I don’t know how easy it would be to migrate to your own local machine, but what you’re describing sounds like Desktop-as-a-Service. All of the major cloud providers offer this in some form.

DroidFS has been working well for me. It’s available on F-Droid.

Where is the analytics data supposed to go if you aren’t hosting a service to store it? Are you expecting the author of this free and open source analytics platform to also provide free hosting and storage?

all public bodies must disclose the source code of software developed by or for them, unless precluded by third-party rights or security concerns

So this effectively changes nothing.

Installing by piping from curl is pretty common and not a red flag in and of itself. Even Rust is installed this way. If you don’t trust the URL, you also shouldn’t trust any binary installers downloaded from that website.

Black body radiation was my thought as well. It may not be the average including the inner layers, but it’s the average at the crust. About -1°F according to Wikipedia.

To add to this, is probably hard because the composition of the interior of the earth is a lot of guesswork. We can only directly observe how much heat is coming out of it.

https://en.m.wikipedia.org/wiki/Thermal_history_of_Earth

• Dec 2023 ~60 so far
• Nov 2023 ~200
• Oct 2023 ~100

Where does the initial cryptographic verification come from? I’m not arguing that you can’t pin certificates.

There is no way a user can know the website is real the first time it’s visited, without it presenting a verifiable certificate. It would be disastrous to trust the site after the first time you connected. Users shouldn’t need to care about security to get the benefits of it. It should just be seamless.

There are proposals out there to do away with the CAs (Decentralized PKI), but they require adoption by Web clients. Meanwhile, the Web clients (chrome) are often owned by the same companies that own the Certificate Authorities, so there’s no real incentive for them to build and adopt technology that would kill their $100+ million CA industry.