Have you ever found a GitHub project or anything that seemed nice and tempting to install until you dug a bit deeper?
What are some red flags that should detur anyone from installing and running something?
Have you ever found a GitHub project or anything that seemed nice and tempting to install until you dug a bit deeper?
What are some red flags that should detur anyone from installing and running something?
If it’s not open source or you are not compiling it:
Why so much fear about the shell script but no fear from the executable?
If it’s open source and you are compiling it:
If you don’t fear the project because you (presumably) have read the source code and determined that it’s fine, why fear a shell script that is most certainly simpler, and you can read it like the rest of the code?
Huh? Fear from both.
If you fear both, and
curl | shis a red flag. Binary blob is also a red flag, if you fear them both equally.Has every software that runs in your computer been compiled by you?
No, but much of it comes from software repositories, which is exactly the point.