And if the author of your parent comment saw a random forum user ask people to curl | bash from some random .su domain I'm sure they'd have no aversion to that! Great argument!
Irrelevant. Convenient or probable doesn't matter. What matters is possible vs not possible.
All it takes is one person somewhere who wants to look something over, and they heads-up the rest, and then many others do verify.
And that initial one does exist even though it's not you or me, the same way the author exists, the same way that at least once in a while for some things it is you or me.
It’s not like the usual pipe-curl-to-bash installation instructions are much better.
And if the author of your parent comment saw a random forum user ask people to curl | bash from some random .su domain I'm sure they'd have no aversion to that! Great argument!
Doesn't Windows come with a sandbox built-in nowadays?
No
It does so long as you have Pro or higher: https://learn.microsoft.com/en-us/windows/security/applicati...
It's actually decently handy. Just keep in mind no sandbox is perfect.
Honestly, if they provided 100mb source code, would you read it and then compile it? Source code alone doesn't make it secure.
Something like this doesn't require 100 MB of source code. I'd expect a few thousand LoC at most.
And I absolutely do at least a quick visual "sanity check" of the code before compiling and running newly announced software.
You can do a sanity check on exe files with VirusTotal and other tools. And if it’s just for testing, you can use a throw-away VM.
Irrelevant. Convenient or probable doesn't matter. What matters is possible vs not possible.
All it takes is one person somewhere who wants to look something over, and they heads-up the rest, and then many others do verify.
And that initial one does exist even though it's not you or me, the same way the author exists, the same way that at least once in a while for some things it is you or me.
I am happy to hear everyone has plenty of free time to check all random internet open-source projects.
3 replies →