rafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 1 month ago400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comexternal-linkmessage-square145linkfedilinkarrow-up1448arrow-down11
arrow-up1447arrow-down1external-link400+ Arch Linux AUR Packages Compromised in a Supply Chain Attack Deploying Infostealerscybersecuritynews.comrafssunny@lemmy.zip to Technology@lemmy.worldEnglish · 1 month agomessage-square145linkfedilink
minus-squarestealth_cookies@lemmy.calinkfedilinkEnglisharrow-up4arrow-down1·1 month agoI don’t understand this argument. Isn’t it better to build once and distribute binaries than to make everyone compile it themselves? The vast majority of AUR packages I use are -bin versions.
minus-squarecaseyweederman@lemmy.calinkfedilinkEnglisharrow-up2·1 month agoYou don’t get to see the code that way, which is where bad actors thrive. Also it wasn’t compiled for exactly your system.
I don’t understand this argument. Isn’t it better to build once and distribute binaries than to make everyone compile it themselves? The vast majority of AUR packages I use are -bin versions.
You don’t get to see the code that way, which is where bad actors thrive. Also it wasn’t compiled for exactly your system.