Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The smaller the attack surface, the better. There is no need to expand it unnecessarily. By your logic, we shouldn't even use the binaries provided by the official package manager, because they also cannot be trusted.

We are talking about the dangers of the installation method. Not the program itself.



> We are talking about the dangers of the installation method. Not the program itself.

It only makes sense to separate them if you install the program and then never run it which is obviously ridiculous.

> There is no need to expand it unnecessarily.

I agree, but it is necessary because there aren't any good alternatives.

Also it is very minimal additional risk. If it wasn't we'd see it used as an attack method and as far as I know that has yet to happen once.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: