Malware Found In the Ubuntu Snap Store

An anonymous reader quotes a report from Linux Uprising: Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn't make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store.

At least two of the snap packages, 2048buntu and hextris, uploaded to the Ubuntu Snaps Store by user Nicolas Tomb, contained malware. All packages by Nicolas have since been removed from the Ubuntu Snaps Store, "pending further investigations." The report comes from a bug which mentions that the 2048buntu snap package (and other packages by Nicolas Tomb) contains a hidden cryptocurrency miner inside.

*Nix needs a Zone Alarm equivalent

This is why Linux needs the equivalent of the Zone Alarm firewall. Something that will alert a desktop user every time a program first attempts to connect to the internet and allow the user to say yes or no to the attempt. If your firewall allows all outbound traffic by default you do no have a hope in hell of catching a malware infection...

If you've got such software then at least you know something nasty has managed to infect your machine as you'll spot it the first time it tries to "phone home"..

Re:*Nix needs a Zone Alarm equivalent

easily done with some simple scripting, and iptables, assumed most people do this....?

Re: *Nix needs a Zone Alarm equivalent

Most people block incoming by default, but not outgoing. The reason is simply convenience; if the desktop environment showed you a GUI popup asking permission every time an outgoing connection was attempted, it would be much easier for the average user to adopt. Pretty sure that's what the grandparent was talking about; if you still think its trivial, I'd love a link to instructions :)

Re:*Nix needs a Zone Alarm equivalent

As a Linux user, I would love that. I would also like a AFWall+ like feature for Linux. Godlike control is good.

Re:*Nix needs a Zone Alarm equivalent

If uPnP is off at the router then the only connections to worry about are ports like 80.

BTW Snaps are basically containers so some of the damage is contained.

Re: *Nix needs a Zone Alarm equivalent

For users that are neither gamers nor developers there arent really that many programs that needs to connect to internet. Especially not when upgrades are managed by a packet manager.

If the browser, mail program and updater are all installed and flagged as OK by the OS, any popup that asks about internet access should be fairly uncommon.

Re:*Nix needs a Zone Alarm equivalent

[Opportunist]

You mean like ufw?

Re:*Nix needs a Zone Alarm equivalent

I've never cared much for ufw. It's basically just a GUI for setting rules for iptables. When I'm working with iptables, I'd rather set them manually through a shell.

I believe GP just meant something that would give a notification when a program tried to communicate out that's not on the "approved" list.

I'd much prefer something along the lines of atguard, before Symantec raped it. The feature I liked from atguard was the "Rule Assistant" that would give a popup when something didn't match one of the rules. The popup would show you the port, ip address, application, and direction of communication attempt and allow you to setup firewall rules based on that communication attempt. This would help limit outbound connections to specific programs and get notifications when malware is trying to phone home.

The main drawback to this is having to setup firewall rules for each program. Also, it could get fairly cumbersome if you limit the program by MD5, since you'd have to update the hash every time you update a program.

Re:*Nix needs a Zone Alarm equivalent

[ArchieBunker]

Give that asshole Poettering five minutes and he'll shit out some systemd code.

Re: *Nix needs a Zone Alarm equivalent

if the desktop environment showed you a GUI popup asking permission every time an outgoing connection was attempted, it would be much easier for the average user to adopt. Pretty sure that's what the grandparent was talking about; if you still think its trivial, I'd love a link to instructions :)

It is trivial. I can adapt a script to do that in my spare time this week. Would you like me to make it start on boot as a systemd service?

https://sourceforge.net/projects/intrusiondetector/

Re: *Nix needs a Zone Alarm equivalent

[niftydude]

It's called firestarter. Been around for ages.

Re: *Nix needs a Zone Alarm equivalent

Constant irritate messaging? But, that's not the way Zone Alarm works. Since some Linux progs need external data-flow ( think email/browser/Google-earth ... etc ) might as well make that data-flow explicit. Zone Alarm does that with a brilliant GUI ... I thinks that's what Linux byteboiz/nekbeerds hate/fear/loath about Lusr-empowering visually attractive and functionally manifest Zone Alarm ... no typa typpa ... typpatypatyppa ... hashshell*^#%&*_

Re:*Nix needs a Zone Alarm equivalent

[cfalcon]

> BTW Snaps are basically containers so some of the damage is contained.

