Episode 266 - PowerScripting Podcast - Matt Wrock from Microsoft on BoxStarter

A Podcast about Windows PowerShell. Listen:

In This Episode

Tonight on the PowerScripting Podcast, we talk to Matt Wrock about BoxStarter

News

Interview

Guest - Matt Wrock

Links

 

Chatroom Highlights:

[22:43:30] <Jaykul> FWIW, my 2c: I think a "moderated" feed (where you just trust the core chocolatey team to review packages, instead of trusting all the authors) is the answer to "trust" -- the idea being the core team says that yes, this module just downloads and installs "the real product" that it claims to.

<Jaykul> ## Have you heard rumors that chocolatey may move away from nuget?

<Jaykul> ## Are you involved in the chocolatey community at all?

<Jaykul> ## Are you (un)happy/neutral that Chocolatey has moved their lib/install folders to C:\ProgramData

<Jaykul> ## Are you (un)happy/neutral about the idea of expecting users to be "elevated" when running cinst?

<Jaykul> ## Does that mean boxstarter only works on machines that have access to the public internet?  <-- I know it does, just want to bring it up

<Jaykul> ## What do you think about a "Moderated" feed like NuGet has for Microsoft

<Jaykul> ## Isn't virus scanning the package mostly useless, since the package is just a script that downloads from the web? Would you guarantee that the install.ps1 can't download anything without scanning it?

<Dave_Wyatt> ## Assuming that malicious code does make it into Chocolatey, what's the response?  API keys revoked, packages taken offline, etc?  How fast would that happen?

<JonWalz> http://boxstarter.org/

<JonWalz> if you use LastPass check out this tool http://blog.lastpass.com/2014/04/lastpass-now-checks-if-your-sites-are.html

<halr9000> http://www.atlantaallergy.com/pollenCount.aspx

<halr9000> http://www.nwasthma.com/pollen/pollen-count

<halr9000> http://boxstarter.org/

<halr9000> http://runasradio.com/?nomobile=1&ShowNum=355

<halr9000> http://chocolatey.org/

<JonWalz> http://npe.codeplex.com/

<halr9000> Downloading SublimeText3 64 bit (http://c758482.r82.cf2.rackcdn.com/Sublime%20Text%20Build%203059%20x64%20Setup.exe

<JonWalz> http://www.myget.org/

<Jaykul> halr9000: http://c758482.r82.cf2.rackcdn.com/Sublime%20Text%202.0.2%20x64%20Setup.exe <-- that's the "official" download link.

<JonWalz> http://inedo.com/proget/overview

<Jaykul> Sorry, yeah, http://c758482.r82.cf2.rackcdn.com/Sublime%20Text%20Build%203059%20x64%20Setup.exe my point is that your url was the official one

<halr9000> http://boxstarter.org/WebLauncher

<Jaykul> http://www.boxstarter.org/VMIntegration

<halr9000> e.g. http://boxstarter.org/package/nr/firefox

<halr9000> http://boxstarter.org/package/nr/rickroll

<mwrock_> http://boxstarter.org/WebLauncher has links to the firefox and chrome click once extensions at the end of the page

<Jaykul> http://boxstarter.org/package/astley

The Question -

  • Superhero - Professor Time
About the Author

Jonathan Walz

Since March 2007, Jonathan Walz has been the co-host and technical brains for the PowerScripting Podcast. Conceived as a radio show for the PowerShell community, the podcast is the longest-lived PowerShell show in existence, and has featured dozens of weekly guests.

One Comment