A worthy entry among names like git, gimp, bash, subversion, duplicity, jail, kill and other everyday fare of smart, tongue-in-cheek names in software.
For real! Reading the title I assumed I was going to read about using social media outrage as a method for dissemination of counterintelligence information to the public.
As apposed to downloading a binary, chmoding it, and running it as your user? I honestly don't see the difference unless you only want packages in auditable flatpaks or snaps.
That is one of many methods of installing and this bash crap has been popular for a while so although I don't like it it doesn't mean the project is bad.
There I fixed it. If you go through github (trusted server url-integrity-wise) and use the commit hash, and you reviewed the code first, it's much safer to do this because it's deterministic/versioned.
I'm kind of flabbergasted people are downvoting this. You shouldn't pipe anything from a random curl'd link into bash, no matter how much you trust it. And if you actually bother to inspect this script, there are a lot of reasons to raise eyebrows.
Or, you can just keep doing this and I'll keep making money from security consulting...
Yeah, the curl|bash approach is approximately as safe as basically any other software installation method, if you trust the owner of the URL as much as you trust the maintainers of NPM, Pypi, etc.
Package registry maintainers do often do some things that make it a bit safer than just using things from a random person online: e.g. preventing someone from deleting a popular package, which would enable various sorts of squatting attacks. But, you’re generally right.
Like any proxy software, Hysteria consists of a server and a client. Our precompiled executables includes both modes on all platforms. You can download our latest releases using one of the following options:
The README starts with "Powered by a custom QUIC protocol", which raises some concern. When looking at the protocol doc, I see "standard QUIC transport protocol RFC 9000 with Unreliable Datagram Extension [(RFC 9221 Draft Proposal])."
This is made for people in China under censorship I think. I've used it personally in China and it's a welcome alternative to shadowsocks (it even uses a similar flow of a local socks5 server) if you have an unblocked server you have access to (China fingerprints normal socks5 traffic).
It's slightly better in terms of robustness (since its less used) but eventually the firewall realizes you're only connecting to one server so it blocks outgoing large amounts of traffic to any IP. I've found using shadowsocks on one IP, using hysteria on another, and using proxy.pac to intersperse the two works best.
I'm surprised at all the negative comments here, its clear that the context of the project was not understood.
32 comments
[ 0.28 ms ] story [ 71.0 ms ] threadWhat a statement.
And probably the cutest, too.
> Meet Ayaha Hideri, the official anime mascot of Hysteria
I'm sure this would grate on many people, but honestly, I'm here for it.
clicks link
Ooooh, you made a software named "hysteria."
bash <(curl -fsSL https://get.hy2.sh/)
nah.
There I fixed it. If you go through github (trusted server url-integrity-wise) and use the commit hash, and you reviewed the code first, it's much safer to do this because it's deterministic/versioned.
Or, you can just keep doing this and I'll keep making money from security consulting...
Like any proxy software, Hysteria consists of a server and a client. Our precompiled executables includes both modes on all platforms. You can download our latest releases using one of the following options:
* Executable files
* GitHub Releases
* Deployment script for Linux servers
* Arch Linux AUR
* Docker images
* Use 3rd-party apps
* Build from source
Is that the extent of the "custom" QUIC protocol?
It's slightly better in terms of robustness (since its less used) but eventually the firewall realizes you're only connecting to one server so it blocks outgoing large amounts of traffic to any IP. I've found using shadowsocks on one IP, using hysteria on another, and using proxy.pac to intersperse the two works best.
I'm surprised at all the negative comments here, its clear that the context of the project was not understood.
An advantage is you wouldn't be connecting to a single proxy, but a (small, configurable) number of bridges