🖖USS-Ethernet@startrek.website to Selfhosted@lemmy.worldEnglish · 2 days agoI've been busystartrek.websiteimagemessage-square58fedilinkarrow-up1328arrow-down113file-text
arrow-up1315arrow-down1imageI've been busystartrek.website🖖USS-Ethernet@startrek.website to Selfhosted@lemmy.worldEnglish · 2 days agomessage-square58fedilinkfile-text
minus-squareirmadlad@lemmy.worldlinkfedilinkEnglisharrow-up1·2 days ago OP built a security nightmare How so?
minus-squarequick_snail@feddit.nllinkfedilinkEnglisharrow-up3arrow-down5·2 days agoDocker will happily download malicious containers. It doesn’t use cryptography to verify what it downloads during the layer pull.
minus-squarekrashmo@lemmy.worldlinkfedilinkEnglisharrow-up7arrow-down1·2 days agoThat’s overly dramatic phrasing and you know it. Adding this kind of hyper technical quip to a thread aimed at beginners is insane. Stop doing that.
minus-squarequick_snail@feddit.nllinkfedilinkEnglisharrow-up2arrow-down3·1 day agoNo. Just use apt. Don’t fill your house with sensors that make you vulnerable
minus-squareirmadlad@lemmy.worldlinkfedilinkEnglisharrow-up1·2 days agoLinux can do that too from miners, backdoors/SSH credential stealers, bots, rare ransomware but they exist, rootkits, spyware, and supply‑chain attacks
minus-squarequick_snail@feddit.nllinkfedilinkEnglisharrow-up3arrow-down1·1 day agoApt has done sig checking since 2002 iirc
How so?
Docker will happily download malicious containers. It doesn’t use cryptography to verify what it downloads during the layer pull.
That’s overly dramatic phrasing and you know it. Adding this kind of hyper technical quip to a thread aimed at beginners is insane. Stop doing that.
No. Just use apt. Don’t fill your house with sensors that make you vulnerable
Linux can do that too from miners, backdoors/SSH credential stealers, bots, rare ransomware but they exist, rootkits, spyware, and supply‑chain attacks
Apt has done sig checking since 2002 iirc