This is important news. When you download packages from a distro's repositories, you take it on faith that these packages have been checked for malware and are clean. The Ubuntu Snaps Store is treated by the user in the same way (with the same faith) as the distro's repositories, but Ubuntu don't place the same restraints on it, allowing anyone to upload snap packages in order "to provide more easily installable packages to its users" (according to the article).
This is not cool. I would rather be assured that packages were clean than have a wider selection of them.
I suppose, on the bright side, this particular malware was found and action was taken.
|