Egregoros

Just absolutely no regard for security at all. None. The entire burden of self-protection shifted to humans alone at their endpoints in systems and communities entirely, foundationally built on mutual trust and trustworthiness.

@mhoye

> developers not working in an isolated environment (zone, vm, jail, etc) and letting their devtools access their whole laptop

they deserve it

@feld @mhoye which I guess means that I, as the end user, also deserved it? 😬

@joe @mhoye well we used to tell people not to run .exe and .scr etc files on Windows or they'd get a trojan/virus.

A lot of what people do these days on MacOS/Linux is pretty damn close to running untrusted code/binaries

@feld @joe @mhoye have you actually set it up, it's not easy to get a working but reasonably convenient dev system. I've been trying for a while now

@sun @joe @mhoye I just dev in a FreeBSD jail

@feld @joe @mhoye @sun explain the process

@mischievoustomato @joe @mhoye @sun make a freebsd jail (like a mini copy of the whole OS). put all your dev tools in there. run them from within the jail. if it gets popped, they can't get out to the juicier bits on your real OS