Jan Schaumann

Why signed packages and repositories are important, part 64:

The `baltocdn.com` domain, previously used as an apt mirror for helm.sh, apparently expired. Meaning, whoever picked it up could have been serving malware to anybody pulling unsigned packages from there:

https://helm.sh/blog/security-notice-baltocdn/

#k8s

Security Notice: Former Helm APT Mirror Domain `baltocdn.com` Statement | Helm

The Helm Security Team has received third-party reports that the ownership on the former community-maintained Debian/Ubuntu APT mirror domain, baltocdn.com, has changed after baltocdn.com's original registration lapsed.

Jun 8 at 7:49pmWeb
Show threadClaudius2d ago
@jschauma yes. But also: this is why CDNs are generally to be avoided. If code runs on your website, host it yourself.