The malware in question doesn't eat your files or snoop your keyboard or any of the more traditional vectors that a bad actor asks "what would be good lulz and/or allow me to steal data from the owner that I can use elsewhere". It will probably still allow you to be part of a botnet for a DDOS or something like that, but in this case it wasn't network shenanigans either- it was cryptocurrency. It's very unusual to try to preserve your clock cycles and GPU usage, because a given download that is using a ton of computational resources very probably is doing so at the behest of the user- I think across all computing, the only commonly available thing that tries to shut this down is Chrome, and for a similar reason, a cryptocurrency miner.

Re:*Nix needs a Zone Alarm equivalent

This is why Linux needs the equivalent of the Zone Alarm firewall. Something that will alert a desktop user every time a program first attempts to connect to the internet...

So, something like opensnitch?
https://github.com/evilsocket/opensnitch

Re: *Nix needs a Zone Alarm equivalent

I use little snitch on the mac. I wish there was a linux tool that worked the same.

Re: *Nix needs a Zone Alarm equivalent

[tepples]

If the browser, mail program and updater are all installed and flagged as OK by the OS, any popup that asks about internet access should be fairly uncommon.

Add to that list your chat client, your file backup client, your RSS reader, your weather widget, your NTP (time of day updating) client, your music streaming client, your video streaming clients...

Re:*Nix needs a Zone Alarm equivalent

Douane is a graphical firewall that filter and limit the outgoing network traffic per application.

Re:*Nix needs a Zone Alarm equivalent

No we don't need a UAC Clone

Re:*Nix needs a Zone Alarm equivalent

[antdude]

That is not user friendly to non-technical users. He is asking something like Zone Alarm, Conseal PC Firewall, Norton, Outpost, PC Tools Firewall Plus, etc. They have nice GUI and pop-ups to let users allow or deny.

Re: *Nix needs a Zone Alarm equivalent

It's called firestarter. Been around for ages.

fire-starter has not worked with ubuntu for about 6 years now. It was a fantastic app when it was around, but for some reason no one cared about it.

Re:*Nix needs a Zone Alarm equivalent

Yes, Linux is in desprate need of an application level firewall.

I have my own set of iptables scripts which I can call up to block/accept all ports, or allow only 443 or only 443 and 80 ports, but this doesnt help monitoring traffic. Yes I can use a auto updated netstat, I had to make a new script since netactviewer stopped working with linux. I would much like one where by I can blacklist all apps, and then whitelist the ones I want to access the Internet.

There are ways to do this with user groups, but it is very fiicky. I also recall that there was an app on sourceforge called snowleopard.

Firestarter hasnt worked in half a decade.

I dont understand why an app level firewall hasnt been developed. This is one project I'd most definitely donate to. Maybe even pay for if the company if trustworthy.

Re:*Nix needs a Zone Alarm equivalent

[johnsie]

This isn't the 1980s. A more user friendly approach would be far more useful for a majority of desktop users.

Re: *Nix needs a Zone Alarm equivalent

You want a GUI popup Like this?
 
/usr/bin/notify-send "The following service just started listening: $NEWSERVICE"

with a log file?

echo "$(date) The following Service just started listening: $NEWSERVICE" >> ./IntrusionDetection.log

Something that can be trivially installed? No problem. I am already building this functionality into a simple script.

I thinks that's what Linux byteboiz/nekbeerds hate/fear/loath about Lusr-empowering visually attractive and functionally manifest Zone Alarm ... no typa typpa ... typpatypatyppa ... hashshell*^#%&*_

No need to be biased against Linux professionals.

failure to provide free multimedia drivers etc,,

+ other pretenses mean eol cycle for casual desktop users? like guppies in gangsterland.. cease fire stand down.. there are mothers & children in every town.. thanks again..

unsafe?

