Linux.com: The Ramifications of Binary DistributionFeb 07, 2000, 00:18 (5 Talkback[s])
(Other stories by Rob Bos)
"In recent months, a fast transition has been made, away from the traditional source distribution of software using tarballs towards a more "user-friendly" approach -- that of binary packages destined for use on a specific platform. Debian, Red Hat, SuSE, and Slackware all have their means of packaging software; thousands of discrete packages that make up a typical Linux distribution are compiled beforehand for a certain platform, put into a package, and set up to fit within the framework of a particular distribution of Linux (with its program dependencies, software and device requirements, and so on)."
"Binary packages are convenient, and relatively trivial to set up properly. They are the preferred format in most arenas due to their relatively small size, and their ease of installation and administration, especially when dependencies are set up properly and easily accessible. Binary package software is quite nice when properly set up. Still, there are several problems with it. First, when software is primarily distributed in non-source format, there is an increased chance of catching and spreading virii from system to system. While there are, at this time, all of three or four documented Linux viruses, none of which have been found "in the wild," the possibility that the number of careless people reaches the critical mass needed to support the spread and continuation of a virus in the wild increases correspondingly with the number of Linux users."
"More immediate, however, is the possibility of trojans. In the worst case scenario, the possibility of malicious code infecting one of the primary Debian mirror sites, and then being distributed quickly and efficiently to any of thousands or hundreds of thousands of machines is a scary thing to consider, especially with the existing web of trust in place. This isn't paranoid fear-mongering...."
0 Talkback[s] (click to add your comment)