[kwlug-disc] Malware found in Ubuntu Snaps Store
Remi Gauvin
remi at georgianit.com
Sun May 13 11:53:14 EDT 2018
On 2018-05-13 11:15 AM, Khalid Baheyeldin wrote:
> We were sheltered because the tried and tested methodology of repositories
> made us immune to this for ~ 25 years or so.
>
>
One of the things I like about Ubuntu is the great ecosystem of PPA's.
Over the past several years, I found PPA's did a great job of filling
the gaps between what makes it into a relatively stable distro, and
those software packages I need to be newer for a specific task. PPA's
were certainly more convenient that downloading and compiling from source.
In this regards, I'm a little torn. On the one hand, it's just as easy
for a bad or careless actor to put a bad package in a PPA. Without
Snaps isolation, such a package would root a system, essential requiring
a fresh install, or snapshot restore to guarantee system integrity. Not
to mention her irrevocable lose of private/secret information.
However, in the case of PPA's I could carefully choose which PPA I drew
packages from, (and therefore, essentially, who to trust with the
system.) With the snap store just allowing anyone to put whatever in
one big repository...well,, we all already know exactly where that
leads, and Ubuntu has provided an example in record time.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: remi.vcf
Type: text/x-vcard
Size: 193 bytes
Desc: not available
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/6bbb7353/attachment.vcf>
More information about the kwlug-disc
mailing list