this post was submitted on 23 Feb 2024
271 points (98.2% liked)

Linux

48069 readers
772 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Montagge@kbin.earth 32 points 8 months ago (5 children)

I enjoy y'all acting like this couldn't happen with flatpak or AppImages

[–] SnotFlickerman@lemmy.blahaj.zone 31 points 8 months ago* (last edited 8 months ago) (1 children)

Oh, it totally could.

I don't actually see anyone in here making such an argument.

[–] clearleaf@lemmy.world 1 points 8 months ago (1 children)

How is this notable or interesting then? I thought we were all just accepting that malicious software is an inherent part of all open platforms.

[–] SnotFlickerman@lemmy.blahaj.zone 23 points 8 months ago (1 children)

Open platforms often have individuals running/hosting their own repositories, which means the risk is distributed.

This means that the individual repository can be attacked without affecting the whole network. The risk is still there, but they would have to simultaneously attack all repositories at once and succeed with all of them.

In a corporate-hosted platform like Snaps, you have one centralized location that can be abused and that can affect all repositories in the system.

If someone hacks Canonical, they can make the whole Snap Store an attack vector without nearly as much effort.

[–] lengau@midwest.social 1 points 8 months ago

If someone hacks Canonical, they can make the whole Snap Store an attack vector without nearly as much effort.

So basically the same as if someone hacked flathub? Or if someone hacked Canonical/Debian/Red Hat/whoever and gained access to their package signing key?

[–] jbk@discuss.tchncs.de 27 points 8 months ago (3 children)

Those are just app distribution formats. Since there's just 1 snap store which can deliver snaps, they're not comparable.

[–] cybersandwich@lemmy.world 11 points 8 months ago (1 children)

Most people get their flatpaks from the same handful of places though, right? Flathub and ??

This isn't a snap specific issue is what he is saying. It could happen to other stores.

Also, my snap nextcloud is amazing and was the easiest to set up and maintain.

[–] jbk@discuss.tchncs.de 4 points 8 months ago

Flathub has manual submission verification though, which includes the steps to build flatpaks. Reviewers (currently) would definitely catch fishy looking apps.

They've also implemented manual reviews in case of metainfo or flatpak permission changes, another thing for additional safety.

[–] AMDIsOurLord@lemmy.ml 5 points 8 months ago* (last edited 8 months ago) (2 children)

People download and run completely opaque AppImages from god knows where and that's better than Snap Store which is hit with malicious apps so rarely it's actual news

Flatpak also has a system where any scammer and malicious developer can just roll their own flatpak repo and voila, nobody can stop them. If it ever becomes mainstream, it'll be a shit show worse than Google Play

[–] GammaGames@beehaw.org 3 points 8 months ago* (last edited 8 months ago) (1 children)

You’re pretty much just rehashing a possible apt repo “vulnerability,” but at least with flatpak they remember where each package was installed from.

[–] AMDIsOurLord@lemmy.ml 1 points 8 months ago (1 children)
[–] GammaGames@beehaw.org 3 points 8 months ago (1 children)

Anyone can create an apt repo and the override your system packages with new versions.

At least with flatpak only the applications you installed from the bad actor’s repo would be affected, though obviously they can still have a ton of malicious dependencies

[–] AMDIsOurLord@lemmy.ml 2 points 8 months ago (1 children)

This does not invalidate anything I've said

[–] GammaGames@beehaw.org 3 points 8 months ago

I wasn’t trying to, just pointing out that it was nothing new

[–] jbk@discuss.tchncs.de 2 points 8 months ago (1 children)

Text files could theoretically contain malicious content. Why doesn't the format have a built-in virus scanner??? Is this what you're suggesting?

[–] AMDIsOurLord@lemmy.ml 1 points 8 months ago

No, but root-of-trust isn't really established unless you ONLY take packages that the distro's security maintainers actually maintain, Flatpak, Appimage and Snap are a bit of a no man's land. You have to trust the developers to be cool, independent of the tool, unless you as mentioned before use only FOSS software from the distro's main repositories. And yes, specifically main repos because any random dick can go and upload a PKGBUILD or make a PPA.

[–] lengau@midwest.social 1 points 8 months ago (1 children)

What Flatpak stores are there in widespread use other than flathub? (Additional servers that depend on the runtimes flathub distributes don't count.)

[–] GammaGames@beehaw.org 4 points 8 months ago

Elementary has their own for their stuff

[–] IHeartBadCode@kbin.social 17 points 8 months ago (1 children)

It absolutely could. Heck, RPMs and DEBs pulled from random sites can do the exact same thing as well. Even source code can hide something if not checked. There's even a very famous hack presented by Ken Thompson in 1984 that really speaks to the underlying thing, "what is trust?"

And that's really what this gets into. The means of delivery change as the years go by, but the underlying principal of trust is the thing that stays the same. In general, Canonical does review somewhat apps published to snapcraft. However, that review does not mean you are protected and this is very clearly indicated within the TOS.

14.1 Your use of the Snap Store is at your sole risk

So yeah, don't load up software you, yourself, cannot review. But also at the same time, there's a whole thing of trust here that's going to need to be reviewed. Not, "Oh you can never trust Canonical ever again!" But a pretty straightforward systematic review of that trust:

  • How did this happen?
  • Where was this missed in the review?
  • How can we prevent this particular thing that allowed this to happen in the future?
  • How do we indicate this to the users?
  • How do we empower them to verify that such has been done by Canonical?

No one should take this as "this is why you shouldn't trust Ubuntu!" Because as you and others have said, this could happen to anyone. This should be taken as a call for Canonical to review how they put things on snapcraft and what they can do to ensure users have all the tools so that they can ensure "at least for this specific issue" doesn't happen again. We cannot prevent every attack, but we can do our best to prevent repeating the same attack.

It's all about building trust. And yeah, Flathub and AppImageHub can, and should, take a lesson from this to preemptively prevent this kind of thing from happening there. I know there's a propensity to wag the finger in the distro wars, tribalism runs deep, but anything like this should be looked as an opportunity to review that very important aspect of "trust" by all. It's one of the reasons open source is very important, so that we can all openly learn from each other.

[–] Oisteink@feddit.nl 4 points 8 months ago

Nice try canonical - no matter what you say snaps is just your way to lock people in to your store. You’re no better than apple, only your product is shit. Excluding the shoulders you stand on, which are made by others. You’re the enshitification of Linux.

Why would you pull debs from random sites? Do you know how hard that is to do for the average user? And you want to compare that to a download from the store that’s in the basic install on Ubuntu?

[–] Empricorn@feddit.nl 5 points 8 months ago

When it does, we'll deal with it. But in the meantime, the motivation is important. Canonical developed and aggressively pushed Snaps despite most people hating them because... it made then more money.

[–] Kushia@lemmy.ml 2 points 8 months ago

It's happenend with the AUR too.

Snaps however have a certain expectation that newer/inexperienced users should be able to trust them.