this post was submitted on 18 Oct 2025
447 points (97.9% liked)
Linux
9925 readers
605 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Even package managers are vulnerable to many security problems - can they guarantee that apps are not infected either directly or indirectly (through a library)? There is also flathub. Windows have also an option to verify apps through certificates which isn't the case with Linux AFAIK. If you want to stay safe on Windows to some degree you can, but the real problem IMO is that Windows is hugely more used and run by less technical persons. ๐คทโโ๏ธ
This isn't true
Linux package managers typically use GPG which is a much better solution. It is simpler and doesn't have the unnecessary complexity of certificates.
What security problems do you think package managers are vulnerable to? If the upstream repo is compromised all bets are off regardless of the system.
You are right, GPG signing is good as well. But in both cases you still have unsigned apps.
Yep. And in such case an antivirus software might come handy.
Antivirus software would be totally useless since the problem is your own system.
There is also the issue of trust in the antivirus. This programs are typically high privilege and mostly snake oil.