I am deep in the rabbit hole of looking into an apparently deeply scammy looking zsh plugin manager called "zi".
I think it's an extremely bad idea to use "z-shell/zi" or anything else from the same "creators". There's an entire field of red flags here.
I'll start with its origin: it's apparently a fork of zinit, which was a project created by zdharma (Sebastian Gniazdowski).
I say apparently because the "fork" was created by bulk importing all the original zinit code: https://github.com/z-shell/zi/commit/2f749f9c3f49d872d4d277a450d36d8a6e64ac08.
This happened a few weeks after zdharma disappeared off the internet and deleted all their repos. That makes it a bit less of a red flag—it might be the only way to rescue the code—but rescue forks should still acknowledge they are forks.
Making a rescue fork of an abandoned project is normal (e.g. https://github.com/zdharma-continuum/zinit).
You know what's not normal? Creating an organization with the same name as their deleted GitHub username so that anyone who comes to find the old repos finds the projects you now control.
Props for making it look creepy as fuck, though.
That's not their main org though.
Their main org is called...z-shell. This is the first thing that threw me when I stumbled on this—this isn't official zsh docs, but it's all hosted at wiki.zshell.dev, which feels like an attempt to _seem_ official.
Here's the site: https://wiki.zshell.dev/
They're good at throwing together believable looking project websites, so long as you focus on the visuals. Lots of flashy imagery (some of these icons are animated, too) to distract from sentences like "Instant prompt postponing plugins loading to a moment when the processing of .zshrc file is finished."
Oh, it's not a "wiki" in any sense except that I guess you could submit a PR to it on Github, if you were wondering.
The project is a plugin manager for zsh, because that's what zinit was, though they don't make that clear here.
There's a minute long asciinema on the page of the installer script running, which shows that they like flashy colorful outputs but doesn't really give me any impression of the claimed "speed" (https://asciinema.org/a/509113). Why would this be your "see it in action"?
Also their install script starts with "Installing interactive feature-rich plugin manager (z-shell/zi)". Gotta love that.
So how do you install this?
Well it's easy, you just...wait, you WHAT?
You um...you add a curl directly to your .zshrc. You're sourcing this from the website _every time you open a shell_.
That's gotta be the slowest possible option, to say nothing about the security concerns.
That page is a redirect to the init script on Github. At the moment. It sure could change.
But if you're concerned about that, they have "verified" installation instructions, and I...I can't even.
Just put a hardcoded checksum in your zshrc and if the script you download doesn't match it, refuse to do anything.
Why wouldn't you just download the current version? Why constantly re-download it on every shell invocation just to check that it's unchanged?
...I can't even
Anyways by this point the picture I have is that the "devs" don't know what they're doing.
There's a non-malicious explanation for all of this, and indeed, I think a non-malicious explanation is in order. They're cosplaying as open source developers.
Actually building a useful project is hard. Grabbing someone else's, throwing up some flashy pages, and borrowing credibility from other projects with look-alike names is far easier.
I wouldn't trust any code from this site, malice or not.
Oh, and that ain't all they cosplay as.
They also run a "marketing firm" staffed by generic AI faces, for instance.
...I told you I was *deep* in this rabbit hole
Let's back up. Who are the devs of zi?
Well, they have a "Contributors" doc. Let's take a look.
At first glance, it's a lot of them.
(yes, I see the project logo. We are going to come back to that. It's a whole separate thing. Seriously.)
You're probably not surprised at this point to learn what isn't on the list: any mention of zdharma or the original project this forked off of.
You might also be unsurprised to learn that the vast majority of these "contributors" have exactly one commit. It's not even clear to me all of them want their profiles under "Contributors" here, though plenty of them seem kinda scammy.
It seems like the real owner of the project is Salvydas Lukosius, aka "ss-o".
Unshockingly he's real into AI, btw. WiseHub offers "Generative AI to boost your business" on their generic marketing page.
We can identify some signatures of Salvydas's on the pages for these businesses, like putting some arbitrary words in all CAPS, including "FAQs" that were clearly generated by an LLM, and my favorite...well, just see for yourself.
So what, right? This is all _probably_ harmless, if it's just business cosplay.
After all, I can't imagine anyone actually engaging a marketing firm that uses "RESULT$" right on their website. And I have no idea how anyone would find and stumble into these fake businesses.
But Salvydas isn't lying about one thing. He's good at "SEO".
By which I mean, his project is beating zsh.org itself in my search for "zshell"
This is how I found it. I was searching for some info on zprof, because what better to do with my weekend than track down the slowness in my prompt, and I came across this "Benchmarking" page: https://wiki.zshell.dev/docs/guides/benchmark
At first, I didn't quite register what I was looking at. The site appeared legit, and I wondered if there was an official zsh wiki now or something. Sure, the writing is bad, but it's a wiki!
The reference to "zi" made it clear it wasn't for zsh proper, but it had me for a second.
I can believe that these are script kiddies cosplaying as professionals. I did that when I was a teenager, and I don't have a problem with it. It's harmless fun.
But remember when I said I needed to get back to the logo? We need to get back to the logo.
Here's a huge version, the only thing on their "Community" page
Let's look at it side by side with the official zsh logo, shall we?
Well, that's unmistakable right? They just added the "ELL". They're clearly _trying_ to look like the original project.
That's enough to tilt this towards being a problem, IMHO. I have no clue what they intend to do with this, but...this is weird.
...And it gets weirder
Oh hey, it's the "ZSHELL" version of the logo on the Wikipedia page for zsh.
Am I losing my mind? Did the actual zsh project adopt this logo? If yes, is that better or worse?
