Does Homebrew Install Use SSL/TLS?

command linehomebrewmacosSecurityssl

I recently installed Homebrew on my Mac using the UNIX command from the Homebrew homepage 

/usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

When the command downloads the Ruby script, does it secure the connection to the GitHub server using TLS or SSL? In other words, is there any chance that I could have downloaded a malicious script if someone intercepted my connection?

Also, can someone please explain each of the options, flags, switches, etc. included in the command above?

Best Answer

You can't know for sure, at least not based on the information you shared in the question:

  • It's a https connection so it should be secure
  • Nevertheless you could connect through a network which tricked/forced you to accept a new certificate and then performed a man-in-the-middle attack
  • Somebody could have tampered with the script on Github, resulting in an attack within the script you've downloaded
Related Question