If you're aware of the above then you're aware of what you're doing by piping curl into bash.
In reality, nobody checks checksums of binaries they download, so piping curl into bash makes no difference.
If you're aware of the above then you're aware of what you're doing by piping curl into bash.
In reality, nobody checks checksums of binaries they download, so piping curl into bash makes no difference.
Many people still use package managers though and these run such checks and disclose infosec events. And I still know enough other people who also look at the checksums of individual downloads when needed.
Piping curl to bash, especially a copy/paste from a random blog is way too easy to exploit. Most people might not realize if the unicode they copied from a website silently translates to a different location than what they thought they read in the screen.