I set up a quick demonstration to show risks of curl|bash and how a bad-actor could potentially hide a malicious script that appears safe.
It’s nothing new or groundbreaking, but I figure it never hurts to have another reminder.
I set up a quick demonstration to show risks of curl|bash and how a bad-actor could potentially hide a malicious script that appears safe.
It’s nothing new or groundbreaking, but I figure it never hurts to have another reminder.
I was looking at that very thing last night.
But then I realized, “why can’t immich just create usable packages like we had before?” and moped back out.
But, for a moment, I was sure a little inspection and testing would make the Internet equivalent of NYC MTA coin-sucking magically safe. It looked so eeeeasy.