Software installation from safe sources¶
Software is installed from known good sources? Yes / No
Pirated software is riddled with malware. Team members install software coming from legit sources only, reducing the risk that the software comes with malware.
Safe software channels include:
- App stores by operating system vendors
- Official, signed, UNIX distribution repositories
- Programming community package repositories
Basic security understanding and cyberhygiene should still be applied when installing from safe channels (e.g., Google Play is known to host several rigged applications).
Even if malware is not targeting the project itself, malware authors inspect infected computers for high-value targets and may open an attack if they notice such a successful infection.
Applies for: Everyone