←back to thread

Game launcher installs Root CA certificate on your machine (2024)

(github.com)
61 points vandalism | 1 comments | 07 Sep 25 01:13 UTC | HN request time: 0.202s | source
Show context
sneak ◴[07 Sep 25 01:39 UTC] No.45154582[source]
The entitlement of application authors to do whatever the fuck they want on your machine is astounding to me.

Root CAs, background processes 24/7, uploading of the full process list, clipboard spying, local network scanning, surveillance (aka telemetry) - when did developers decide that our machines aren’t ours anymore?

replies(5): >>45154600 #>>45154605 #>>45154643 #>>45154652 #>>45154741 #
1. guessmyname ◴[07 Sep 25 01:48 UTC] No.45154643[source]
Add to the list exfiltration of $ENV (environment variables), which often include secret keys and app tokens. I have seen many young developers expose their $ENV on GitHub when other developers asks them to share their “go env”, or similar commands, while debugging a problem.