rafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 21 days ago400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comexternal-linkmessage-square146linkfedilinkarrow-up1449arrow-down11
arrow-up1448arrow-down1external-link400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comrafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 21 days agomessage-square146linkfedilink
minus-squarestealth_cookies@lemmy.calinkfedilinkEnglisharrow-up4arrow-down1·20 days agoI don’t understand this argument. Isn’t it better to build once and distribute binaries than to make everyone compile it themselves? The vast majority of AUR packages I use are -bin versions.
minus-squarecaseyweederman@lemmy.calinkfedilinkEnglisharrow-up2·20 days agoYou don’t get to see the code that way, which is where bad actors thrive. Also it wasn’t compiled for exactly your system.
I don’t understand this argument. Isn’t it better to build once and distribute binaries than to make everyone compile it themselves? The vast majority of AUR packages I use are -bin versions.
You don’t get to see the code that way, which is where bad actors thrive. Also it wasn’t compiled for exactly your system.