Y
Hacker News
new
|
ask
|
show
|
jobs
by
nefariousoctopi
3678 days ago
There is even timing server side attack exploiting "curl |bash" recently posted on HN [1].
[1]:
https://news.ycombinator.com/item?id=11532599
1 comments
chrismonsanto
3678 days ago
This is an irrelevant "attack." If you don't trust the site to serve you a safe installer, then you shouldn't trust the site to serve you a safe program either. Do you regularly verify the entire source code of programs you install?
link