An increase in demand for quick and easy distribution of software is pushing risky practices.
Package management systems claim to manage packages, but they leave a lot to desire. The perception that users are stupid and can't understand command line, has turned many unsafe practices that were meant to quickly install a pre-released package into primary means of distribution.
We look at some of the most popular open source distribution mechanisms and share our view through recent incidents, a little bit of research and some suggestions for attack vectors.
URLs for Package Mis-Management
- Tuesday Aug. 21 11:00 - 12:00 at Speakers Tent