• 2 Posts
  • 621 Comments
Joined 1 year ago
cake
Cake day: June 19th, 2023

help-circle
  • Compared to Arch(-based): Accesing the latest packages. It’s not impossible, especially if you go for Debian testing repos, but it’s definitely extra work.

    Compared to special-purpose distros (i.e. gaming, portable, high security/privacy, pen-testing): Whatever their special purpose is will usually be harder to achieve.

    Compared to huge corpo distros (SUSE/Fedora and derivatives): Ease of more intricate setups and maybe some security testing.

    Compared to Ubuntu: Paying a corporation to not withhold security patches from you.

















  • I mean, it’s on Phoronix to take this kinda out of context, but on Linus how he phrases things. You would think after years at the forefront of one of the most important FOSS projects, he’d know better.

    So to add some missing context: We are talking 11 maintainers, it’s not like hundreds have been removed. Im addition, it seems like most of them are employed by russian companies, not private individuals. Their code on the other hand has not been removed.

    What bothers me is that it’s unclear whether future pull-requests would be rejected as well, or whether this is a matter of association.

    IMO it would have been nice if Linus focused on some details regarding this action in his response, or alternatively not responding at all. Even if all he can say is that currently he can’t comment on it, it’s definitely better than borderline xenophobic rambling and getting mad at supposed trolls, feeding trolls if anything.



  • In short: No. It’s getting better, but Flatpak is by no means secure. Think of it as a Windows .exe or .msi with some (not that hardened) rights management.

    In addition, Flatpaks afe often community made and not even “signed” (which is not really a thing in Flatpak to begin with (yet) ((afaik))).

    Something really secure would be a container, something really, really secure would be a VM, something really, really, really secure would be a separate machine. Flatpak is less secure than the least secure thing in this enumeration.