How does running a cryptocurrency miner make users unsafe? How is this worse for the user than a badly programmed game that waits for the next frame in a spin loop? I think it's fine to enforce some level of cpu efficiency in an app store, but let's not call inefficient apps "unsafe".

Re: unsafe?

[Z00L00K]

It just highlights that something worse could have been attached.

However it also highlights that there's a need to also be able to invalidate cryptocurrency obtained through illegal means.

Re: unsafe?

[phantomfive]

If a central power has the ability to cancel a crytocurrency transaction, then that kind of ruins the point of cryptocurrencies. At that point it becomes way more efficient to just use a database, or several, like our banking system now.

Re:unsafe?

[squiggleslash]

I'm uncomfortable with the term malware too, but let's be honest: unwanted cryptocurrency mining software is going to slow down your PC, drain your battery faster if you have a laptop, and, unpredictably, cause more heat which, depending on the state of your fan, might cause problems too.

I'm still in two minds about the concept, but if we're going to see more software "funded" by mining, then we need to see some standards set otherwise "software funded by mining" will become synonymous with malware, even if the software really is funded this way (ie not prepackaged third party freeware), and controls are given to ensure the mining doesn't cause problems with the PC (ie low priority process, maxes at 5% of CPU, etc.)

Re: unsafe?

[cfalcon]

> However it also highlights that there's a need to also be able to invalidate cryptocurrency obtained through illegal means.

Illegal according to whom? The Chinese government? If you shook your head no, then why wouldn't they be able to, if a government you approve of is able to do so?

Re: unsafe?

The Chinese gov may be able to cancel some cryptocurrency transactions.

If you control more than half of the machines taking part in the currency, you can do that sort of thing. The Chinese are many, and could deploy a large amount of machines. Especially against a "small" cryptocurrency that doesn't yet have too many interested parties.

Re:unsafe?

[tlhIngan]

I'm uncomfortable with the term malware too, but let's be honest: unwanted cryptocurrency mining software is going to slow down your PC, drain your battery faster if you have a laptop, and, unpredictably, cause more heat which, depending on the state of your fan, might cause problems too.

I'm still in two minds about the concept, but if we're going to see more software "funded" by mining, then we need to see some standards set otherwise "software funded by mining" will become synonymous with malware, even if the software really is funded this way (ie not prepackaged third party freeware), and controls are given to ensure the mining doesn't cause problems with the PC (ie low priority process, maxes at 5% of CPU, etc.)

The problem is legitimate activities done for the wrong reasons will classify something as malware.

For example, gathering user data for advertising purposes - gathering user data is a legitimate activity as there are apps with legitimate need. And they can use it for advertising purposes, too, since that's what Google et. al. do as well. However, it can trend into the malicious part if it's all done surreptitiously.

Likewise, designing a cryptocurrency miner is not necessarily a bad thing - there are legitimate uses. (It's also not a new thing - I believe Unity has had a plugin for Bitcoin for several years now - yes, Unity, the game engine). However, again, when done without the user's knowledge, it then becomes malware.

It's one of those things where intent and knowledge is just as much a part of the classification. There was another app that did it openly - it had a "free" version and a "pro" version. You could pay $25 for the pro version permanently, or you can do "Pro for free" where it runs a cryptocurrency miner. It was very honest about it - if you wanted to upgrade, it explained what happened. If you didn't want the pro features anymore, you could revert it to "free" status and it'll stop mining as well. (Or was supposed to - the library the developer used was buggy, and thus it did not shut down properly and had the possibility of running all the time. This unwanted behavior got the developer in a lot of trouble and was forced to remove "Pro for free" as an option).

We Finally found the REAL Tomb Raider

He will be tried as a miner, though

This is so wrong on so many levels

[Provocateur]

As a linux fanatic, I find his deed reprehensible. Where do we begin? Let's see:

1. Install Ubuntu. Then--

Enough! 20 years in the electric chair!

Re:This is so wrong on so many levels

Hey it worked for APK. He needs training wheels on everything he does so we should congratulate him on his ability to try and learn new things.

