Comment by spockz
2 days ago
My issue with this style of verification is more that it normalises running commands right in the terminal. Commands that come from place you kind of trust. And poof at some point it will contain some nefarious code. Instead of using a package manager (the curl to bash variant) or running these commands in a container/vm.
Arch Wiki's core content is instructions of what commands to run right in the terminal.
Agreed, this is the first thing I thought of too. Don't teach people to paste unknown commands into their terminal!