I get what you mean, but people are stupid. There needs to be guardrails to prevent these things from happening. That’s why the AUR is a bad idea and it should be shut down.
You want your software to be available for a distro? Go through the proper channels. Submit it for review and get it approved. If you stop maintaining it, they remove it. Plain and simple.
That’s why you don’t have this problem with other distros. Arch made it too easy to download and install unverified, untested, potentially malicious software through the AUR and now every idiot that thinks they know what they’re doing are infecting their systems.
There are some software that I only have because of AUR. For example, Brother printer drivers.
AUR is a great option to have. It doesn’t mean people should use it for everything, when there’s a perfectly capable version of the same software downloadable from Arch, Flathub or even through Distrobox.
Having options is a good thing, people just need to take care.
In fact, downloading something from AUR without checking it is hardly more dangerous than adding PPAs in Ubuntu.
In control of installing malware?
I get what you mean, but people are stupid. There needs to be guardrails to prevent these things from happening. That’s why the AUR is a bad idea and it should be shut down.
You want your software to be available for a distro? Go through the proper channels. Submit it for review and get it approved. If you stop maintaining it, they remove it. Plain and simple.
That’s why you don’t have this problem with other distros. Arch made it too easy to download and install unverified, untested, potentially malicious software through the AUR and now every idiot that thinks they know what they’re doing are infecting their systems.
There are some software that I only have because of AUR. For example, Brother printer drivers.
AUR is a great option to have. It doesn’t mean people should use it for everything, when there’s a perfectly capable version of the same software downloadable from Arch, Flathub or even through Distrobox.
Having options is a good thing, people just need to take care.
In fact, downloading something from AUR without checking it is hardly more dangerous than adding PPAs in Ubuntu.
Hahahahaha they also come in Debian .deb and Fedora .rpm packages. That’s why I never got this problem with my hardware on Ubuntu or Debian.
And no it’s not the same as PPAs.
https://archlinux.org/about/
Versatile, sure.
But Arch is anything but simple. The proof is the number of Arch spinoffs that were made to make it easier to install and use.
And any distro can be for competent Linux users. I mean, Linus Torvalds uses Fedora. I don’t think theres a more competent user than him.
There’s conceptual simplicity and there’s UX. Arch is mostly the former.