Hi, there!
Newbie question here: basically, the title. Perhaps what I’m asking is pretty obvious, but I’d like to double-check with the community on this.
I use Discover on my Debian KDE Plasma set-up, with Flatpaks enabled (but not Snaps). Sometimes, I come across apps (I did just yesterday, searching for translation apps to replace DeepL), that have according to its page, an unknown author and, sometimes, even an unkown licence, but which do require access permission to the whole system (this latter requirement applying specifically to Deb packages, from what I’ve seen).
Under these circumstances, is it safe to assume that such apps will still be safe because of the fact that they appear listed on Discover (in other words, is Discover a guarantee of safety for the apps it shows, as in, some type of checked or proved content), or should I still be wary of potentially malicious software included on it?
Thank you very much in advance :)
Uhhhhhhhh…
Bruh. It’s not safe to assume any software from anywhere is safe… that’s kinda the essence of Zero Day exploits.
Even if you wrote it there have been Linux exploits that hid a root kit, and patched the gcc compiler and linker to create a level of persistence that is just other worldly. IIRC what that fucker was called, but it won’t be hard to find. You can probably still count Linux root kits on one hand.
Hell, I’ll look it up after I’m done with my morning duce… that shit was epic. And like, also, theoretically, you could be Mr. Robot, so… you know… it’s just a good idea not to trust yourself anyway.
I think you are thinking of this.
But, more recently, this should make anyone who is concerned about security shudder. And it was only discovered because some guy in Germany noticed ssh logins were taking a bit longer than in previous versions.
The YT channel Veritassium recently did a video going into more depth about the SSH thing. Was interesting!
Yeah, I watched that. I mostly already knew the story, but it was a great video anyway. And…extremely disturbing. Whoever it was will learn from the mistakes of this attempt…
It can be frustrating, but Debian’s policy against binary blobs was a smart decision. I’ve run into it for glances web interface, and it’s easy enough to decide I’m okay with installing it (and hopefully glances revises their release to address the issue), but removing them by default is smart.
Spot on, thanks for finding that. I wonder if there was ever a proof of concept or something like that. I installed my first copy of Slackware some time in the early 90… Maybe late 80s… it’s getting a bit fuzzy, I want to say that the kernel was pre 0.9.
One of the scariest things I had ever done, but I learned so much more about computers than I would have otherwise. Point being there was definitely some years between Ken’s article… still very much the era of viruses for the same of proving you could create something novel and powerful. We kept collections of them like weirdos that keep poisonous snakes 🐍
Anyway, it’s past grandpas bed time. Thanks again for finding the article, I’ll definitely have to do a bit more research… It was a super fun time in my life and I enjoyed remembering.
I thought he did do a proof of concept, but I could be wrong. It’s been a while (many years) since I’ve read up on it.
My first Linux install was also Slackware, albeit Slackware 3.x, in the late 90s, while avoiding grad school work. I don’t remember what kernel it used at that time. So if you’re grampa, I guess I’m your son. :)
Just for anyone who doesn’t know or is too lazy to click article. “Little bit longer” in this case means 300-500 milliseconds