One could argue the fact that installing Windows software is sometimes still like this is because of the lack of restrictions against it. If users required Filezilla to be distributed in the Windows app store, it could be less of an issue. If you downloaded untrusted Filezilla and executed it raw on any platform it could be an issue. The same anti-freedom arguments are always there in the name of safety. "If you aren't building anything dangerous, why do you have a problem with curation?" they say. Sadly it seems as devs grow into larger companies and prefer the latter, they forget their indie beginnings enabled by the former. Either you accept that people can run untrusted executables or you give up the flexibility to build/use/distribute untrusted executables yourself. The problem is that by blaming the platform, people keep putting the onus on these OS's, distros, etc to build walls around carefully curated gardens. Running untrusted executables on any platform can be trouble. > The long term solution is to get off the platform. The long term solution is to get off the platform. This is challenging because you have to track the reputation of each individual vendor and users have proven unable to even consistently download the software from the right page let alone judge individuals vendors track record. The obvious and immediate solution is to abandon vendors who behave like this. Its truly amazing to me that installing windows software is still like this. They have decided that tricking people into downloading malware is a reasonable alternative to charging money for their software or soliciting donations. Bundled installers are not."ĭangerously ignorant person here what they are actually saying is that they have no way on earth to be sure what's even IN the bundled packages nor what it will do to the users computer. Checksums can only be provided for the non-bundled packages, because they're static. Not matching filename = the checksum is NOT for that file. "The hash doesn't match because the filename doesn't match."Ī fully descriptive answer is that they don't have a checksum for the bundled package but botg doesn't want to say this.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |