even better, let's just execute the random contents of a URL with a Ruby interpreter. Pretty sure curl's -f will suppress any SSL errors you'd receive as someone MITM's you...

This is a commonly-repeated cargo-cult security trope: if you're going to run arbitrary code from Homebrew, your risk exposure is no different whether you download the installer and run it as two separate actions or one combined command.

The option you're thinking of is -k — -f simply tells curl to fail silently on errors, not ignore them:

http://curl.haxx.se/docs/manpage.html#-f

I believe you're confusing the -f argument for -k. If you have a better suggestion for installing Homebrew, please send a pull request.