undefined | Better HN

0 pointsalfiedotwtf1y ago0 comments

How is that any different from the VS Code extensions that have one star and are just copies of other extensions… waiting to get high stars and then switch-a-roo? Same goes for browser extensions.

Unless you’re auditing everything while taking Trusting Trust into account, you’re drawing the line somewhere saying “ok I can’t be bothered past this point verifying”.

… everyone has a line somewhere on the trust-but-verify spectrum

0 comments

wtetzner1y ago

> … everyone has a line somewhere on the trust-but-verify spectrum

Sure, and by making the automatic downloads optional, users are given the choice of where they want to draw that line.

j / k navigate · click thread line to collapse