I recently set up file integrity monitoring with AIDE [1] for sensitive
files/directories on my system to hopefully catch malware that slips
through the cracks when reviewing PKGBUILDs since that just seems
increasingly more likely.
that + ye olde clamav [2] and openscap [3] at least make me feel like
less of a sitting duck wrt supply chain attacks.
it's probably also time for me to do some (late) spring cleaning on my
system & remove packages I don't need anymore to reduce the attack
surface :D
[1] https://aide.github.io/
[2] https://www.clamav.net/
[3] https://www.open-scap.org/
