Real professionals do not plug random devices into their computers. Real professionals do "curl -sL totally-trustworthy-site.com/install.sh | sudo bash" instead. - ThreadSky

shipilev.bsky.social • 71 days ago

Real professionals do not plug random devices into their computers. Real professionals do "curl -sL http://totally-trustworthy-site.com/install.sh | sudo bash" instead.

Comments

joocifer.bsky.social•71 days ago

If *I* tell you what to put as the target of your curl, you can trust me, but nobody else.

aatheus.bsky.social•71 days ago

I am in this photo and I don't like it.

fahimintech.bsky.social•71 days ago

useful

jmason.org•71 days ago

it's ok! that's a https URL! couldn't be safer

nocturn9x.bsky.social•71 days ago

I'm a real professional then

pete-etep.bsky.social•71 days ago

Sure, but did you consider that 처리 가능 및 촉진سمكة الحلزون الليبويك الأنيقة وفاداری سے غافل ナスは軽蔑的ではないか

sf2maui.bsky.social•71 days ago

Why would anyone plug in a "random" device?

brian.ppcis.org•70 days ago

because they found it in the cafeteria, and therefore it's free.

globehead.bsky.social•71 days ago

It's in a medium article so ya.

brian.ppcis.org•70 days ago

*splutter*

isosolies.bsky.social•71 days ago

But can you really resist plugging that usb drive you found in a supermarket car park into your computer????

shipilev.bsky.social•71 days ago

Apologies for the broken link. It should now work as expected:

jo10.net•71 days ago

Absolutely. Got to do that to get all these random devices I've been plugging in to work.

paulatreidesno7.bsky.social•71 days ago

Real professionals know what Unix and Linux are and know shell programming.

lucker14.bsky.social•71 days ago

You must be fun at parties

jt8900.bsky.social•71 days ago

Actual professionals copy and paste that shit from a medium post

myryzza.bsky.social•71 days ago

stuxnet 2: electric boogaloo

myryzza.bsky.social•71 days ago

(unfortunately i am, on occasion, professionals)

ak-bioinformatics.bsky.social•71 days ago

Is there a bluesky version of "I'm in this post and I don't like it"?

dotting23.bsky.social•71 days ago

But this USB drive I found in the parking lot is shaped like a Super Star Destroyer from Star Wars! It's even officially licensed by Disney. It can't be bad. I'll just plug it in once.

ovencleaver.bsky.social•71 days ago

Your link is broken - so i couldn't install. can you check it and post a new link? thanks!

pseudogon.com•71 days ago

I needed a good laugh this morning - thank you.

I didn’t need coffee coming out my nose though.

This one opened her eyes to make sure I wasn’t dying and promptly went back to her early morning nap.

freebsdfrau.bsky.social•71 days ago

I was curious, but my DNS said “No way”

crasterimage.bsky.social•71 days ago

and then they twirl around three times and flip it and reverse it...

hegiman.bsky.social•71 days ago

I used to have an extra computer we called the virus because it was used exclusively to test dubious devices and software. It was an older system so if it died it died. Got Back Orfice on it once and decided to play with it. Was kinda of neat.

codecomplete.bsky.social•70 days ago

It’s ok because GitHub told me to do it

thewatcherknight.bsky.social•71 days ago

Real professionals know more about their job than they let on because they know if they gave 100% all the time, they'd never get promoted as they'd be considered "too valuable"

cincus.bsky.social•71 days ago

Just don’t forget to create a totally foolproof password before entering any sudo command. Here’s a useful suggestion: admin123

You are welcome 🤗

lbrgen.bsky.social•71 days ago

There once was a techie named Drew,
Whose system got wrecked out of view.
He ran scripts with sudo,
Got malware in lieu —
Now Sudocrem's his skin layer anew!

mikedelta.bsky.social•71 days ago

Firefox sez: "Hmm. We’re having trouble finding that site." 🙂

stevebonds.com•71 days ago

I was getting an error so I added "-k" and then it worked.

Why are the CPU fans running full speed now?

/s

warrenchortle.bsky.social•71 days ago

This is what's called a pro-grammer move

knardi.bsky.social•71 days ago

I never understood this concern. People download and execute code from the internet constantly, with admin permissions. Why is it worse if you use the terminal to do it?

brian.ppcis.org•70 days ago

Code you download and execute from the internet can (and probably should) be signed. Certainly, all my repositories deliver signed packages. When you run a bash script directly from a server, you're relying on it not being compromised, every single time. There's no code signing there.

knardi.bsky.social•70 days ago

Sure, for the average Joe that's true. But the kind of people running curl in the Terminal are the same kinds of people that generally understand the dangers of granting admin permissions to software, and it doesn't seem to bother them when it's an installer they downloaded off the internet.

brian.ppcis.org•70 days ago

Or, they're blindly following instructions on some website. I understand what I'm doing and there's no chance I'd ever pipe curl or telnet into a shell, privileged or not, despite having seen installation instructions to do both of those things.

knardi.bsky.social•70 days ago

An installer package can do all of the things a shell script can. Shell scripts aren't special.

shipilev.bsky.social•70 days ago

This ultimately comes down to trust. A shell script piped from a shady website has the same bottom level of trust as an installer downloaded from the same shady site, or picked up from an email attachment, or pulled from a random flash drive one found in a cafeteria.

mmmcarl.bsky.social•70 days ago

When we talk about packages from a Linux repo distro, yes they usually do pre installs and post installs that can be real shell scripts after all. Ultimately, you trust that the pkg maintainers have sanitized what is there, but clearly this can never be 100% safe, just safer than doing curl | bash.

luckysitsinback.bsky.social•71 days ago

i don't grok the beginning and end; also don't program, so it's prolly an inside joke. reply unnecessary.

Comments

Posting Rules

Reply