upvote

points

by angry_octet13 hours ago |
comments
upvoteby danielheath13 hours ago|
next
[-]
Yes, we should be.

My computer should run programs when I tell it to run them.

Don’t blunt _every_ tool just to make them harder to cut yourself on.

reply
upvoteby angry_octet12 hours ago|
parent|
next
[-]
I hope you're in the very small minority of people who rigorously manage untrusted downloads and whitelist every binary, because you're operating an appliance from the 1970s, sticking a metal fork into an un-earthed toaster. Most people need help from their operating system.
reply
upvoteby b65e8bee43c2ed09 hours ago|
parent|
[-]
then we, the very small minority, want a button to disable that help.
reply
upvoteby rtpg11 hours ago|
parent|
prev|
next
[-]
Increased metadata isn't tool blunting in itself though, even if MacOS uses it for being... annoying is one way of saying it.

Provenance information bundled into a file is not the worst idea in the world IMO. We have created/modified timestamps on files already, right? There's definitely the question of "why" but hey if more of my binaries just had at least a tag about who put them there that would be a win in my book.

Not an argument for doing what MacOS does, just an argument that the info would be nice to have.

reply
upvoteby danishanish10 hours ago|
parent|
prev|
next
[-]
It’s not blunting a tool, it’s sheathing it. Modern software requires too much proxied trust for this attitude to work.
reply
upvoteby Joker_vD12 hours ago|
parent|
prev|
[-]
I sincerely agree. By the way, thanks for lending your machine for my "Network-Retransmission-and-Compute-as-a-service" network.
reply
upvoteby emmelaich12 hours ago|
prev|
next
[-]
Tar on linux will. e.g. selinux attrs and other xattrs.

Open question, is it worth attempting to main these semantics between mac and linux.

reply
upvoteby worthless-trash7 hours ago|
parent|
[-]
No,

I just assume apple will break the behavior when they want to.

reply
upvoteby nottorp3 hours ago|
prev|
next
[-]
> Are Linux users not also subject to drive-by downloads impersonating valid files?

Linux users generally install software with apt or rpm. Or steam.

The existence of any executable file outside the system dirs it a red flag in itself.

reply
upvoteby bitfilped12 hours ago|
prev|
[-]
Should I be able to run files I download on my own computer? I think yes I should, hate fighting MacOS to do simple tasks because Apple engineers assume the end user has the average intelligence of an ostrich.
reply
upvoteby shawn_w9 hours ago|
parent|
[-]
That might be an overly optimistic assumption for the typical user, to be fair.
reply