Hacker News new | ask | show | jobs
by okket 3579 days ago
Your line downloads and executes the latest version of the gist, it could have changed from a file check to a virus installer by the author (unlikely, but I have to point it out). To be a bit more safe (while trusting that GitHub is not compromised) pin a known, verified version:

  curl https://gist.githubusercontent.com/kaizensoze/ca96d039b295db220951d42ca7c83d89/raw/a26e5a025ea21d3a0af536eeca49619272d0068f/quick-osx-keydnap-check | bash
(sorry for the overlong line)
1 comments
heeen2 3579 days ago
this pattern is just as dangerous (maybe less for github if you trust them) because you can detect curl and deliver malicious code: https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-b...
link
okket 3579 days ago
> this pattern is just as dangerous

As a general pattern, please do not do this. In this specific case I think most people trust the service (GitHub) and their DNS recursor + SSL library. Attacking these is not on the level of "random drive-by phishing", more like "targeted high value state sponsored".

To avoid this discussion I did not include the curl version in my original posting.

link