I’ve gone through and responded to the other top level comments as well, but another massive issue you could add to your edit is that servers can detect curl <URL> | sh rather than just curl <URL> and deliver a malicious payload only if it’s being piped directly to a shell.
There’s a proof-of-concept attack showing its efficacy here: https://github.com/Stijn-K/curlbash_detect
To add to OP’s concerns, the server can detect if you run curl <URL> | sh rather than just downloading the file, and deliver a malicious payload only in the piped to sh case where no one is viewing it
You can detect server-side whether curl is piping the script to Bash and running it vs just downloading it, and inject malicious code only in the case no one is viewing it
https://github.com/Stijn-K/curlbash_detect
So that would at least be a minor improvement
My job is literally to make Linux distros using Yocto for various boards. I’m constantly writing new build scripts or updating build scripts, debugging the kernel/systemd/glibc and whatever libraries are on the system.
All of my work and personal desktops run some version of Fedora Atomic or a uBlue variant right now.
With distrobox/toybox/brew and using podman/docker/KVM+qemu, even as a tinkerer, it’s great
I constantly see people talking about playing things like Balatro on their deck that certainly doesn’t need more than 30fps.
Seems super useful for games like that on a flight
In the default configuration of iDevices, the US already can
This seems more around the UK wanting to spy on its own citizens more easily