> If you read the script before you pipe it into your shell, it's safe.
If you download it first before executing it (instead of downloading it a second time when executing it), then that mitigates one problem, but still not all of them (like you mention). Other mitigations are also possible, such as hashing, certificate pinning, sandboxing, etc.
This is a good point. Made me think about how I will usually read if first, but in the browser. And it's easy for the server to check the user agent, and serve me a different version in the browser!
- You dont actually own the domain, you kind of lease it, and will have to pay every year for renewal. The renewal price can be significantly higher than the "purchase" price, so be carefull to pick one with a low renewal price. I dont really know if there is any guarantee against the renewal-price increasing in the future, so you might end up kind of stuck.
- The email provider must support using a custom domain, which many do on their paid plan.
- Some support "catch-all" feature, that emails sendt to any adressess @yourdomain.com goes into the mailbox. Then you can register at places with e.g hackernews@yourdomain.com or possiblespamsite@yourdomain.com. But if you do this you can only move to other providers providing the same in the future. You can not neccesarrily send from the same adresses though!