Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
xeromal
4mo ago
0 comments
Save
Share
Yup, the only way to combat this as a smalltime dev would be to turn off auto updates and make people build from source.
0 comments
5 comments · 2 top-level
top
newest
oldest
m-schuetz
4mo ago
· 2 in thread
Why woul building from source be safer? Are you veting every single line of third-party source code you compile and use?
g-b-r
4mo ago
You're sure not vetting
any
byte of an executable, so building from source
is
safer.
m-schuetz
4mo ago
Binaries or source, it's pretty much the same unless you thoroughly vet the entire source code. Malicious code isn't advertised and commented and found by looking at a couple of functions. It's carefully hidden and obfuscated.
1 more reply
tjwebbnorfolk
4mo ago
· 1 in thread
yea `curl <url> | gcc` is much safer...
trympet
4mo ago
Security through ..rarity? Maybe not for nation state actors though.
j
/
k
navigate · click thread line to collapse
