undefined | Better HN

0 pointsJanisErdmanis12h ago0 comments

Sometimes I wonder why we don't just treat an installation script like curl https://alx.sh | sh as a universal option for distributing applications. The provenance is there via the HTTPS certificate, and if you're already about to trust an application that can compromise your system, why not trust the installation script as well?

0 comments

layer812h ago

The most important argument is phishing. People aren’t good at recognizing when a web site is legitimate. One reason that app certification is a shitshow is that recognizing bad players while minimizing false negatives and false positives is a difficult problem. Domain names fundamentally don’t solve that problem.

realusername12h ago

> Domain names fundamentally don’t solve that problem.

App certification doesn't solve that problem either.

pjmlp12h ago

Because even with HTTPS that script might not do what you expect and then is too late, xz style attack.

kibwen9h ago

You're already installing a binary, the script is not the weak link here.

j / k navigate · click thread line to collapse