Re:Slashdot

It seems posting on /. has been known to reverse the ageing process,without the need for scientists or canines or researchers.

Source Code

This is exactly why source code should always be available to read in uncompiled form. If I compile the same code on the same CPU architecture, the same SHA checksum should appear. This applies to SNAPs, DEBs, RPMs, BINs, etc. While the majority of people can not understand the source, I can. This means that I can verify rather than trust.

The concept of TRUSTED COMPUTING is broken. That is why Windows, OsX, iOS, and Android have so many backdoors and malware issues.

Re: Source Code

[Z00L00K]

Resl trusted computing has never existed.

Re: Source Code

That's fine for you, but 99% of the world's computer users can't read code fluently. On a global scale, most users have to trust someone for some things (or even most things).

Re: Source Code

Maybe not for the users to review but for malware and malicious code scanning software to run rather than trying to decompile binaries. Code itself is much easier. Why Ubuntu, now a part of a large company, doesnt run something like Fortify or a other code analyzer on snaps is cheap and detrimental to users

False sense of security?

I have always felt Linux people have that same false sense of security that Apple Mac users have always had. Nothing can touch them because of some lame reason. Either low user numbers, or some theoretical ideal Linux is coded and designed better. Of course maybe the OS itself is a bit better, but most attacks happen through software and web based attacks. As with Mac OS, I know of very few who run a security scan and even less Linux users who say they do. So how in the world do they even know when they get something on their system?

Re:False sense of security?

And how often does shit like this make the news, as opposed to Android and Windows?

So we've now had one instance of intentional malware in a single distribution's app store. Find me another.

Re:False sense of security?

[Ol+Olsoc]

I have always felt Linux people have that same false sense of security that Apple Mac users have always had. Nothing can touch them because of some lame reason.

I have always known that some people generalize the shit out of things.

No OS is completely immune while on teh intertoobz. But it doesn't take too much research to find out which major OS is the least secure. It ain't Linux, and it aint MacOS.

Re:False sense of security?

You're wrong then. We have a true sense of security.

We aren't "prefectly safe", but close to. Linux is well designed with a good security model. (Unlike windows, say.) So attacks are much harder to carry out - and are therefore only carried out against machines worth having. I.e. those with phenomenal bandwith or computational power. But such machines are also well guarded, they are not someone's laptop.

Also, there are so many linuxes around, all slightly different. Not ideal for someone who want to collect machinery for a botnet. They want:
* large monocultures, many uses the same version
  * badly designed security, lots of flaws
  * bigger marketshare
  * long time from flaw discovery to official patch

Windows deliver on all of those, linux on none. So not only is linux harder to develop an automated hack for - you'll get a smaller harvest and it will soon be patched rendering your huge hacking effort obsolete.

These hackers also love corps that prefer smooth talking & secretiveness over actually fixing exploitable bugs.

Another linux advantage: it is all open source. Anyone who discover a vulnerability can disclose it and immediately become "hero of the week" for pointing it out. Same-day fixes are common.

Report a windows vulnerability, and you might at least get a threat about lawsuits for disclosing something that cuts into someones profits. Or you can tell Microsoft only "responsible disclose", and wait forever while they don't patch what only you, they (and anyone else with your level of skill) knows about.

Not on topic: google passwords?

[BlueCoder]

I do own multiple password authentication methods... not even talking about my android phone! I like chrome but how many times a year do I have to physically type my password?

Snaps are impossible to verify

With all dependencies built in, there is a lot to comb through, not to mention that those dependencies may not even be completely patched and up to date.

I'd rather install software the traditional way and be sure that each component I install is verified.

Re:Snaps are impossible to verify

I'd rather just not use Linux. What is this 2003?

Re:Snaps are impossible to verify

I'd rather just not use Linux.

Because Windows is malware done right?

Re:Snaps are impossible to verify

With all dependencies built in, there is a lot to comb through, not to mention that those dependencies may not even be completely patched and up to date.

