[kwlug-disc] Malware found in Ubuntu Snaps Store

Khalid Baheyeldin kb at 2bits.com
Sun May 13 11:15:04 EDT 2018


We were sheltered because the tried and tested methodology of repositories
made us immune to this for ~ 25 years or so.

The repositories (e.g. Debian and Ubuntu, ...etc.) relied on getting
applications that were open source of some sort, and had people who
advocated their inclusion. These people do the legwork of straightening out
the kinks in their configure, install, and update, and write code that
would make it into a .deb package, with config.d style configuration, pre
and post install scripts, ...etc.

Either that, or the application was well known enough and already did the
process as part of their release (think the well known databases, desktops,
...etc).

So there were eyes on the software.

Snap's model does not seem to have the equivalent of these safeguards:
stuff may be uploaded by anyone, and we have seen how this makes some apps
purely malware on Android and even Apple (who claim that they review apps).

On Sun, May 13, 2018 at 9:30 AM, CrankyOldBugger <crankyoldbugger at gmail.com>
wrote:

>
> I suppose it was improbable, although I had hoped that we were a bit
> sheltered from this stuff:
>
> https://www.linuxuprising.com/2018/05/malware-found-in-
> ubuntu-snap-store.html
>
>
>
> _______________________________________________
> kwlug-disc mailing list
> kwlug-disc at kwlug.org
> http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org
>
>


-- 
Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- anonymous
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20180513/adce3871/attachment.htm>


More information about the kwlug-disc mailing list