Comment by fijiaarone
Comment by fijiaarone 7 hours ago
Everyone has been trained for years to do this:
curl http://obscure.url?random-string | sh
Comment by fijiaarone 7 hours ago
Everyone has been trained for years to do this:
curl http://obscure.url?random-string | sh
No they haven’t, they’ve been trained to do
curl https://url-of-well-known-project | sh
I may not trust the owners of a random domain, but I certainly trust the owners of rustup.rs not to do anything intentionally malicious.I guess you don’t think the Rust programming language is a serious project, then?
or even this:
git clone http://github.com/unknown/repo.git && cd repo && npm install
If there were a legitimate looking GitHub how-to page that asked me to do that, I can see myself doing it. Fortunately, I ignore all security issues on my repositories.