I'd rather install software the traditional way and be sure that each component I install is verified.

Of course traditional packages are the best option if a trusted party supports your distro release version and provides updates and latest versions for years to come.

Unfortunately that's rarely the case and i'd rather be able to easily install and use the latest version of the software instead of setting up compilation environment and figuring out dependancies and their compatibilies and doing the maintainers work locally.

Re:Snaps are impossible to verify

[hduff]

I'd rather just not use Linux.

Because Windows is malware done right?

It's the *best* platform for malware.

Re:Snaps are impossible to verify

Yes, anyone who doesn't use Linux must be using Windows. Moron.

Re:Snaps are impossible to verify

Rarely? There are lots of distros with LTS branches. Anything redhat or Debian based for example.

O'rly!

How's this surprising. These containerized applications are full userland stacks, all the libs and dependencies the program needs, and then some, wrapped up. It's so easy to hide malware there, and so very difficult to audit them before inclusion, because their very raison d'etre is --- to avoid maintainership and allow "third party" vendors to distribute their mini-distros around.

Is anyone REALLY surprised by this?

Re:O'rly!

The malware was a cryptominer, it wouldn't matter if it was a snap/flatpak/appimage or a good ol' .deb/.rpm.

Re:People who live in glass houses....Bounceback.

I hear they often also wear straight jackets.

Re:People who live in glass houses....

[squiggleslash]

We all live in glass houses on this blessed day!

filezilla

I saw a recent blog post on the official filezilla site where the maintainer is still defending the practice of bundling filezilla with various crapware - no one can get it through that knucklehead's thick skull that it is not safe

I'll drop this right here... MacOS Filezilla

https://forum.filezilla-project.org/viewtopic.php?f=1&t=48172

Distros are impossible to verify

No harder to "comb through" than a regular distro. In fact easier since it only has what's required.

Re:Distros are impossible to verify

Think of snaps as a complete fork of each component, it is separately maintained and packaged and distributed. Now you can begin to see the issue.

Who didn't see this coming?

[Fly+Swatter]

They wanted to replicate the android and fruit ecosystems. Looks like they did.

Re:Who didn't see this coming?

Except without any of the due diligence to scan the store for malware.

Re:Who didn't see this coming?

[ilsaloving]

That depends. If all they did was make an app store available, then they did _not_ replicate said ecosystems.

Apple and Google both have some form of curation process to help keep malicious applications out. (I'm not going to get into who does it better cause that's beside the point).

If Ubuntu, or anyone else, wants to maintain snap repos, then they are going to have to maintain the same protection infrastructure. A perfect example is the Cydia ecosystem. It's a god forsaken mess, and at this point it's virtually abandoned. I gave up on it a long time ago because there were 10s of thousands of bullshit packages, but only about 5 that were genuinely useful. And of those 5, none of them were being maintained and updated for newer versions of iOS.

Similarly, I'd sooner trust free pills from Bill Cosby than trust one of the myriad generic android repos. Especially the Chinese ones.

The single greatest value add of an app store/repo is trust. Having people behind the scenes maintaining the thing so that people can feel safe using that repo is critical to that. If you can't provide that, then why even bother?

More and More

[hduff]

so . . Ubuntu is becoming more and more like Microsoft Windows?
Good to know . . .

Pass

Screw Canonical and all their shitty products, including ubuntu.

It's a general problem

[Casandro]

Essentially you need to keep a separation between code and data. Data is something you can get from any source as dubious data will never be able to breach the security.

Code on the other hand are commands for your computer. Every new code you get onto your computer is a risk you take as it can be malevolent. Therefore you shouldn't take executing foreign code lightly. Ideally you only have your fixed set of programs which you can combine to use with data you get from everywhere.

Things like AppStores pervert that safety precaution. They act as if it was possible to have a secure system, yet download software written by dubious developers.
Sadly, we as a society seem to fall into the same trap over and over again, from Javascript to Active X. From Visual Basic for Applications to Appstores.

Re:It's a general problem

Er, not sure why you include javascript there.

