The article reads to me like the packages are targeting people trying to use the packages. Certainly someone could package them in something else and attempt to distribute that, but I didn’t get the impression that was the intended vector (this doesn’t mean the article described them well, of course).
As an aside regarding how Python packages work, they’re just code like any other Python code. When done by honest developers, they’re usually plain text files like other Python code. If you code in another language, think of the “math” or “string” libraries. Python lets you write your own, and the internet lets you share them. They are a way to get more functionality than is included in the base language. Things like image processing, machine learning, advanced math, etc. The big projects are all open source, transparent, and well-vetted. We would all know immediately if numpy added a new dependency, for example, the second we tried to get an update. I wouldn’t trust the immature packages regardless of intent, for the reasons I stated in my previous post.
So my home country is getting flooded by illegal immigrants from Africa and mostly Iraq . That is a ‘revenge’ of cockroach dictator of Belarus , Lukashenka . Lithuania has supported democratic uprising in Belarus recently and now we are paying the price i guess.
This artical is a bit old and very brief but things are getting worse by a day and EU ,as always, is very slow to react.
Belarus has created whole network of flights from major Iraq cities to Minsk and then they organize trips from Minsk to our border. Throw people out of busses and show them which way to go through forests to reach Lithuania’s border.
It is ,as usual to Russia and Belarussia now ,state organized hybrid tetorrism against EU.
Because we are in EU and we have to be ‘Humane’ whatever that means anymore.
The real issue is that our border patrol is simply severely understaffed and not prepared for something like this. They are not crossing through control points ,but through hundreds of kilometers of forests we share our border at.
Border controll would need thousands if not not tens of thousands of people to be able to physically prevent them from crossing…
Now they just catch them inside our country and detain them putting a lot of stress on our imigration system,also costing ridiculous amounts of money to house and feed them.
And all of that perfectly plays into Russia/Belarussia s plan of causing civil unrest inside ‘cause there’s a lot of negativity towards illegal immigrants already.
I think that might actually be a good idea. With https being standard now and the vast majority of sites using it the lock icon just becomes an ignored background decoration and finding it missing is not going to raise much alarm.
A new sign showing up where previously there was nothing is going to be far more likely to grab a user’s attention. However there’s precious little any user can really do with that information other than simply stop using the site in question and very few people will do that having no idea what an insecure connection might really entail.
