- About Us
"I currently have 2,100 Debian packages installed. Every time I update my computer, the authors of every one of these packages get to run a shell script of their choice as root on my machine -- even the maintainers of documentation packages, or of packages I installed months ago and never ran again. Even if I trust the packagers to this extent, what about the risk that one of them has their machine compromised?"
And he goes on to remark that Ubuntu will install an unsigned<nobr> <wbr></nobr>.deb from the web without mentioning security at all. This is a security disaster waiting to happen. As soon as any GNU/Linux distro gets a significant share of the total desktop market, look out for the bad guys to start exploiting this. Steve Ballmer will have a field day pointing out that "Linux" is less secure than Windows. Of course Linux is pretty secure and GNU is pretty secure; but the packaging systems used by nearly all distros make the user bypass all security, so his message will be believed.