I'm probably the best javascript developer on /. and I cannot make javascript take control of your machine or do anything else outside of the web browser. I don't want to, I'm just saying if I did I couldn't.

Please do not ascribe majikal monkey powers to javascript, it is not realistic.

Active X on the other hand, hah, oh yeah your going into some serious 'lets send fun instructions to the HDD, RAM and CPU' territory which is why anyone with half a brain avoids active x and, VB and .net like the plague they are. Javascript and microsoft garbage are NOT in the same category, so please do not lump them together, thanks.

Re:It's a general problem

Essentially you need to keep a separation between code and data.

Fine. I'll use LISP instead =D

Re:It's a general problem

> I'm probably the best javascript developer on /. and I cannot make javascript take control of your machine or do anything else outside of the web browser. I don't want to, I'm just saying if I did I couldn't.

Guess I'm a better JS developer than you then, I could easily write a malware in JS with nodejs. /s

Oh Snap!

n/t

Nautilus

Anybody seen Nautilus (I believe that's the file manager) using hideous amounts of CPU and memory? Happened to me frequently.

Thanks Google

This is what happens when a sub par system like Android is released....

Use blockchain history to mark "radioactive" coins

[OpenGLFan]

Because the blockchain is public, we know all the blocks that passed through this bad actor -- they were at one point registered to myfirstferrari. We can declare these coins as "radioactive", instructing our systems to not buy coins or fractions that had ever been owned by him or any of the other malware-powered miners.

You're about to get something like it... apk

See my subject: I'm max 7 days++ away from finishing APK Hosts File Engine 2.0++ 6-bit for Linux - & it's way, Way, WAY FASTER vs. the version for Windows done in Delphi XE4, albeit redone in FreePascal w/ Lazarus IDE "latest/greatest" models - Bigtime so!

It's a "kickass" compiler & IDE (just like Delphi to a tee but outputs better .exe (once I figured out how to strip debug from it (20mb to 3.5mb)).

Eventually I'm doing the Windows one in this toolset too for write once/run anywhere TRUE stand-alone single .exe construction (the ONLY way imo).

E.G. - What took 15 minutes in Windows model takes 5 in this port/recompile!

APK

P.S.=> Lastly you MAY not believe this - I'm becoming a "penguin" - I'm impressed by KUbuntu 18.04 + FreePascal compiler & IDE (soon, once this is done on Linux, I'll install PC-BSD & port it there too & right after I'll have a MacOS X version too (courtesy of my nephew @ Apple doing a recompile there as I don't own a Mac))... apk

Re:You're about to get something like it... apk

Do fpc and lazarus work on wine? If that's the case then it's just matter of re-targeting the binary/recompiling on wine. This way you don't need windows (and delphi for that matter) for compiling, well you probably need it for testing (putting windows in VM is another option). I would probably use playonlinux instead of vanilla wine, as playonlinux offers more flexibility.

I used to use Delphi over a decade ago. The last time I worked on Delphi project (>1M LoC) probably 10 years ago. I prefer Qt for GUI related projects these days.

Kubuntu is amazing, I've used it as my main distro (I also use other distros for other purposes), for over 6 years now. I prefer KDE, I used other KDE-based distros in the past (OpenSuSe/SuSe, Mandrake/Mandriva, even Red Hat, etc).

Congrats, APK. Welcome to the "penguin" family ;-)

Re:You're about to get something like it... apk

Sorry dumbass your little toy does no such thing, but please keep lying to yourself if it makes you feel better.

Re:You're about to get something like it... apk

Your do nothing trolling does nothing useful for sure!

Bad snap bad. There was VLC malware too...

I'm all for freedom and think people should be able to install anything they want. That doesn't mean Canonical or the community should let people upload anything they want- particularly proprietary software. Snap needs to die. We can't have malicious parties being able to upload snaps to the software center or it'll just turn into Microsoft Windows and Snap and Flatpak just undermine the very thing that turns most of us away from Microsoft Windows.

