malicious ppa
Hi,
I would like to report repositories by Rob Savoury. He maintained a lot of ppas at lauchpad. e.g https:/
Lately he switched to a subscription only model so that only paid users can get updates. That in itself is not a problem to me. But instead of just taking down his free repos so non subscribers can no longer get updates, he made it so that if non subscribers try to update via apt upgrade the already installed packages would be removed. This can totally break the users' system if they are not careful (e.g clicking update at the software notifier popup.) E.g attempt to upgrade ffmpeg from the ppa above would wipe out your system.
I have contacted Savoury to advise him to simply disable the ppas and start new ones for subscribers but his response was abusive and rude. These pppas are effectively acting like malware. I think this kind of behavior should have no place in the Ubuntu community.
(also the dependencies are spread throughout many repos so that it is not possible to roll back with tools like ppa-purge, As a general point, users should avoid ppas that upgrade many components and spread through different repositories)
Please look into it.
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Can you help with this problem?
Provide an answer of your own, or ask monkeybrain2012 for more information if necessary.