Support us on Patreon
PayPalCanonical are currently dealing with a security incident with the Snap store, after users noticed multiple fake apps were uploaded so temporary limits have been put in place.
A post on the Snapcraft Discourse forum noted three "Fake Crypto Apps" had appeared on the store, with the user mentioning they "steal funds from user accounts". Canonical reacted pretty quickly removing them, and the packages get replaced with empty ones so that they get updated and removed for anyone who had them installed
Writing a statement Canonical's Igor Ljubuncic said:
Article taken from GamingOnLinux.com.On September 28, 2023, the Snap Store team was notified of a potential security incident. A number of snap users reported several recently published and potentially malicious snaps.
As a consequence of these reports, the Snap Store team has immediately taken down these snaps, and they can no longer be searched or installed.
Furthermore, the Snap Store team has placed a temporary manual review requirement on all new snap registrations, effectively immediately.
If you try to register a new snap while the requirement is active, you will be prompted to “request reserved name”. Upon a successful manual review from the Snap Store staff, the name will be registered. Uploading and releasing revisions for existing snaps will not be affected.
We apologize for any inconvenience this may cause our snap publishers and developers. However, we believe it is the most prudent action at this moment.
We want to thoroughly investigate this incident without introducing any noise into the system, and more importantly, we want to make sure our users have a safe and trusted experience with the Snap Store.
Please bear with us while we conduct our investigation. We will provide a more detailed update in the coming days.
Quoting: slaapliedjeBut yeah, Arch is, I feel, not a distributions for beginners to use in the first place.
It totally is imho - but the more beginner you are, the more you have to be willing to learn and read the wiki. But if you ARE willing, Arch is a perfectly fine beginner distro. Especially with the amazing community - the "elitism" that is often criticized comes down to "we won't help you if you are unwilling to put in even the slightest effort" in my experience.
Quoting: Termy. . . Which I'm not, so I'll stick to Mint.Quoting: slaapliedjeBut yeah, Arch is, I feel, not a distributions for beginners to use in the first place.
It totally is imho - but the more beginner you are, the more you have to be willing to learn and read the wiki. But if you ARE willing, Arch is a perfectly fine beginner distro. Especially with the amazing community - the "elitism" that is often criticized comes down to "we won't help you if you are unwilling to put in even the slightest effort" in my experience.
clatterfordslim Oct 5, 2023
QuoteQuoting: slaapliedje
The only thing missing with AppImages for me is that they don't all seem to create a proper .desktop file automatically.
I create my own, only use two AppImages. Kdenlive and Audacity. Every time an upgrade is downloaded, just change the version number in the .desktop file and of course delete the old .AppImages. I'm old school and believe in DIM (Do It Myself.) That is one of the things that Windows users, when coming over to Linux don't realise, they have to do some technical stuff themselves, to get some things done. It isn't all handed to you on a plate and it is that aspect of Linux I like. Linux teaches you at the same time as using it.
slaapliedje Nov 1, 2023
Quoting: BlackBloodRumThe problem with AUR is, for a new user at least; is it provides a false sense of security. Unlike the regular distribution packages there is a much lower level of validation, so it is possible for AUR to have dangerous packages. Even experienced users may only check a few PKGBUILDs, found they're safe, continue to use it however neglecting to check further.
You know what I've noticed lately? It used to require 'yay -Syua' to include the AUR built stuff, but now even the -Syu grabs things that are using the AUR PKGBUILDs. Kind of annoys me and makes it a little more effort to check things.
Granted with the chaotic-aur that Garuda uses where they pre-build a lot of AUR packages (hopefully they are actually verified), I find myself using only maybe two from AUR (FoundryVTT is one, trying to remember what the other is, but I think it's a closed source tarball you have to download and the PKGBUILD just creates .Desktop files and puts icons in the right place).
See more from me