Python Security alert for python libraries

AI Thread Summary
The security alert from the Slovak National Security Authority warns about fake Python libraries that contain malicious code, albeit relatively benign. This highlights the importance of using trusted sources for Python packages. Installing Python modules from a Linux distribution's repository is recommended, as it provides an additional layer of security through vetting and testing by repository maintainers. The alert has prompted organizations to review their installations for potentially infected packages, with some using provided scripts for verification.
Stephen Tashi
Science Advisor
Homework Helper
Education Advisor
Messages
7,864
Reaction score
1,602
  • Like
Likes Borg and FactChecker
Technology news on Phys.org
This seems like a good argument for using Linux. I install all the python modules I need from my Linux distro's repository. So fake packages would have had to get by the vetting and testing of the repository's maintainer. That's an added level of security.
 
Stephen Tashi said:
This security alert
http://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/
warns against fake python libraries: containing "malicious (but relatively benign) code".
I just saw this today. A corporate email went out in my office a couple of weeks ago about this and we've been checking all of our installations for the infected packages using the scripts in your link.
 

Thread 'Learning Assembly and computer architecture for x86'

Dear Peeps I have posted a few questions about programing on this sectio of the PF forum. I want to ask you veterans how you folks learn program in assembly and about computer architecture for the x86 family. In addition to finish learning C, I am also reading the book From bits to Gates to C and Beyond. In the book, it uses the mini LC3 assembly language. I also have books on assembly programming and computer architecture. The few famous ones i have are Computer Organization and...
View full post »

Thread 'Microsoft Technical Interview question'

I had a Microsoft Technical interview this past Friday, the question I was asked was this : How do you find the middle value for a dataset that is too big to fit in RAM? I was not able to figure this out during the interview, but I have been look in this all weekend and I read something online that said it can be done at O(N) using something called the counting sort histogram algorithm ( I did not learn that in my advanced data structures and algorithms class). I have watched some youtube...
View full post »

Similar threads

Python Is Turtle a Module or Library in Python?
Replies
2
Views
2K
Python Understanding Python Module Installation with Pip
Replies
8
Views
2K
Python Re: Python’s Sympy Module and the Cayley-Hamilton Theorem
Replies
3
Views
1K
Trying to run a big python job with AWS (EC2), is there a better way?
Replies
7
Views
2K
Python Building a Solar System simulation with python
Replies
2
Views
3K
Python Python DEAP Library -- List index out of range error
Replies
6
Views
4K
Requesting suggestions for languages, libraries, and architectures for parallel (and sometimes non parallel) numerical and scientific computations
Replies
8
Views
4K
Do you want to build a website?
Replies
15
Views
2K
Implementing secure login with Swift and a PHP API
Replies
13
Views
2K
I am getting an error Import "_frozen_importlib" could not be resolved
Replies
5
Views
14K

Hot Threads

Recent Insights

Back
Top