Sunshine (she/her)@piefed.social to Linux@programming.devEnglish · 2 days ago5 reasons you should ditch Windows for Linux todaywww.zdnet.comexternal-linkmessage-square108fedilinkarrow-up1376arrow-down17
arrow-up1369arrow-down1external-link5 reasons you should ditch Windows for Linux todaywww.zdnet.comSunshine (she/her)@piefed.social to Linux@programming.devEnglish · 2 days agomessage-square108fedilink
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up2·7 hours agoThis isn’t true Linux package managers typically use GPG which is a much better solution. It is simpler and doesn’t have the unnecessary complexity of certificates. What security problems do you think package managers are vulnerable to? If the upstream repo is compromised all bets are off regardless of the system.
minus-squareMihies@programming.devlinkfedilinkarrow-up1·7 hours agoYou are right, GPG signing is good as well. But in both cases you still have unsigned apps. What security problems do you think package managers are vulnerable to? If the upstream repo is compromised all bets are off regardless of the system. Yep. And in such case an antivirus software might come handy.
This isn’t true
Linux package managers typically use GPG which is a much better solution. It is simpler and doesn’t have the unnecessary complexity of certificates.
What security problems do you think package managers are vulnerable to? If the upstream repo is compromised all bets are off regardless of the system.
You are right, GPG signing is good as well. But in both cases you still have unsigned apps.
Yep. And in such case an antivirus software might come handy.