It really isn't, malware still can easily break out as wine nor proton were never designed for isolation in the first place. Easy example is the Z drive giving program access to the whole Linux filesystem.

Yeah, I hope Element manages to become sustainable. It feels like they are running out of funding from what they did in the last month.

It is end to bridge encrypted. I trust them too but I still prefer to self-host this stuff.

https://www.beeper.com/faq#how-does-beeper-connect-to-encrypted-chat-networks-like-imessage-signal-whatsapp

That's not true and misleading. Docker and flatpak base images mostly contain shared libraries and even these get automatically deduplicated. Your flatpak calculator doesn't ship systemd or any other init system nor does it ship system drivers lol

And yeah if you are working in a restrained env and care about those few mbs taken by shared libraries then containarization is not for you.

Containerization is not perfect and it will never be, but that was never the goal. Making apps and services independent of the base system and easily restrictable like mounting volumes, restricting network, etc.. was.

I have to test this on some article recommending alternative medicine

The same way companies advertise they are certified to be "Privacy respecting", right? right?

Distrobox uses podman/docker under the hood. Each distro should have a corresponding OCI image.

you can always just overlay that ;)

I think it was more about vendor lock-in. The phone manufacturers want to be the ones you are locked to, not to Iridium.

I would love to see a Fedora Silverblue distro with all the Zorin GNOME extensions.