sonofearth to SelfhostedEnglish · edit-23 days agoPromised myself I will support them after they go stable. They kept their promise and so did Iimagemessage-square166linkfedilinkarrow-up1765arrow-down118file-text
arrow-up1747arrow-down1imagePromised myself I will support them after they go stable. They kept their promise and so did Isonofearth to SelfhostedEnglish · edit-23 days agomessage-square166linkfedilinkfile-text
One of the best pieces of self-hosted software ever to exist. Edit: This is Immich! for the folks who don’t know.
minus-squareSeefoolinkfedilinkEnglisharrow-up8·3 days agoSure supply chain attacks are a thing, but containers aren’t the issue. Any package delivery mechanism can suffer from it. Its up to you to verify those containers and/or build it yourself
minus-squarefrongt@lemmy.ziplinkfedilinkEnglisharrow-up3·3 days agoYup. Whoever backdoored xz was very close to getting it into production. The only reason they got caught was a slight performance regression and an inquisitive and dedicated developer. https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/ Some years ago, a backdoor made it into Gentoo. https://www.zdnet.com/article/linux-infection-proves-windows-malware-monopoly-is-over-gentoo-ships-backdoor-updated/
Sure supply chain attacks are a thing, but containers aren’t the issue. Any package delivery mechanism can suffer from it. Its up to you to verify those containers and/or build it yourself
Yup. Whoever backdoored xz was very close to getting it into production. The only reason they got caught was a slight performance regression and an inquisitive and dedicated developer. https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/
Some years ago, a backdoor made it into Gentoo. https://www.zdnet.com/article/linux-infection-proves-windows-malware-monopoly-is-over-gentoo-ships-backdoor-updated/