• stevedidwhat_infosec
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    Gamblers fallacy.

    Python, npm, and others are seeing huge spikes in typosquatting with malware

    Supply chain attacks are also continuing to rise which takes away everyone’s naive approach to trusting whatever comes along on the premise of “name brands”

    There’s no such thing as greener grass. It is always just a different shade. We are long past simplistic systems, and continue to grow in complexity which means an increasing attack surface and a necessity for continuing education/research.

    Never trust, always verify. Windows is a heaping dumpster fire 80% of the time but I’m not going to pretend that Linux magically fixes everything and is infallible or somehow just “better”. There’s a reason many people don’t switch to Linux and that’s in the simplicity of using windows (mac, even). Linux, to some extent, requires a technical mindset, especially when it comes down to analyzing push/pull history for every package that gets installed/updated.

    Not to mention the bullshit that comes with the (go figure) most common and user-friendly Linux distro - Ubuntu.