**Lars Wirzenius** @liw@toot.liw.fi · 2019-08-12T10:50:24Z

Lars Wirzenius @liw@toot.liw.fi

I'm about to launch some new software. It will be installed using

curl ... | sudo dd of=/dev/sda

I've heard that "curl | bash" is insecure, so we're improving on that.

**ersatzmaus** @ersatzmaus@mastodon.social · Aug 12, 2019, 11:03

**ersatzmaus** @ersatzmaus@mastodon.social · Aug 12, 2019, 11:03

ersatzmaus @ersatzmaus@mastodon.social

**Inductive nat : Set** @nore@framapiaf.org · Aug 12, 2019, 17:24

**Inductive nat : Set** @nore@framapiaf.org · Aug 12, 2019, 17:24

Inductive nat : Set @nore@framapiaf.org

@liw Actually, this is maybe more secure than "curl | bash", because "curl | bash" can be detected server-side with the server serving a different, non-suspicious payload when the file is examined in a browser (see https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/ for instance).

**scolobb** @scolobb@bidule.menf.in · Aug 13, 2019, 21:48

**scolobb** @scolobb@bidule.menf.in · Aug 13, 2019, 21:48

scolobb @scolobb@bidule.menf.in

@liw Indeed, you're using sudo, a well-known solution to most security problems 👏 😂