Thread replies: 36
Thread images: 5
Thread images: 5
File: 1402480034977.jpg (7KB, 231x218px) Image search:
[Google]
7KB, 231x218px
What exactly stops a rogue package maintainer from pushing malware to us Gnu/Linux users?
>>
>>58559392
It's all malware.
You didn't think they did it for free, did you?
>>
>>58559424
delete...
>>
The fact that someone would notice and they would no longer be a package maintainer after that.
Unless you use Arch and accept packages up your ass from every literally who on the internet. I hope you packed some lube.
>>
>>58559517
>Unless you use Arch and accept packages up your ass from every literally who on the internet
ha-ha... yeah i don't... ha...
>>
>>58559517
>uses arch cause "bleeding edge"
>gets mad when things break and they can't fix it
>>
>>58559549
Things rarely if ever break
Fixing them is generally a simple google search or AT WORST chroot.
>>
File: 16105693_654882394695530_1218420397561138117_n.jpg (38KB, 645x412px) Image search:
[Google]
38KB, 645x412px
>>58559424
>>
>>58559392
Don't install shits and please verify all the updated modifications before upgrading your system. It's quite long but this is the price of security.
Furthermore it will force you to use less software and later to create your own ones, it's pretty fun and maybe the most secure way to use a computer these days. Spending one or two hours a day on it is not a real sacrifice.
People are becoming lazy and it begins to be really problematic.
>>
It's open source?
What stops wintoddlers getting malware? Oh wait, it's the only platform that consistently has malware.
>>
>>58559612
So I'm suppose to write my own libraries, frameworks and APIs?
Should i maybe write my own os, kernel and cross-compiler too?
>>
>>58559636
yes but im curious what stops it.
Like can't a package maintainer get hacked, and then the hacker pushes malware through it? Is that even possible?
Simply i'm just worried that even libraries can have like a one line very hidden backdoor hidden somewhere
>>
>>58559661
Yes, it's possible for people to get hacked. We done here?
>>
File: images(2).jpg (6KB, 219x230px) Image search:
[Google]
6KB, 219x230px
>>58559642
Yes.
>>
>>58559642
You can just copy/paste verified code from another projects too.
Every developers are doing it all the time!
>>
>>58559703
why am i not doing this yet?
Do people even write their own code anymore"?
>>
>>58559715
Copy/pasting has some limits too.
But yes some people use myriad of packages/modules to do simple things.
>>
>>58559392
That's exactly why some people are creating AI that writes their own code.
Human is too insecure by nature to write software.
>>
>>58559392
Nothing, but it's enough if the software itself gets compromised. The compromised update on something like Arch will be pushed to the users by next day.
Probably there are CIA/NSA agents embedded as package maintainers and contributors to various software which they deem a good strategic target.
>>
>>58559734
Why am I not doing this yet?
I got stuck thinking I needed to crate everything from scratch myself and thus I never created anything ever
>>
>>58559802
That's why some people use containers and sandboxes everywhere.
>>
>>58559820
What's your goals? What's your strategy?
>>
>>58559858
I don't know
I just want to create something, or make money or something. Over the years I picked up and learned some programming languages and played around with libraries but then i never made anything
How do I make money? Should I do web development?
>>
>>58559870
So your goal is making money. Your strategy is doing software.
That's great, you're not lost at all.
Now you have to find niche things that people like and try to monetize them, it can be recording advanced tutorials on a specific thing or just sharing niche porn and doing sex toys affiliation.
However don't expect to earn thousands of dollars by months tomorrow, it's a very long process.
>>
>>58559959
All I know is a bunch of abstract programming concepts. How do I actually create something practical, or learn how to?
It doesn't even need to earn money, I just want it to be of use to somebody. Money is just the best gauge of the demand for the product.
>>
>>58559870
The most profitable jobs:
Developing and selling his own cosmetics > Developing and selling his own industrial foods > Selling clothes > Corrupted politician > Exploit web casinos > Offshore file sharing website with ads and paid subscriptions
Nothing complicated but nothing funny too, these activities are pretty boring. You can try to become a slut in Las Vegas too. Jobs are everywhere!
>>
>>58560069
You will never be of use to somebody if you can't actually create your own path (or find a fucking path on your own). Begging for others to create a step by step guide on how to 'be of use to others' is fucking useless, anyone can be that retard.
>>
>>58560069
I wrote my own software for my own needs and one day somebody asked me where he could find this application. He was my first paid customer.
>>
>>58560138
I'm not looking for a step by step guide I'm just looking on how to get started. I'm in for the long-haul, not to quickly do anything. I'm willing to spend many years but I just need to figure out a path which I'm stuck on.
>>
>>58559843
But what about when the containers and sandboxes get backdoored?
>>
File: 1483561588586.jpg (90KB, 768x756px) Image search:
[Google]
90KB, 768x756px
>>58559392
Nothing.
Just as nothing stops a rogue company from including malware in their proprietary software for whichever platform.
It's all hoping we're decent enough people to not do it based on the concept that we're doing FOSS for greater good and a private company is making software to earn money. In neither of those scenarios including malware is beneficial to the releasing party.
But then you got the likes of Memesoft.
Some security measures may include having more than one maintainer for every package.
And of course designing the operating system to damage control actually makes it in.
>>
>>58559424
Damn, solid proof there buddy.
>>
>>58559549
Stay out of the testing repos and don't use AUR for system critical shit like your kernel or drivers and shit won't break.
>>
>>58559802
>CIA niggers as package maintainers
>>
>>58559607
cuntdestroyer(ver. 2017).jpg
Thread posts: 36
Thread images: 5
Thread images: 5