Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
Hackbraten
on April 17, 2022
|
parent
|
context
|
favorite
| on:
Assume your devices are compromised
Maintainers of popular, trusted projects can get compromised. Hackers steal their publishing tokens and then publish a new, malicious version.
hedora
on April 18, 2022
|
next
[–]
When did this last happen with Debian or Ubuntu? (which actively vet contributors, at least compared to pip and npm)
eternityforest
on April 18, 2022
|
prev
|
next
[–]
It's not perfect, but it's still pretty good. Plus, if you update manually every few days and read tech news all the time, most malware will probably be discovered before you get it.
hanniabu
on April 18, 2022
|
prev
[–]
That's why I never update anything
taps brain
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
