... a late comment on NP++
After reading the various comments either praising or despising Notepad++ after the MITM event, here's a few thoughts. Firstly Notepad++ is no doubt the Swiss army knife of the text editor world, it basically does everything you'll every need of a text editor, in that vein it's a very nice application as have many of the millions of users worldwide have found. However as mentioned in other comments, it's never wise to mix politics with pleasure, in this case the author should not have been poking a big stick at the tiger unless he knew how deal with that tiger. It was rather naive to think there wouldn't be a response!
Anyway here lies the rub. The software written by an author may well be all secure etc. however it's the 3rd parties managing the software (distribution etc..) that are invisible are potentially the real danger to malware attacks. Who is to say whether the new hosting provider service he's with now won't suffer a similar issue. We've been given no information to who it is or where they are and are presumed to take his word that they are ok and trustworthy, maybe NOT !
The best step forward here would be to self compile the code or even to write your own in house editor code, there's a few excellent OS IDE development environments out there (my personal favourite being the Lazarus IDE) where writing a feature subset of text editor like this is relatively straight forward.
As a last note (or maybe 2 notes), firstly I just installed the latest release of NP++ are noticed that the auto-updater feature is automatically enabled on the NP++ startup - WTF !!! - hasn't he (or others) learnt their lesson from this debacle. Secondly, people have very short memories, Linux Mint had a scenario a few years ago where their repository was hacked and resulted with the system having to be reinstalled - wasn't too pleased with them either then.
Biting the hand that feeds IT
