See post edit. I’ve already answered that twice.

If they expected you to read the install script, they’d tell you to download and run it. It’s presented here for lazy people in a “trust me, bro, nothing could ever go wrong” form.

• There are SHA256 checksums of each binary file available in each release on Github. You can confirm the binary was not tampered with by comparing a locally computed checksum to the value in the release’s checksums file.

• Binaries can also be signed (not that signing keys have never leaked, but it’s still one step in the chain of trust)

• The install script is not hosted on Github. A misconfigured / compromised server can allow a bad actor to tamper with the install script that gets piped directly into your shell. The domain could also lapse and be re-registered by a bad actor to point to a malicious script. Really, there’s lots of things that can go wrong with that.

1. That’s been the way to acquire software since shortly after the dawn of time. You already know what you’re getting yourself into.
2. There are SHA256 checksums of each binary file available in each release on Github. You can confirm the binary was not tampered with by comparing a locally computed checksum to the value in the release’s checksums file.
3. Binaries can also be signed (not that signing keys have never leaked, but it’s still one step in the chain of trust)
4. The install script is not hosted on Github. A misconfigured / compromised server can allow a bad actor to tamper with the install script that gets piped directly into your shell. The domain could also lapse and be re-registered by a bad actor to point to a malicious script. Really, there’s lots of things that can go wrong with that.

The point is that it is bad practice to just pipe a script to be directly executed in your shell. Developers should not normalize that bad practice

I mean, how about:

1. Download the release for your arch from the releases page.
2. Extract to ~/.local/bin
3. Run

yeah, i hide that with UBO lol. that, or enable theater mode to get rid of it.

:sigh: Just turn off watch history and search history, clear both, and either search for what you want or subscribe and use the subscriptions page.

My YT homepage is blank and glorious.

Nothing good will ever come from suggestion algorithms.

I don’t subscribe to anything, but I’d prob use it if I did. I only go to YT for one-off videos and just search for what I need.

Just turn watch history off and find your own way. My YT homepage is blank. Fuck suggestion algorithms.

In other areas, yeah, probably.

But with music, movies, and TV, they’ll just blame piracy, crank up the DRM and bullshit on their own platforms, pat themselves on the back, and raise prices.

That sounds like the job a contestant on one of those HGTV home makeover shows would have:

“My husband is a stay at home dog dad, and I spend 30 minutes a month creating 2 or sometimes 3 social media posts. Our budget is $400,000.”

There’s still probably someone out there who’s like “Finally! I’ve been waiting for that to go on sale”

Did your mom also install a random sketchy app from the app store and click “Allow” when it asked to access her contacts?

Because my mom did, and I get all kinds of spam. 😠