The platform is important here. For mobile apps, I don't install anything that isn't from the official AppStore/Play Store. For desktop, I never download anything from the store and usually get software from the developer's website.
I'd agree. I'll download from Play only my android tablet, but for my desktop it's the original website or CP - but even then I'll download source, examine and compile it myself rather than trust an unknown EXE / DLL file.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay...
For mobile apps, I don't install anything that isn't from the official AppStore/Play Store.
I see where you're coming from, but if you're downloading an APK, Android at least tells you the permissions upfront up to Lollipop and it's better with Marshmallow. So you can, in fact, download from an untrusted site, try to install, see what permissions the app wants, and cancel if you are suspicious.
With Windows, an app can do almost anything and generally you have no way of knowing.
"We have already been through this, I am not going to repeat myself." - fat_boy, in a global warming thread
I find the permissions system in Android rather unspecific. For example the permissions to read the SD card and to access the internet allows an app to upload the photo's of all my Whatsapp contacts to their own server. So even with the permissions system, you still need to trust the developer.
If a developer chooses to publish their app via an alternative source than the official store, I find that suspicious in and of itself (in general, I don't mean this as an absolute statement).