I'm pretty sure I ran across malicious Chrome plugins being mentioned before.
Eclipse and PyPy has a problem with it too[0][1].
Apple with their walled garden also isn't a panacea. They let a very glitchy and broken version of cuphead onto the app store (so much for manual review and flawless experience) and there apparently is a known repeated offender whose MO is to port popular indie desktop games (maybe because it's Unity3D games it's easy?) to iOS hastily and sell them[2]. They also only last year banned the fake anti-viruses (the "speed your phone up by clicking this red button in this free app and paying us $10 to remove 1337 north korean backdoors, viruses and unneeded programs!1" clickbait kind, the one that targets low tech people).
I also wonder how far you could maybe get with some really great game in a native executable for Windows on itchio or Game Jolt (or maybe even on Steam, they are really bad with catching broken, bad, etc. games and have a very hands off approach to everything on there) that was also packed with covert viruses/trojans, people download and run those very willy nilly on their computers, don't keep themselves up to date (thanks to Microsoft making updates obnoxious and doing crap like installing Candy Crush 325254th time, I know I removed one from my laptop like twice or thrice now) and I wonder if there is any security scanning on those sites to try detect viruses in uploaded files (I wanted to try with EICAR but it kept getting nuked by Windows Defender and I don't have the patience to try make it leave my EICAR file alone).
Yes, of course! I mistyped because the names are so close. I can't edit it anymore either. There's of course nothing specific to PyPy (or CPython or any other implementation) with being vulnerable to crap code in PyPI being pulled in by pip or something.
I also meant Chrome extensions of course, not plugins, but plugins are so rare (except the default Flash) and sidelined (even chrome://plguins no longer works) that I call extensions plugins very often.
Eclipse and PyPy has a problem with it too[0][1].
Apple with their walled garden also isn't a panacea. They let a very glitchy and broken version of cuphead onto the app store (so much for manual review and flawless experience) and there apparently is a known repeated offender whose MO is to port popular indie desktop games (maybe because it's Unity3D games it's easy?) to iOS hastily and sell them[2]. They also only last year banned the fake anti-viruses (the "speed your phone up by clicking this red button in this free app and paying us $10 to remove 1337 north korean backdoors, viruses and unneeded programs!1" clickbait kind, the one that targets low tech people).
I also wonder how far you could maybe get with some really great game in a native executable for Windows on itchio or Game Jolt (or maybe even on Steam, they are really bad with catching broken, bad, etc. games and have a very hands off approach to everything on there) that was also packed with covert viruses/trojans, people download and run those very willy nilly on their computers, don't keep themselves up to date (thanks to Microsoft making updates obnoxious and doing crap like installing Candy Crush 325254th time, I know I removed one from my laptop like twice or thrice now) and I wonder if there is any security scanning on those sites to try detect viruses in uploaded files (I wanted to try with EICAR but it kept getting nuked by Windows Defender and I don't have the patience to try make it leave my EICAR file alone).
[0] - https://eclipse.org/org/press-release/20170814_security_bull...
[1] - https://news.ycombinator.com/item?id=15256121
[2] - https://www.polygon.com/2017/12/18/16790052/cuphead-fake-ios...
[3] - https://www.theverge.com/2017/9/15/16314034/apple-developer-...