Answer the question
In order to leave comments, you need to log in
The likelihood of malware in open-source daily updates and what to do?
If it used to be wise to exercise some caution when adding obscure PPAs
, can it be the same with mainstream big products now? What to do? What is the strategy? Are there security resources for automatic checks?
Answer the question
In order to leave comments, you need to log in
Automatic checks are useful only to highlight suspicious places, you can not rely on them to catch all the bookmarks. Therefore, you will have to update less often, review the new code, manually collect dependencies and store them. Or design systems so that they do not trust themselves and easily roll back to previous versions.
yes, my God, my Indians do not deal with this garbage, they destroy the system just like that.
Create policy for updates, test subjects, users, critical services
The strategy is the same at all times - install only proven software from vendors you trust. You are talking about PPA, but in the Windows tags it is not clear which OS you are using, but Debian and Ubuntu LTS follow the stability paradigm - just like that, the new version will not appear in the repositories, updates cover mainly errors and vulnerabilities, with the help of patches to the current version of the software .
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question