Linked by Jordan Spencer Cunningham on Mon 14th Jun 2010 23:58 UTC
Bugs & Viruses Recently, the Linux version of UnrealIRCd was discovered to have had a Trojan worm its way into the source code. Even more embarrassing for the developers of Unreal is that the Trojan's been holding open the backdoor in the source code since November of 2009-- not very recently. And, of course, bloggers and press in general are taking the opportunity of another breach in Linux security to point out doomsday devices that don't really exist.
Permalink for comment 430060
To read all comments associated with this story, please click here.
RE[3]: Comment by lemur2
by WorknMan on Tue 15th Jun 2010 07:13 UTC in reply to "RE[2]: Comment by lemur2"
WorknMan
Member since:
2005-11-13

The "Distro Gods" are not in the business of trying to limit you.


I didn't say they were. Only thing I am saying is that, if you stick to your distro's repository, they are ultimately in control over what gets installed on your system. This is not really any different than the Apple app store.. Sure, their motives might be different (whereas Apple may decide a particular app goes against their profit motive, the Distro Gods may decide that the app is just not popular enough to worry about), but the choice of what you can install is still in the hands of somebody else, unless you seek outside sources, in which case you're opening yourself up to security issues.

For example, if you want a version of Firefox-3.7 that includes WebM, right now, today, then here you go:
https://launchpad.net/~ubuntu-mozilla-daily/+archive/ppa

Open a terminal and enter:

sudo add-apt-repository ppa:ubuntu-mozilla-daily/ppa
sudo apt-get update
sudo apt-get install firefox-3.7

This will install a GPG signed version of Mozilla 3.7 nightly build on your Ubuntu system, using the apt package manager, independent of Ubuntu's repositories. The end user does not have to know anything about GPG. The first command, add-apt-repository, gets a key for the ppa from a trusted keyserver.


No, but they'd have to know about sudo, apt-get, package managers, and key servers. Somehow, that doesn't seem a whole lot less complicated.

Reply Parent Score: 2