Somewhat new to Homebrew. As I understand it, Homebrew Cask looks for apps in its Github repository. I don't know how they get there, but I assume that the app or the link which lives at Github is not supplied by the developers of the associated app. So, then, is a download from the Cask repository an exercise of trust in the Cask maintainers?
Homebrew Cask and Security
homebrewSecurity
Related Solutions
Focus on iTunes billing support. When you need support on a device and the software support window is over, you pay for that help.
iTunes billing support is generally free since you can't spend more money in the store without a working account. You always have to get a support person to call you since people that have access to the store accounts are a very limited subset of all the support personnel.
Just be persistent - keep good notes, provide a phone number where they can reach you and have all the details of the account you can muster ready. Things like purchase history, credit card bills so you can tell the person the last two or three purchases made from that account in terms of date, transaction number and amount.
Once you've gotten the password reset, you can go back and fix all the security questions at https://appleid.apple.com
Worst case, you can add a new email address to the account, verify it, and then see if you can send a security question reset after that email is verified by Apple and in use for a week or so. Also - make more purchases from that account (free apps are fine) to show that the device that was registered to that account is still in use and still associated with the account even though the email address on file is new.
It looks like unsafe mode allows the Java app full access to your filesystem, which is enough that a malicious Java app could do anything it wants (take over your computer, infect it with malware, spy on you, etc.). So, the name "unsafe mode" does seem appropriate here.
It's your call whether you want to take the risk. Personally, I wouldn't, on my own personal computer. I might set up a virtual machine and run the VPN client inside the VM, or ask the client for another solution that doesn't involve shooting holes in your computer's security. Right now, Java security is a bit of a mess; it's a shame we don't have better solutions available.
Related Question
- Removing an application from homebrew-cask
- MacOS – How does software updates work in OS X
- Advantages of installing a program with Homebrew-Cask
- MacOS – Link pre-installed apps to Homebrew Cask
- Homebrew Cask: List all formula available for installation
- IOS – How to check the country of origin for apps in the iOS App Store
Best Answer
Yes, and also trust that having the sources in the open and others using it, you don't need to be the first person to catch a bad act. The traceability of who checks in what hopefully is a deterrent to casual maliciousness.
You of course are more secure to not automate installs of unsigned software from the internet.