[alexvoda]

Executing random scripts copy pasted from the internet which download and execute code from some internet resource was always a dim idea.

This is also way more common on Linux.

[2OEH8eoCRo0]

I still blame Google or big tech for this. If everybody were more open users wouldn't need to resort to shady shit.

They use shady hackers as an excuse to build their walled gardens which creates more shady hackers.

[alexvoda]

It would be good if it was just that. This is an industry wide problem. Here are some examples that come to mind:

https://www.rust-lang.org/tools/install

The official install instructions for rust are to copy-paste and execute some script which then downloads code from the internet and executes it.

https://www.spotify.com/us/download/linux/

The official install instructions for Spotify are to copy-paste and execute some script which then downloads stuff and then use the downloaded file inside a comand executed as a super user. Same for VS Code:

https://code.visualstudio.com/docs/setup/linux

I am sure I can find many more such examples.

The classical Windows flow of download a random executable installer from the internet, it is automatically scanned by an antivirus, execute it, get a notification about its signature, and only afterwards maybe get a request for admin rights, is superior to sudo-wget:

https://tserong.github.io/sudo-wget/

People WILL download and execute shit from the internet. It is better to provide warnings where risk is involved instead of normalizing the riskiest path. sudo-wget is like unprotected sex during a one night stand.

[rolph]

this was hosted on github

https://web.archive.org/web/20220410191509/https://github.co...

so in a manner of speaking, microsoft platformed it. wateringhole/supply chain attack, that promised to fill a void and also created a browser hijack experience, rich in scam ads and promotionals.