Theres a program called Douane

Theres a program called Douane

https://www.youtube.com/watch?v=iXx99s9zBEo

It targets Windows/Linux/BSD/MacOS X natively

FreePascal & Lazarus target Windows/Linux/BSD/MacOS X natively - no need for wine. It creates native apps for all 4 of them (which is awesome).

* @ 1st it made a 20++mb sized exe file & I was like "WTF? On Win64 it's only 6mb in Delphi!" but it's faster (the methods I am using this time are alone, not so sure it's speed of the binary itself produced by the compiler, but more by the methods I am using to process the data of staying away from processing ANYTHING in a visible control & instead rather staying w/ in-memory stringlists) - but after I stripped away debug symbols, it's down to a 3.2mb sized exe now (maybe 5mb @ the finish I am guessing) & it is very, Very, VERY FAST as opposed to my previous design on Windows (like 3-4x as fast).

APK

P.S.=> I tried Linux in 1994 (sucked), then in 1999 (still sucked vs. WIndows) & last time was 2010 (was pretty good but still fell short imo) but now? I like it & am staying w/ it (learning new things everyday is cool, frustrating @ times, but cool)... apk

"Whoops" (misunderstood you, 'mea culpa')... apk

See my subject: Haven't had my coffee yet & am rushing to finish this up today (found out I need admin to 'ping' on Linux, another difference that threw me for a loop in the learning curve (even needs admin rights to burn CD's, lol)) - I see your point now - Use WINE to emulate Windows & recompile that way (probably could be done in theory @ least) so I see your point - the reason I am on Linux, gladly now, is that my install media for Win7 went bad (lol, fate) after 10 yrs. so Linux it was. Next, it will be PC-BSD (last I knew of it was KDE, & like you? I like KDE + have stated it on /. before in the past when I tried Linux in 2010 while I was in Europe for a summer).

* So far, so good, & I SHOULD have it out by the latest, @ the end of next week (I test like hell & polish things up before I release them, it's why no bugs were EVER found in the Windows model (I had more testers then though besides myself, but the majority of the code body is proven so it should be OK on that front too)).

APK

P.S.=> "Onwards & UPWARDS" - next, it's PC-BSD here (for a shortwhile for a recompile & back to Linux due to more applications available for it) which SHOULD make it "MacOS X ready" to send it to my nephew @ Apple for a quick recompile - I ought to talk to the BSD crowd & tell them of FreePascal & Lazarus (yes, I am "raving" on it but it truly ROCKS) & GUI is "the way" for 90++% of folks is why, minus it. they'll never "win the crowd" & don't get me wrong - commandlines & batch processing is FASTER & useful @ times, but not for most people for decades now (admins yes/general users, no)... apk

That's kind of the point of a verified package rep

[fluffynuts]

Maintained by a team of accountable people. This was always one of the reasons a decent Linux distro was more secure than an equivalent Windows machine - because your packages came from a verified source. The concept of snaps makes things more convenient - for everyone, including malware authors. But, you know, so convenient.

"WildThing" vs. you domesticated drones

"WildThing" https://tech.slashdot.org/comm... (join us, won't you?) LOL!

* I've dusted the hell out of you here & am EXPOSING it elsewhere (see link above).

Thought you MIGHT like exposure in the limelight, but, then again?

Germs like YOU simply WITHER in sunlight - come, wither some more, lol!!!

APK

P.S.=> For YOUR listening pleasure (lol, not) & "dramatic effects"? THIS is ME (vs. YOU 'domesticated do-nothing ZERO "ne'er-do-well" SoyBOY TROLLS' like you) WildThing https://www.youtube.com/watch?... ... apk

As I released this in 2012 vs. "internet time"?

See subject my program's shield "You've been asleep Cap for almost 70 yrs" (not anymore) https://www.youtube.com/watch?v=v4YYCLSKhM8/ & last time I used this was vs. "Jeremiah Cornelius" of VMWare & MS when I released what I had since 1999 since it was necessary...

APK

P.S.=> I hope you have the intellect & sensitivity to understand the analogy - world today needs what I am doing & I suggest you do the same IF you can... apk