Imagine your friend that does not know anything about linux, don’t you think this would make them not install the firefox flatpak and potentially think that linux is unsafe?

I ask this because I believe we must be careful and make small changes to welcome new users in the future, we have to make them as much comfortable as possible when experimenting with a new O.S

I believe this warning could have a less alarming design, saying something like “This app can use elevated permissions. What does this mean?” with the “What does this mean?” text as a clickable URL that shows the user that this may cause security risks. I mean, is kind of a contradiction to have “verified” on the app and a red warning saying “Potentially unsafe”, the user will think “well, should I trust this or not??”

  • Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    arrow-up
    4
    arrow-down
    1
    ·
    5 months ago

    Actually, Windows has implemented quite a few tricks to make this very difficult without setting off antivirus engines at least. X11’s security model is absolute trash compared to Windows Vista and above. Linux is getting safer with Wayland, but Linux on the desktop hasn’t had the XP SP1 security humiliation that Windows had so almost all of it is opt-in.

    Solving the issues Windows has already solved with things like integrity levels will break compatibility with many applications (it also did on Windows, which is why Vista made you run everything as admin) but simply enabling the Flatpak sandbox can solve many problems already.

    I wonder if there’s a desktop distro out there that enforces sandboxed applications by default. It would make running Linux a lot less risky.

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      5
      ·
      5 months ago

      Windows has implemented quite a few tricks to make this very difficult without setting off antivirus engines

      That’s funny because we have been shipping a commercial Windows app since XP that is keylogger-based using SetWindowsHookEx, and it has only tripped users’ antivirus maybe 1 or 2 times in 20 years.

      I wonder if there’s a desktop distro out there that enforces sandboxed applications by default.

      EasyOS is the first distro I’ve seen that at least runs every app as its own user by default, similar to Android.