Marcia

@[email protected]
7 Followers
52 Following
14 Posts
#gnu #debian
home pagehttps://marciawilbur.com
MarciaApr 20, 2025
@bagder Hey. They're talking about your stuff over at OSI discuss. Not sure if you knew or not. Maybe you could shed some light on the topic. https://discuss.opensource.org/t/curl-bash-trust-as-a-privilege/1011
`curl | bash`: Trust as a privilege?

We often hear that using curl | bash is insecure. That no one should ever pipe remote scripts directly into a shell. And yet… the biggest open source projects do it all the time. Docker installs with curl | sh. nvm, oh-my-zsh, Homebrew – all follow the same pattern. And we trust them. Why? Because they’re popular? Because they have a logo? Because their websites look professional? Meanwhile, smaller projects are held to a different standard. They are questioned, scrutinized, distrusted – e...

OSI Discuss
Show threadMarciaMar 28, 2025

@bagder

Projects die:
I have seen some "frankenapps" with older releases or old versions of multiple software. Meh.

Some apps/tools/utilities work fine without updates, others had vulnerabilities and was risky business.

Better to search for alternatives to unmaintained and use compatible @latest versions.

When someone picks up an unmaintained project - or tool, that culture may not be as welcoming as the previous.

+ demands of support and features - the struggle is real! Burnout happens.

MarciaMar 28, 2025
Show threadtecHuntMar 27, 2025
@bagder Bad actors generating outrage to divide/destroy foss communities.
MarciaMar 27, 2025
Richard LittauerMar 26, 2025

The OSIs purpose is to be a trusted, legitimate source of truth for what open source is and how to use it.

When they fail at holding meaningful, equitable elections, and when they push through controversial work like OSAID and then gag board members from disagreeing with it publicly, they undermine their own work.

I don't know if the OSI needs to exist right now to legitimize OSS. It doesn't stop snake oil OSS or open washing. Surely the public can just call a spade a spade on their own.

MarciaMar 25, 2025
daniel:// stenberg://Mar 25, 2025
This week #OSI helps us realize how quickly you can demolish trust in an organization.
Show threadMarciaMar 25, 2025
@kfogel Another RTFM moment :) idk either.