Comment by greatgib
14 hours ago
It blows my mind that nowadays, some random tools on internet tells you to do "curl -fsSL https://.... | bash" to install some "binary" things and a lot of people will do it without hesitation.
It probably explains why there is so many data leaks recently but it is like we did a 20 years jump back in time in terms of security in just a few years.
How else are you going to get your openclaw to run blazingly fast??
But seriously, I think there's a bit of overzealousness/misalignment in security lately with a disregard for usability and privacy, making people less tolerant of dealing with inconveniences.
I get the hesitation :D But the code is open and the install.sh is as minimal as it gets tbh. Still, as said, I get the hesitation. What a time to be alive.
It does not install binaries, it builds the binary by checking out the project basically. You can also do the process manually and use the tool.
> But the code is open and the install.sh is as minimal as it gets tbh.
I bet 99.9999% of users do not review the code nor the install script.
One day folks who live inside commandlines and TUIs all day will realize that there's nothing particular about webapps or the sandboxes that they execute in that requires we build exclusively graphical runtimes around them, instead of taking advantage of the same security and distribution model for programs accessible and usable from within terminal emulator.
Is it that different from downloading and running a binary?
No, but who said that downloading and running a random binary found on internet is a good idea?
As I said, it's like being back 20 years back in the past.
Cowboys rule the internet.