Open Menu
AllLocalCommunitiesAbout
lotide
AllLocalCommunitiesAbout
Login

Ubuntu will manually review Snap Store after crypto wallet scams

⁨45⁩ ⁨likes⁩

Submitted ⁨⁨7⁩ ⁨months⁩ ago⁩ by ⁨leo@lemmy.linuxuserspace.show⁩ to ⁨news@lemmy.linuxuserspace.show⁩

https://arstechnica.com/information-technology/2024/03/ubuntu-will-manually-review-snap-store-after-crypto-wallet-scams/

source

Comments

Sort:hotnewtop
  • lemmyreader@lemmy.ml ⁨7⁩ ⁨months⁩ ago

    Ubuntu Snap Store looked messy years ago. Why let people upload half baked software and experiments, which get no updates, but add to search engine results ? snapcraft.io/search?q=test We’ve found 815 snaps

    source
    • moonpiedumplings@programming.dev ⁨7⁩ ⁨months⁩ ago

      One of the downsides to hardcoding snap to only be able to use a single repo/store is probably added difficulty in creating testing infra for testing if uploads/CI/CD work.

      lol, one of the first one’s I click on: snapcraft.io/test-snapd-public (by Canonical)

      A basic buildable snap that is expected to be published in public mode

      Maybe if they didn’t insist on holding a monopoly over the store, they would be able to have an internal version of the store for testing, rather than cluttering the public one.

      source
      • caseyweederman@lemmy.ca ⁨7⁩ ⁨months⁩ ago

        Yeah but then they can’t pivot to charging for updates.

        source
    • leo@lemmy.linuxuserspace.show ⁨7⁩ ⁨months⁩ ago

      Oof. Never thought to test that. That’s awful 😬

      source
  • autotldr@lemmings.world [bot] ⁨7⁩ ⁨months⁩ ago

    This is the best summary I could come up with:

    As detailed by one user wondering what happened on the Snapcraft forums, the wallet immediately transferred his entire balance to an unknown address after a 12-word recovery phrase was entered (which Exodus tells you on support pages never to do).

    Mark Shuttleworth, founder of Ubuntu and CEO of Canonical, responded to a related thread on whether crypto apps should be banned entirely.

    Making apps safer for people vulnerable to social engineering is “a very hard problem but one I think we can and should engage in,” Shuttleworth wrote.

    At the Snapcraft forums, Holly Hall, product lead for Ubuntu’s backing services company Canonical, wrote last week about a new policy of manual review for all new Snap registrations.

    As noted by The Register, a different sandboxed app platform (store), Flathub, recently made related changes to its validation process.

    Open software repositories have long faced issues with malicious look-alike uploads, including the PyPI index for Python programming.

    The original article contains 568 words, the summary contains 155 words. Saved 73%. I’m a bot and I’m open source!

    source
  • umbrella@lemmy.ml ⁨7⁩ ⁨months⁩ ago

    wasnt that the damn stated point of making it proprietary in the first place?

    i dunno guys, feeling like their excuse was bullshit 🤔

    source
  • caseyweederman@lemmy.ca ⁨7⁩ ⁨months⁩ ago

    They weren’t already?? What is the point of them

    source
  • MyNamesNotRobert@lemmynsfw.com ⁨7⁩ ⁨months⁩ ago

    Snap, is stupid and lame. I stopped using Ubuntu just because I hate snaps.

    source
    • leo@lemmy.linuxuserspace.show ⁨7⁩ ⁨months⁩ ago

      “stupid” and “lame” are a matter of taste, but “slow” is testable, and they’re quite fast these days. They have their uses, especially on embedded devices and servers, but I get your point. Flatpak is my go-to.

      source