The attack vector of convincing users to do stuff exists regardless of whether a niche GUI exists somewhere to do <the thing>. The only proper defense against social engineering is a) training and b) following the least privilege principle (which neither Windows or traditional Linux desktop’s permission model properly, as the current user in either case has full permissions to retrieve extremely sensitive credentials such as browser cookies without interaction).
Trying to defend against this from the perspective of de-normalizing the CLI is like defending against drunk driving by adding a bittering agent to Guiness beer exclusively.
As for clipboard highjacking, I am well aware, which is why any decent modern terminal emulator should a) strip escape codes by default and b) support bracketed-paste, to prevent immediate execution of a pasted command. If yours does not, please consider switching to a safer alternative (such as kitty).
The attack vector of convincing users to do stuff exists regardless of whether a niche GUI exists somewhere to do <the thing>. The only proper defense against social engineering is a) training and b) following the least privilege principle (which neither Windows or traditional Linux desktop’s permission model properly, as the current user in either case has full permissions to retrieve extremely sensitive credentials such as browser cookies without interaction).
Trying to defend against this from the perspective of de-normalizing the CLI is like defending against drunk driving by adding a bittering agent to Guiness beer exclusively.
As for clipboard highjacking, I am well aware, which is why any decent modern terminal emulator should a) strip escape codes by default and b) support bracketed-paste, to prevent immediate execution of a pasted command. If yours does not, please consider switching to a safer alternative (such as kitty).