DEV Community

loading...

Discussion on: 9 Evil Bash Commands Explained

Collapse
devmount profile image
Andreas Author

Thank you for posting your concerns. Let me explain, why your comparison doesn't work here. The bash is basically a very good thing (illegal goods are not) that gives you great power over your system. With that power comes great responsibility and I wanted to show, how a typo or copied code (like the fork bomb) can easily harm your system and lead to data loss, if you don't really understand what you're doing.

Collapse
jhilgeman profile image
Jonathan H

Yes, bash is good but this is not an article in how to do good things with bash with a disclaimer to be careful. This is a collection of ready-to-use recipes for attacks.

With my comparison, I'm not saying the internet is evil and is only used for buying illegal goods. I'm saying that the internet CAN be used for evil purposes just like shells can be used for evil purposes. This article doesn't help understand how to properly use bash and in some cases it's not even specific to bash. All this article does is explain how to perform attacks.

Thread Thread
devmount profile image
Andreas Author

Thank you for your answer. I think we just have two different perspectives on this article here. My intention was to draw attention to how simple it is to make something wrong in bash. I can't change the fact that it's that simple. But I can spread awareness to help people don't make these mistakes. And given the positive comments on this article, I'm glad that it's seen this way.

And yes indeed, an evil person could use these commands to perform attacks. But it will always be the case that things with great impact are misused. How is it possible to spread awareness when you're not allowed to talk about it because somebody could misuse this information?

Thread Thread
jhilgeman profile image
Jonathan H

Evil people probably won't bother to leave positive comments, so I wouldn't judge the impact of your article based on a few positive comments.

Articles that are truly designed for positive security impact usually focus on mitigation and prevention. Here you have almost none of that info. It's more like a "look at all the ways I know how to mess up a system - you can copy and paste these!"

It's great to discuss security risks, but if you don't talk about techniques for prevention, then it's really just a cookbook of evil recipes.

Thread Thread
devmount profile image
Andreas Author

Thanks again for your explanation. I agree with your last point, so I added a 🛡 section for each point explaining some ideas of prevention for the corresponding bash command.