tl;dr: There’s a relentless campaign by scammers to publish malware in the Canonical Snap Store. Some gets caught by automated filters, but plenty slips through. Recently, these miscreants have changed tactics - they’re now registering expired domains belonging to legitimate snap publishers, taking over their accounts, and pushing malicious updates to previously trustworthy applications. This is a significant escalation.
Context Snaps are compressed, cryptographically signed, revertable software packages for Linux desktops, servers, and embedded devices.
I don’t get how Canonical is both super invested in snap, doubling down on its use, while simultaneously neglecting it and ignoring obvious issues.
The fact is that while I appreciate many technical aspects of snap, I will never use it again simply because I do not trust Canonical’s handling of the store. So much malware has made its way onto the store, remains on the store for extended periods of time, and Canonical has not changed their policies and review process in any meaningful way to stop this from happening.
I don’t get how Canonical is both super invested in snap, doubling down on its use, while simultaneously neglecting it and ignoring obvious issues.
The fact is that while I appreciate many technical aspects of snap, I will never use it again simply because I do not trust Canonical’s handling of the store. So much malware has made its way onto the store, remains on the store for extended periods of time, and Canonical has not changed their policies and review process in any meaningful way to stop this from happening.