What about them?

With software projects training people that curl <link to their install script> | bash is totally fine and the insane amount of supply chain attacks lately it’s a critical bug that’s just begging to be exploited on single user systems.

I wish the worst case of gout on people who do this. I can’t believe it’s become such an accepted way of installing software.

Copy Fail requires only an unprivileged local user account — no network access, no kernel debugging features, no pre-installed primitives

Which is a fairly high hurdle for an attacker in most instances. Unless you’re running something like a shared university server.

Definitely patch your systems though.

Their community still a cespool?