🖖USS-Ethernet@startrek.website to Selfhosted@lemmy.worldEnglish · 1 个月前I've been busystartrek.websiteimagemessage-square63linkfedilinkarrow-up1340arrow-down112file-text
arrow-up1328arrow-down1imageI've been busystartrek.website🖖USS-Ethernet@startrek.website to Selfhosted@lemmy.worldEnglish · 1 个月前message-square63linkfedilinkfile-text
minus-squarequick_snail@feddit.nllinkfedilinkEnglisharrow-up3arrow-down5·1 个月前Docker will happily download malicious containers. It doesn’t use cryptography to verify what it downloads during the layer pull.
minus-squarekrashmo@lemmy.worldlinkfedilinkEnglisharrow-up7arrow-down1·1 个月前That’s overly dramatic phrasing and you know it. Adding this kind of hyper technical quip to a thread aimed at beginners is insane. Stop doing that.
minus-squarequick_snail@feddit.nllinkfedilinkEnglisharrow-up2arrow-down3·1 个月前No. Just use apt. Don’t fill your house with sensors that make you vulnerable
minus-squareirmadlad@lemmy.worldlinkfedilinkEnglisharrow-up1·1 个月前Linux can do that too from miners, backdoors/SSH credential stealers, bots, rare ransomware but they exist, rootkits, spyware, and supply‑chain attacks
minus-squarequick_snail@feddit.nllinkfedilinkEnglisharrow-up3arrow-down1·1 个月前Apt has done sig checking since 2002 iirc
Docker will happily download malicious containers. It doesn’t use cryptography to verify what it downloads during the layer pull.
That’s overly dramatic phrasing and you know it. Adding this kind of hyper technical quip to a thread aimed at beginners is insane. Stop doing that.
No. Just use apt. Don’t fill your house with sensors that make you vulnerable
Linux can do that too from miners, backdoors/SSH credential stealers, bots, rare ransomware but they exist, rootkits, spyware, and supply‑chain attacks
Apt has done sig checking since 2002 iirc