26
Ubuntu's Bitcoin Hack & How it will affect Anonymity (monero.town)
submitted 4 months ago* (last edited 4 months ago) by SummerBreeze@monero.town to c/monero@monero.town
5 comments fedilink hide all child comments

A scammer got a fake version of Exodus wallet in Canonical’s Ubuntu Snap Store. This fake scam wallet drained 9 Bitcoins (worth nearly half a million USD) from a user. This article goes over the CEO's shocking and ludicrous response regarding KYC, crypto, and open source dev work: https://simplifiedprivacy.com/ubuntu-crypto-snap-scam/

Tor Browser Onion: http://privacypkybrxebcjicfhgwsb3coatqechwnc5xow4udxwa6jemylmyd.onion/ubuntu-crypto-snap-scam/

top 5 comments
sorted by: hot top controversial new old
[-] prancing389@monero.town 7 points 4 months ago

That's why I don't use Ubuntu, because of their over-reliance on snaps, which do NOT undergo the same quality controls as standard repository feeds. Stick with Debian, don't use untrusted snaps, appimages, or flatpaks. All of the three formats seek to circumvent the exhaustive vetting that gives Linux a significant advantage over Microsoft Windows. Wallets are especially sensitive for obvious reasons.

[-] tusker@monero.town 3 points 4 months ago

Personally I found appimages to be the only useful out of the three, they make running programs with many complex dependencies and configurations very simple. They should be downloaded directly from the publisher and hashes verified of course.

[-] SummerBreeze@monero.town 1 points 4 months ago* (last edited 4 months ago)

Yeah I agree with this. But of course for some apps they only have flatpak to get the newest version compared to the one a debian based distro can get

[-] mariob@liberdon.com 2 points 4 months ago

@prancing389 @SummerBreeze is not the OS developer duty to do quality check on every third party app and its subsequent version updates. This consumes a lot of time for OS developers which should be focusing on OS development.

This stifles development and adoption for both the OS and third party apps. What OS developers should do is to check the authenticity of every app. Like flatpak is doing with verified apps.

[-] SummerBreeze@monero.town 1 points 4 months ago

Sure but this can be communicated better to the user's expectations

this post was submitted on 25 Feb 2024
26 points (86.1% liked)

Monero

1455 readers
5 users here now

This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.

GitHub

StackExchange

Twitter

Wallets

Desktop (CLI, GUI)

Desktop (Feather)

Mac & Linux (Cake Wallet)

Web (MyMonero)

Android (Monerujo)

Android (MyMonero)

Android (Cake Wallet) / (Monero.com)

Android (Stack Wallet)

iOS (MyMonero)

iOS (Cake Wallet) / (Monero.com)

iOS (Stack Wallet)

iOS (Edge Wallet)

Instance tags for discoverability:

Monero, XMR, crypto, cryptocurrency

founded 1 year ago
MODERATORS
admin@monero.town