You are not supposed to trust anyone who doesn’t have a duty of providing trust. It is why companies like Red Hat, canonical and Novell were paid billions; they did the reviews and provided support. Yes, some distributions try to provide some of that (like Arch, Debian, etc) but only for core packages (everything else is just the Wild West and it could be malware again)
You are not supposed to trust anyone who doesn’t have a duty of providing trust. It is why companies like Red Hat, canonical and Novell were paid billions; they did the reviews and provided support. Yes, some distributions try to provide some of that (like Arch, Debian, etc) but only for core packages (everything else is just the Wild West and it could be malware again)