Is the terminal instruction « curl ifconfig.me » safe?

califfo1975 wrote:

Thanks for your reply

I did it only once and from terminal only.

That's what I like about that site. When you do that curl command, all you get is a your IP address. You can't do that with other IP address sites as far as I know.

If I run malwarebytes and/or another malware checker and the outcome is OK, I assume that I should be OK for ever

Well, Malwarebytes is a reputable anti-malware tool and is frequently recommended here on Apple Support Communities. But I couldn't recommend running some generic "another malware checker". There are far too many fake anti-malware tools. Some are just ineffective and will slow down and destabilize your machine. Others are just scams and provide no protection of any kind. A few are malware in their own right. Can you tell the difference?

In any event, just going to a web site, or using curl to get some text, is not going to install malware. It is possible to use curl to bypass some system security. So don't run a complex curl command you see posted on the internet unless you understand what it does.

could I have been tracked for a later “attack”?

To be clear, I see nothing suspicious about this site. I don't know how it is funded, but this is a site that I will use myself in the future. I didn't know about it before and I am thankful that you brought it up.

That being said, any time you go to a web site, you reveal your IP address. A malicious web site operator could use your IP address to contact your machine. If you are on a Mac and you don't have any sharing services, then there is nothing to worry about. If you do have sharing services turned on, then make sure to have strong passwords.

Some people use a VPN to avoid revealing their true IP address like this. But you are really getting into paranoia territory here. All of these things are "possible", but extremely unlikely. If you let these things go too far, you can lose touch with reality. I'm not exaggerating. I know of another active thread right now on the forums where someone has done that. They've completely lost touch with reality. Don't do that. Be suspicious. Be safe. But don't freak out.

It is no less unsafe than any other website. It doesn't seem to have any visible means of support. It could be a source of scamware ads or malware at some point, but then that is true about most web sites.

Why do you put so much confidence in Norton?

It is important not to let theoretical risks cloud your judgement. When you navigate to a particular web site, there is so much going on behind the scenes that what you type into the address bar is virtually irrelevant. The risk from going to feee.fr is not virtually zero, it is absolute zero. The risk from ifconfig.me is even lower.

But all of the “popular” and “safe” websites that you go to are broadcasting not just your IP address, but intimate details of your life to literally hundreds of other sites across the internet - every time you click the mouse.

Every so often, you might get a web site telling you that you are infected with 7 viruses or that you need to “clean up” your computer. Don’t click those buttons.

Sometimes the warnings will tell you that you need to call “Apple” and have technicians take control of your computer. Double-check that phone number. Don’t give them your credit card number. Don’t let them access your computer.

If you do click them anyway and they download malware, please don’t install them.

And when the Apple macOS operating system displays a cautionary dialog asking if you are sure you want to install the malware, please take just a moment and consider. Think of all the worry you have put into one or two harmless websites. Do you want to invite internet vampires into your home? They will be very difficult to evict later.

And when the Apple macOS operating system pops up a dialog and asks if you want to allow “setup” to make changes, or to access your documents or contacts, please take another few moments and consider who, specifically, these people are. Why do they want all of the contact details for your family? Why do they want to read all of your documents?

What I am saying here is that you are on a Mac. Put your confidence in Apple. Your Apple software like macOS and Safari will protect you. The only way to put yourself at risk is to really make an effort. If some random website doesn’t immediately try to scam you, then it is probably safe.

In future, try something more transparent, like this:

https://www.whatismyip.com

.

Re: malware.

This User tip by contributor John Galt may help you begin to get a more balanced view of Norton and similar software:

Effective defenses against malware and ot… - Apple Community

.

I would argue that ifconfig.me is demonstrably safer than whatismyip.com. This is what I get on whatismyip.com when I disable my ad blockers: