Nadrek, please add to your list, "Download using a disposable machine".

I have an older desktop PC that still works. I flash (image) the drive after a clean installation of the OS and patches. Keep the image on removable media and remove the media before actually using the machine. Then I can go to all the hacker sites in the world, get the data I need, clean up the data (ASCII .txt files are pretty darn safe, after all), burn the txt files to CD cleanly, and then wipe the system and reload from the (clean) image.

It's easier and faster than you might think to do that kind of thing.

It's really easy to tell if a CD ended up with any data on it other than the txt files you wanted. And if you have auto-play turned off, it can't execute any code you don't tell it to.

This is better than using a VM for this kind of thing. Some malware can put a rootkit below the hypervisor level and thus infect the host machine instead of just the VM.