Just absolutely no regard for security at all.

mhoye@cosocial.ca

@tanepiper It's been around in the Debian dpkg system for ages, and it's got a lot of utility in that context and definitely works system-wide. But the Debian community doesn't have the NPM "let anyone do anything whatever" ethos, and the versioning systems in that part of the world are much slower and more methodical. You pretty much need to be on Sid and updating every day to get bitten by this in that part of the ecosystem.

feld@friedcheese.us

@joe @mhoye you can trust what you get from your OS package manager and not much more.

npm, pip, cargo, hex, gem, etc are the wild west

tanepiper@tane.codes

@mhoye yes, that's the parallel part to it - being responsibility enough to have that level of utility - sadly npm is a wildwest of some of the poorest software development practices out there.

hennell@phpc.social

@tiotasram @mhoye yeah not sure I'd want it installed, but I assume it doesn't do anything just on install, like you'd need to set-up keys or features or something? But then I wouldn't assume packages could global install so who knows anymore.

vfig@mastodon.gamedev.place

@mhoye the "S" in "AI" stands for "Security"

rick_d_card@mastodon.social

@mhoye Yikes!

nobody@mastodon.acm.org

@mhoye
Gotta love ai

dalias@hachyderm.io

@mhoye How tf does "npm install openclaw" result in openclaw being given backdoor privileges? As opposed to just some files appearing that only do anything if you execute them.

mischievoustomato@tsundere.love

@feld @mhoye i wonder what this applies to, I've done baremetal rust dev (personal project) with cargo, but it was a thing I made from scratch.

mischievoustomato@tsundere.love

@feld @joe @mhoye @sun explain the process

lispi314@udongein.xyz

@mhoye@cosocial.ca That’s an impressive malware distribution hack.

I would ask if cline was compromised but looking up what it is, it was malware from the very start.

feld@friedcheese.us

@mischievoustomato @joe @mhoye @sun make a freebsd jail (like a mini copy of the whole OS). put all your dev tools in there. run them from within the jail. if it gets popped, they can't get out to the juicier bits on your real OS

dancast@wandering.shop

@mhoye One more reason to be terrified of the next decade.

? Offline

@feld @joe @mhoye @sun @mischievoustomato would you recommend Linux jails in general for software that are not well supported for FreeBSD? Instead of just running say Alpine VMs on Bhyve. (currently two cases in mind: OpenwebUI and Invidious)

tanepiper@tane.codes

@Gaelan @mhoye I'd disagree it's overestimated - it's been 9 years since my first poc of a supply chain attack with npm and the problem is that is allows all sorts of remote code execution - it's not unique problem to npm, but instead it's the easiest way to ship malware at scale - simply the number of incidents per year with always the same root cause shows this.

https://github.com/tanepiper/steal-ur-stuff

tanepiper@tane.codes

@Gaelan @mhoye this, I do agree with

tanepiper@tane.codes

@Gaelan @mhoye what would change is the risk factor that this is out of control of the user (unless you know to use the no scripts flag) - of course any library in JS only needs to import a file for it to execute, and with that a runtime is compromised - but postinstall has the opportunity to blindly install malicious components that can be executed as a demon process when most people aren't paying attention - to me that's important

feld@friedcheese.us

@joe @mhoye @mischievoustomato this isn't just about the LLM, this is about how terrible our software supply chains are these days because people built infrastructure before building trust and now we have this mountain of crap as the foundation of everything we do

khleedril@cyberplace.social

@feld @mhoye Oh, fuck off