Downloaded .deb safe?

Martin Laberge mlsoft at
Sun Apr 13 11:29:18 UTC 2008

On Saturday 12 April 2008 14:48:31 Nigel Ridley wrote:
> How does one make sure that a downloaded .deb is safe? I mean, how does one make sure that 
> there are no malicious payloads etc.?
> The file in question is the winff-0.41-i386.deb downloaded from:
> It looks like a very useful app (for my daughter's 'chipod' (Chinese MP4)) but I want to 
> make sure it is safe before installing it.
> Blessings,
> Nigel
> -- 
> OliveRoot Ministries

Unless you read all the source, understand it, and compile
it yourself, with a compiler that you trust (compiled by you)
it is absolutely impossible to be sure of the program
you install.

BUT, no-one is able to read all the source code of all the
parts of all the programs who compose a system.

You are left with the possibility to trust someone, and do not 
trust others.

At least in linux you have this possibility, to random check a 
couple of programs, if you wish. With other systems (Win, Mac,...)
you do not have that possibility, and you are left with
trust, (or distrust).

The only non infectable system I know (I am at it for 30+ years)
is the system who is unplugged from the wall.

Even a pen and paper accounting system can be infected, (with other means
like the hand of your accounting person)

Like many already told, System Security is a Process, not a Goal.

A little bit of trust in trusted source, and a little bit of doubt...
Keep rolling......

Martin Laberge
mlsoft at

More information about the kubuntu-users mailing list