http://www.ubuntu.com/usn/usn-1998-1/) - apt-get update && apt-get dist-upgrade -y && reboot - device is no longer vulnerable However I don't think this is possible, at least currently. Could I kindly ask anyone with some good experience to comment? Am I right in my conclusion? And might the situation change when trusty ships? Are their any low cost arm boards that run a stock kernel from any commercial distribution or is this complication universal to arm? Kind regards, Adam.