Hacker News new | comments | show | ask | jobs | submit login vhost- 28 minutes ago | parent | favorite | on: Webcams used to attack Reddit and Twitter recalled Another issue is partially written responses. If the connection fails in the middle of your curl (or the source's application crashes) you can receive part of a shell script that could very well contain `rm -rf /usr`. Edit: I cooked up an example actually. Here is a small Go program that will panic after 1 nanosecond: https://gist.github.com/kyleterry/dc304503dfca2d149b189694d1... This will sometimes return partial responses. Run this in a bash `while true` loop and curl localhost:8080 a few times. You will mostly see empty and full responses because my example isn't perfect, but occasionally you will only get part of the script dumped to the screen and that's the problem with curl|bash. Guidelines | FAQ ...