Nah. Nothing is perfect of course, but normalizing executing software sourced from random, untrustworthy websites will always be objectively worse than curated repos.
Oh I guess I should totally put my confidence in random sketchy websites. Great point!
It literally doesn’t matter if it’s a publisher site or not, users can’t tell the difference and it normalizes clicking links from a web search and running whatever software download the user sees first.
It isn’t a random, sketchy or inherently untrustworthy site.
You shouldn’t have any issue explaining how you would go about verifying that a software repo is trustworthy and how that differs from verifying a website.
Unless you don’t actually know what you’re talking about…
Nah. Nothing is perfect of course, but normalizing executing software sourced from random, untrustworthy websites will always be objectively worse than curated repos.
It is hardly a random untrustworthy site, it is the software publishers site. There is no reason that a package repo can’t suffer a similar attack.
Your confidence is entirely misplaced.
Oh I guess I should totally put my confidence in random sketchy websites. Great point!
It literally doesn’t matter if it’s a publisher site or not, users can’t tell the difference and it normalizes clicking links from a web search and running whatever software download the user sees first.
Go on then, explain to me how the well known software publishers website is random and sketchy.
I feel like you’ve demonstrated very effectively how users lack the skills to understand what they are reading online 😂
It isn’t a random, sketchy or inherently untrustworthy site.
You shouldn’t have any issue explaining how you would go about verifying that a software repo is trustworthy and how that differs from verifying a website.
Unless you don’t actually know what you’re talking about…