As in, this person is being an asshole. That's what's terrible.
-
-
Replying to @steveklabnik
@steveklabnik Asking people to download and run shell scripts using sudo isn’t super great either, but that guy is being a total jack hole.2 replies 0 retweets 0 likes -
Replying to @adamauden
@adamauden yeah well in our case there's a number of ways that issues are mitigated2 replies 0 retweets 0 likes -
Replying to @steveklabnik
@steveklabnik@adamauden downloading a .pkg, putting in your password, and letting it go to town is no better.1 reply 0 retweets 4 likes -
Replying to @wycats
@steveklabnik@adamauden maybe there's an argument I haven't heard yet, but arguing for a .pkg over | sh feels like a placebo to me.1 reply 1 retweet 4 likes -
Replying to @wycats
@wycats@steveklabnik Depends on the package and source. Cryptographically signed from a trusted source is better, no?3 replies 0 retweets 0 likes -
Replying to @adamauden
@adamauden@wycats@steveklabnik you see the URL where .sh is from1 reply 0 retweets 1 like -
Replying to @vivainio
@vivainio@wycats@steveklabnik That’s true, but if the server were compromised and that scrip modified it would still look legit.3 replies 0 retweets 0 likes
@adamauden @vivainio @steveklabnik and if the server was compromised a .pkg would look legit
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.