Someone used a hammer to smash a window and steal stuff. Quick, ban hammers!!!
Getting rid of the tools to exploit vulnerabilities doesn’t get rid of the vulnerabilities, and security by obscurity is not security.
Concerning this particular article, perhaps the vulnerability here are not a mallicious software packages, but the management of these software repo’s.
Should it be possible to upload a package on a repo with 99% of the same name as one that already exists without some additional checks?
I do not mind banning hammers for the visitors or a museum, especially if there is an exhibition of art that is concidered “unacceptable” by a certain group of people.
@HumanPerson @Pro True, though we should probably do away with cursor for entirely different reasons.
youtu.be/H2S7PKWaP7c
