pull down to refresh
1 sat \ 2 replies \ @ek 7 Apr 2023 \ parent \ on: PSA related to the macOS Bitcoin whitepaper discovery bitcoin
I see your point but I also see a difference between running random code and being suspectible to the issues mentioned in the article vs running code which is more or less guaranteed that it does what you want:
(also from the mentioned article)
Things not mentioned are for example checksums which are also checked automatically by package managers.
In fact it goes further than that - pretty much every Linux package manager will refuse to even load packages from a repo unless the repo's PGP key matches up with the public key on your local system. You cannot add a new repo without adding the PGP key. If a malicious actor hacked the repo, they could not push out packages without also obtaining access to the private PGP key of the repo owner.
Windows users may be used to installing random executables, but Windows systems also tend to have a lot of malware. Linux has many extra layers of security vs Windows, which doesn't even have a package manager unless you install a third party one - same is true of macOS as well, if we're being fair.
Point is, when discussing Linux security, saying "but piping random scripts direct to bash with sudo is as secure as Windows" is basically the computing equivalent of "better love story than Twilight."
reply
Great addition, thanks.
Really interested to see if this changed @zuspotirko's mind
reply