Virual@lemmy.dbzer0.com to Linux@lemmy.mlEnglish · 2 days agoArch Linux's AUR Sees More Than 400 Packages Compromised With Malwarewww.phoronix.comexternal-linkmessage-square85fedilinkarrow-up1260arrow-down10cross-posted to: technology@lemmy.worldlinux@lemmy.worldtechnology@hexbear.nethackernews@lemmy.bestiver.se
arrow-up1260arrow-down1external-linkArch Linux's AUR Sees More Than 400 Packages Compromised With Malwarewww.phoronix.comVirual@lemmy.dbzer0.com to Linux@lemmy.mlEnglish · 2 days agomessage-square85fedilinkcross-posted to: technology@lemmy.worldlinux@lemmy.worldtechnology@hexbear.nethackernews@lemmy.bestiver.se
minus-squareJames@lemmy.calinkfedilinkarrow-up10·20 hours agoThe AUR is basically just a shortcut for downloading random shit off GitHub. It gives un-experienced users a false sense of security.
minus-squareHaraldvonBlauzahn@feddit.orglinkfedilinkarrow-up1·edit-25 hours ago The AUR is basically just a shortcut for downloading random shit off GitHub. It gives un-experienced users a false sense of security. As is “pip install” by the way.
minus-squaresoftotteep@pawb.sociallinkfedilinkEnglisharrow-up1·10 hours agoThe false sense of security is actually caused by people saying the AUR is the easiest way to safely get all your packages, when in reality the AUR itself tells you to always review PKGBUILDs and to not blindly trust AUR packages.
The AUR is basically just a shortcut for downloading random shit off GitHub.
It gives un-experienced users a false sense of security.
As is “pip install” by the way.
The false sense of security is actually caused by people saying the AUR is the easiest way to safely get all your packages, when in reality the AUR itself tells you to always review PKGBUILDs and to not blindly trust AUR packages.