The title says it all. Browsed Flathub and saw this fat warning label on the Steam Flatpak. Maybe not the best idea if you want to compete with Canoncial’s Snapstore, but hey, what do I know 🤷
compete with Canoncial’s Snapstore
Did they introduce a way to sell software yet?
This is the warning:
This software is not developed in the open, so only its developers know how it works. It may be insecure in ways that are hard to detect, and it may change without oversight.
tbh assuming automatically open source software is more secure is false, At least one link which mentioned studies said that open source probably does not always “outperform” closed source software in term of security.
The relative security of open source software has been examined repeatedly by researchers since the early 2000s. Open source software contains no more flaws on average than proprietary software. In some cases, it may have fewer vulnerabilities.
Some might argue that having a paid team means better security, So i don’t know if the warning about security is really justified, and it might give people a bad impression about flathub (that it is being dogmatic), at least link to some page providing a more detailed explanation would be better (and might prevent new FOSS users from getting a false sense of security).
No one claimed it was more secure
They claimed that if you needed to vett it for specific vulnerabilities, you were capable of doing so
And the song and dance about “open source isn’t more secure” is meaningless, as you don’t care about security the same way in all applications, and the ones trivial enough not to care about are going to be by and large open source
(Assuming their data collection methods were even adequate, as by definition they could only vett the open source half of the claim. We know for a fact that proprietary software routinely buries or hides vulnerabilities unless forced to do otherwise)
deleted by creator
I was mildly annoyed the other day by a conceptually similar warning about some software I was installing from F-droid. The annoying part was that unlike this flathub one it wasn’t completely clear how exactly the app was using the dangerous features I was being warned about, but I had done my research and knew I wanted to install it anyway. Took me a moment to remember that for a lot of people it probably helps to be reminded of the risks.
Then I went to install the same thing on someone else’s phone with Google Play. No warnings, but I had to scroll quite a long way down past ads for competitors and presumably malware-laden copies with confusingly similar names before finding the app whose name I’d typed in the search field.
Also, F-Droid recently committed to more transparency with their anti-features and many newer (and updated older) apps show a message about what the anti-feature actually entails on that particular app.
Not much, apparently.
This seems like a very reasonable and pretty tame warning?
Cool, but there’s no shot any serious software company will want that shit under their brand
Does Google not count as a serious software company now?
Mark discovers hyperbola
Then they should make it open source (not free)
If your goal is to get back scratches from the circlejerk don’t feel the need to participate lol
I mean I totally understand why they don’t. Even as a heavy supporter of open source I don’t know if I would.
You don’t have to open source everything to open source the client software that is expected to run on devices the software author doesn’t own or control (and so doesn’t care about or put in effort to protect)
Snapstore has proprietary software too…
That’s the point.
And this is why I’ll use Flatpack, but will never run Snap software on any of my systems.
Not that I’m particularly fond of Flatpack, but if needs must.
Bro snap has infos like that as well
I don’t agree with this take. the warning seems totally reasonable to me
Agreed, even as a steam user. It’s a good reminder that you are installing gigabytes of instructions on your most personal device that you are specifically prohibited from vetting
flathub, how DARE you put popular software that many linux users use on your repository?
op is making the opposite point, saying that companies making closed source software are going to be put off from putting their software on flathub, the clown face is there with the intent to portray flathub’s action as being naive and idiotic, arguing that not catering to such companies by not letting them distribute closed source software without telling it’s potential users is a bad thing
oh I didn’t understand it like that, sorry. but yeah I think foss software should be the priority on linux lol
as most people but not op
I don’t really see the problem with this is, let’s be honest if you daily drive Linux you likely enjoy opensource software. You likely want other open source apps too and knowing is good. Yes I do run some proptarity apps like Steam and Discord but its neat to have other apps apps open source where I can.
if you want to compete with Canoncial’s Snapstore
says it all about your mindset, you think big numbers are good regardless of context, as if google play wasn’t enough of a warning for other distribution platforms
Can someone please help me out? I don’t get it
This seems like the right way - informing users, those who don’t care don’t care with or without. I’d say that’s fully withing the freedom philosophy
I love both proprietary software and open source software, and personally I kinda like this warning.
How much of a concern it is for software’s code to be proprietary, is probably personal opinion. For this reason, maybe yellow is a bit too much? I think making these errors grayscale might be a good middle ground.
