• Nik282000@lemmy.ca
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    Github is untrustworthy, anyone can put anything on there. It is up to the end user to determine if a project is safe to use or not.

    The default repos for Debain on the other hand are filled only with software that has been checked by at least one competent person, making them inherently safe.

    • hiddengoat@kbin.social
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      But I thought the open nature of open source meant it was safe because someone has checked all code everywhere!

      This shit has become tedious.

      • Nik282000@lemmy.ca
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        This shit has become tedious

        No kidding. Open source software is safe because it can come from a trusted source that can be checked by others. Not every open source project is checked but the default repos of Debian, for example, are checked and can be trusted.

        All closed source software, on the other hand, is untrustworthy because it can never be checked. This goes for the iOS and Android ecosystems as well. Despite their walled gardens the software is not open and can not be checked, which is why malicious software keeps making it’s way onto phones.

        Have you ever heard of malicious code in the Debian repos?

        • Helix 🧬@feddit.de
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          Have you ever heard of malicious code in the Debian repos?

          I think I heard so a few times, yes. Depends on what you define as “malicious” and which of the repos you’d call Debian repos. Is Debian only stable or is it unstable and testing or contrib or non-free aswell?