←back to thread

Is it possible to allow sideloading and keep users safe?

(shkspr.mobi)
205 points ColinWright | 2 comments | 30 Aug 25 12:03 UTC | HN request time: 0.02s | source
Show context
m463 ◴[31 Aug 25 05:39 UTC] No.45080628[source]
"sideloading" connotates something that is negative.

On systems before apple's locked-down iphone, it was just called "installing".

The PC revolution started with people just inserting their software into the comptuer and running it. You didn't have to ask the computer manufacturer or the OS vendor permission to do it.

And note that apple doesn't allow you to protect yourself. You cannot install a firewall and block arbitrary software on your phone. For example, you can not block apple telemetry.

replies(8): >>45080727 #>>45080995 #>>45081451 #>>45082064 #>>45082687 #>>45083125 #>>45088266 #>>45100572 #
pjmlp ◴[31 Aug 25 06:01 UTC] No.45080727[source]
Which is why alongside freedom came the business of anti-virus.
replies(3): >>45081201 #>>45081373 #>>45083051 #
wiseowise ◴[31 Aug 25 07:39 UTC] No.45081201[source]
Never in 20 years of using Linux/Macs I’ve ever needed anti-virus.
replies(7): >>45081249 #>>45081507 #>>45081768 #>>45081860 #>>45082078 #>>45082191 #>>45082263 #
pjmlp ◴[31 Aug 25 08:32 UTC] No.45081507{3}[source]
Many people also never need insurances, until they do.

How is that curl https://... | sudo sh going?

replies(1): >>45081736 #
saagarjha ◴[31 Aug 25 09:17 UTC] No.45081736{4}[source]
Given its prevalence, I think it's actually going surprisingly well
replies(1): >>45081953 #
1. mike_hearn ◴[31 Aug 25 10:03 UTC] No.45081953{5}[source]
Only if you ignore the "npm install" or "pip install" moral equivalent. Free open source packages that come with a side helping of malware have become common in recent years.
replies(1): >>45082045 #
2. saagarjha ◴[31 Aug 25 10:24 UTC] No.45082045[source]
Oh I included that I just think that statically things are mostly going fine (unless we are all secretly backdoored in a way that has yet to be made public).