Let's find out.
Headline first: no, that is _not_ an official zsh project logo, as far as I can tell. Official zsh pages still have the one that just says zsh.
EDIT: This was incorrect; it's an alternate version of the official zsh project logo.
So where did this logo come from?
It was added by Wikipedia user Justindorfman in March of 2022:
https://en.wikipedia.org/w/index.php?title=Z_shell&oldid=1078941115
EDIT: When I originally wrote this, I was in the process of investigating and not yet sure of the details, but ultimately what happened here is boring and straightforward: "Salvydas" grabbed a version of the zsh logo off Wikipedia and used it without permission. Justin has since reached out and confirmed this; thanks Justin!
What's really scary is that if they used the current MidJourney it would be really hard to tell. (Maybe impossible if they were super careful)
that looks like MidJourney v4ish maybe?
@dylnuge They are clearly photoshopped in front of a wall, but how do you recognize these as AI faces? Genuine question.
Just yesterday I stumbled on this website: https://www.datenschutz.org/ueber-uns/ and I was 99% sure the faces were AI-generated. Then I looked in the archives and the pictures were there long before generative AI.
Wir helfen Ihnen durch den Datenschutz-DschungelDie Leistungen unserer Redaktion im ÜberblickMit Umsetzung der neuen EU-Datenschutzgrundverordnung zum 25. Mai 2018 stellen sich Unternehmen und Verbrauchern verstärkt differenzierte Fragen zum korrekten Umgang mit personenbezogenen Daten. Die Redaktion von datenschutz.org möchte alle Betroffenen, sowohl Datensammler als auch Dateneigentümer, mit den veränderten Gegebenheiten vertraut machen. Zu diesem Zwecke stellen […]
@dylnuge for anyone following along and still not sure why this is so bad (and even the check doesn't save you):
One could code the web server to:
* provide the nice version of the script on someone's first load & on subsequent loads if enough time has passed since the last request (human may in the loop)
* provide the malicious script on the second load if there are two in quick succession or if records show they regularly download via the first formula and aren't paying attention anymore
@dylnuge it's not bulletproof, though—if you launch multiple shells in quick succession, they might give the wrong copy to the download that's checking against the fixed hash by mistake
But since there's no permanent copy kept (if you do it the way they say to), they can always blame bad mirrors or something and "fix" it
@igrok Very true.
I highly doubt a sophisticated attacker controls this project, but if they did, an essentially undetectable version of an attack here would be to serve a malicious version for a short period of time, and only to known users (e.g. match on IPs based on prior downloads; that matching is easy when legit users download every time they open a shell).
Of course, I also doubt anyone is using the "verified" version of this script, and it's even easier to do this on the "instant" one.
Even worse, the code downloads the script TWICE on every shell invocation, and it is not as secure as it suggests.
The code downloads the script once solely to verify the checksum, and if it matches it downloads the script again to run it...and assumes the checksum will be the same.
If an attacker compromises the distribution site they could install a service that returns the original script for "new" client IPs, but return malware payload on subsequent calls from those IPs.
@dylnuge hrm, ok, it's just an update to the script to simplify it
Could be trying to figure out if anyone is really watching, too
Or encouraging users to switch to the first formula, or both
This is just ick
Wow, that’s sneaky!
They download it twice, once for validation and one for execution … I’m pretty sure one can give a good file to the first download and an evil file to the second with some pretty trivial heuristics in the webserver. 
I have the feeling that they know exactly what they are doing. (Edit: They probably don’t)
EDIT: I wrote this before reading the thread to its end. Still not trustworthy.
At the moment. It sure could change.
🤔
Maybe someone evil overtaking the domain could have it redirect every 30th request of the same IP to an evil script so it wouldn’t even get caught easily
@dylnuge Hold up 'pard that's straight up back door there!
🔥 The checksummed code is discarded and the server is not required to send out the same content for repeat requests in a short time window.
@dylnuge At least the domain name is signed :-) https://botsin.space/@DNSresolver/112225192527013130
@[email protected] 104.21.4.237 172.67.154.64 ✅ [Authenticated by DNSSEC]
@bortzmeyer DNSSEC only really handles DNS MITM attacks; it's not much help if you don't trust the party that owns the domain.
FWIW, the DNS configuration all appears to be set up through Cloudflare and nothing stood out to me there (I spent a little while digging there).
Security-wise, I'd be much more worried that they change what gets served from init.zshell.dev so that it doesn't match what's on Github, a la a much less sophisticated version of the xz/liblzma attacker.
@dylnuge heck
smh I like being able to use the internet not being chained to a 24/7 connection
What a rabbit hole. Thanks for taking the rest of us along for the ride (not to be mistaken for "a ride" 👀).
@omnomis Agreed that's part of it, though the -L at the moment also ensures that it follows the 301 to https://raw.githubusercontent.com/z-shell/zi-src/main/lib/zsh/init.zsh where the content actually lives.
Practically I'd be far less skeeved out by them using a domain as a shortlink if not for the fact that it's gotta do it every time you open a shell.
Mark Roszko
Dylan Nugent
okapi
i.grok
AlisonW ♿🏳️🌈♾️
Leonard Smith
natan
Dennis Clark
Moritz
prisixia
Slatian
trissc̈hen
John-Mark Gurney
TobiX
Felix Palmen 📯
Caleb Maclennan
Stéphane Bortzmeyer
schiermi
lown
Fluffy Kitty Cat
Jima 
Simon
Misty
FoolishOwl
Krutonium://
Trash Panda
Arch 
Fiona