Verified facts. I work in a co-working space and coffee shops. NOBODY locks their laptop when they leave it. They don't even close the lid! Similarly, people are fine with disclosing their name and DOB at the pharmacy regardless of queue length. Or having their license cards facing outwards for the world to see (and read).
Back in the day at LAN parties, if you did that you might come back to find your mouse buttons had been reversed, your desktop icons had been cleared and replaced with a screenshot of your desktop icons as wallpaper, or worse. We called it "leaving the keys in the ignition". Simpler times back then, but a great kick-start to opsec.
There are definitely problems with homebrew, but user-owned directories isn’t high on the list, imo. Your ssh private keys, startup scripts, and any number of other things that can do serious damage are all owned by your user. Frankly, if install vim as my user, I want it to execute instead of the built-in version, unless I’m running a command with sudo, in which case the system binaries take precedence. So I don’t even see path order as a major issue here. If someone has compromised your user, you’re compromised whether you’ve used homebrew or not.
Verified facts. I work in a co-working space and coffee shops. NOBODY locks their laptop when they leave it. They don't even close the lid! Similarly, people are fine with disclosing their name and DOB at the pharmacy regardless of queue length. Or having their license cards facing outwards for the world to see (and read).
> NOBODY locks their laptop when they leave it
Back in the day at LAN parties, if you did that you might come back to find your mouse buttons had been reversed, your desktop icons had been cleared and replaced with a screenshot of your desktop icons as wallpaper, or worse. We called it "leaving the keys in the ignition". Simpler times back then, but a great kick-start to opsec.
[flagged]
There are definitely problems with homebrew, but user-owned directories isn’t high on the list, imo. Your ssh private keys, startup scripts, and any number of other things that can do serious damage are all owned by your user. Frankly, if install vim as my user, I want it to execute instead of the built-in version, unless I’m running a command with sudo, in which case the system binaries take precedence. So I don’t even see path order as a major issue here. If someone has compromised your user, you’re compromised whether you’ve used homebrew or not.