I was looking at the firefox flatpak on flathub. Won't this warning make a non tech-savy user anxious? This might make them think they'll get a virus or something like that.

federino@programming.dev to Linux@lemmy.ml – 314 points –

Imagine your friend that does not know anything about linux, don't you think this would make them not install the firefox flatpak and potentially think that linux is unsafe?

I ask this because I believe we must be careful and make small changes to welcome new users in the future, we have to make them as much comfortable as possible when experimenting with a new O.S

I believe this warning could have a less alarming design, saying something like "This app can use elevated permissions. What does this mean?" with the "What does this mean?" text as a clickable URL that shows the user that this may cause security risks. I mean, is kind of a contradiction to have "verified" on the app and a red warning saying "Potentially unsafe", the user will think "well, should I trust this or not??"

85

You are viewing a single comment

Good.

People need to view out of channel software with a hairy eyeball.

Hell, I run Debian all over and it’s absurd that the main repositories don’t do checksums on downloaded packages!

WAIT THEY DON'T ???

yeah apt just trusts the server if it properly identifies itself

the barrier to entry for attacking that seems pretty high though

if that freaks you out, switch to a rhel derivative, they got a shiny progress bar

Interesting, but switching will be difficult, unfortunately...

Thanks for the info

I think it's absurd that most distros have no tools whatsoever for doing regular checksums of their own files. Windows certainly got that part right IMO.

I’m double checking this myself now, but there are plenty of tools (debsum) they’re just not part of the default implementation as of last time I looked.

Right, I'm talking about like periodic or real-time scanning and alerting, which DISM/SFC on windows does.

i'm almost 100% that debsums on apt stuff and the --verify flag in rpm distros do what sfc did. (kinda, debsums and --verify check against a list of checksums from the repo, i'm pretty sure sfc cracks open an actual known version of the files and compares em with whats on disk)

idk what dism does.