← Back to context

Comment by m417z

10 hours ago

When you install or run a program, how do you make sure it doesn't include malware? I assume that you check for the author's record/reputation, and perhaps look at the source code if it's available.

It's similar with Windhawk mods. The GitHub and X profiles are verified to be the profiles of the author, so you can decide whether you trust them. The source code is available, so you can inspect it as well. Mods are single-file and usually short, which makes it easier to review than an average program.

2 comments

m417z

Reply
orbital-decay  7 hours ago

To review these third-party mods one needs to understand C++, Windows programming, and fairly obscure theming-related parts of its internals, some of which are undocumented/reverse engineered, and many have poorly understood side effects. This is a pretty specific combination of skills that slowly approaches arcane status, even if might feel otherwise to some. But again, larger apps are indeed harder to review than this.

(this particular mod is 100% innocuous, though)

  • deburo  6 hours ago

    Huh, with AI you can always "review" those mods. They are small enough. Anyway they are distributed via the creator's github repo, so it's already somewhat of a peer reviewed mechanism.