You can read the script before installing. It's pretty straightforward—just grabs the appropriate binary from GitHub and puts it in /usr/local/bin.
Installing via package managers or installers also runs remote 3rd party code on your machine, so I don't see much difference from a security perspective. You should make sure you trust the source before installing anything.
Of course one can and should read the script before running it, but the instructions promote just the opposite.
Even if we skip a step ahead and consider that this script then installs a binary blob... the situation doesn't get any better, does it?
If you find any of this as something normal and acceptable, I can only strongly disagree. Such bad practices should be discouraged.
On the other hand, using a distro's package manager and a set of community approved packages is a far better choice when installing software, security vise. I really don't see how you could compare the two without plainly seeing the difference, from a security perspective.
As an alternative, if the software is not available through a distro's package manager, one should inspect and compile the code. This project provides the instructions to do so, they are just not promoted as a first choice.
I can't help coming to a conclusion, that you've largely made my point about bad practices and having a wrong mindset when it comes to software security.
The instructions presume that one would follow best practices when installing something where the source is available, and doesn't need to explicitly include all the steps to do so in this context. You are correct in that it would be bad practice to blindly install something, but knowing what you are installing is the first step to installing when you are following best practices. That onus is on the person doing the installing, not the installation instructions.
Was the above post propaganda? Or was it just a user recommendation?
Perhaps the reason it gets mentioned often is simply because it's a good piece of software. Then again, perhaps not!
In any case, I'd be careful about using 3rd party DNS (and other) services, but that's for the user to decide, depending on the situation one is in.
Using one's own resolver is always a good practice, even in countries where ISPs are not selling customer's private data to anyone that comes along and where governments don't monitor and repress their citizens on every step...
We live in strange times where even EU countries misuse resolvers to censor certain web pages, while, for example, independent Balkan countries do not. Go figure...
The linux kernel has a built-in firewall, and provides iptables to configure it. Firewalld is also installed by default at least on Fedora, and UFW for debian-based.
Unless this is just a battle of semantics on the fact iptables/firewalld/ufw are user space apps.
I think the main gripe is Google's lack of API to access a firewall. It would make sense for the kernel to provide that API and leave the UI to user space apps.
Edit: and to clarify, you can have a user space app on Android to configure a firewall but they will either require root or a VPN-based solution like NetGuard.
Afternoon becomes an evening when the sun starts to set. An evening becomes a night when the sun is fully set.
"I was up at two this morning" has several implied meanings. One of them equals to "I was up until two last night", others do not.
If you were up until two last night, you might legitimately express that with "I was up at two this morning". But if you were up at two this morning, saying "I was up until two last night" might or might not convey the truth. For example, you might have just gotten up.
Many if not all languages have nuances like this. I don't find them particularly odd at all, or specific to English, for that matter...
... because I was just reading about Michael J. Fox's Parkinson's disease (because of his recent movie "Still") and apparently he and two other people who worked in his earliest TV show (where he was a secondary character) got early onset Parkinson's, and he claims this is a mere coincidence, not enough to consider this a relevant "cluster" of Parkinson's.
In both cases it's three people who worked closely together catching a relatively rare disease. I wonder if it's relevant for Tarkovsky, given that Michael J. Fox thinks it wasn't relevant for him...
well the main difference seems to be that some crew in stalker stated they had the sense of being poisoned in that dust and fume cloud and also developed accute allergic reactions. Its still all just based on the statements of the sound technician, i did not find interviews with other crew that said the same, but i'm sure there are some interview transcriptions in russian print somewhere. In the end the best source would probably be the estonian death statistics for cancer increases closer to those areas or further downstream the same river.
That got me wondering at a first glance too. But in this case, the word stands for "čuda" not CUDA.
Čuda = miracles, wonders, in Serbian (and several other languages).
And odd conglomerate of words from different languages perhaps, one even anglicized (ASCIIzed?) at that... Well, it does get the people talking, I suppose.
In trademark law, the owner of a mark (Nvidia in the case of CUDA) can usually make someone stop using a mark if it would lead to “consumer confusion about the source of the goods” (i.e. people seeing “CudaText” and assuming it has an association with Nvidia/CUDA).
IANAL, and have no idea how likely Nvidia would be to succeed in a trademark dispute with this developer. But in situations like this, it’s often good to just not use a name if a large section of your target audience could become confused upon hearing it. Even if you didn’t know about the other product when you came up with your name, and even if it’s technically legal.
Author of CudaText here. If I will get the complain from NVIDIA I can rename the project to 'CudeText', word 'cude' is 'miracle'. Now I think that similar name was a little mistake from my side, I needed to name it 'CudeText' earlier.
It's done afterwards, once you've safely reduced the speed of your vehicle, not during the initial emergency braking.
It's basically a heads up for all the vehicles far behind you that haven't yet noticed a sudden change in the flow of the traffic. Gives them more time to reduce speed without haste.
You don't actually need to give the changes back to the community, you only need to give the changed code to those you distribute the modified software to.
In other words:
- if you don't publish the modified software, you don't need to give the changed code to anyone
- if you distribute the modified software to a single entity, you only need to give the changed code to that single entity (and they absolutely do not need to publish it)
- etc.
I know people mostly view this through the eyes of large public projects, forks, etc., but there more to it then that.
Enticing users to blindly run remote 3rd party code on their machines is IMHO not a proper thing to do.
This approach creates a dangerous mindset when it comes to security and good practices in general.