Package Mis-Management

An increase in demand for quick and easy distribution of software is pushing risky practices.

Package management systems claim to manage packages, but they leave a lot to desire. The perception that users are stupid and can't understand command line, has turned many unsafe practices that were meant to quickly install a pre-released package into primary means of distribution.

We look at some of the most popular open source distribution mechanisms and share our view through recent incidents, a little bit of research and some suggestions for attack vectors.


To be recorded?: Yes

URLs for Package Mis-Management



  • Tuesday Aug. 21 11:00 - 12:00 at Speakers Tent