• 11 Posts
  • 69 Comments
Joined 1 year ago
cake
Cake day: June 7th, 2023

help-circle

  • It has very minimal code and its implemented in a robust manner. Unlike UEFI and the desktop implementation of secure boot, it does work well and it has not yet been exploited on pixels. Its way better to have any kind of OS integrity check than none.






















  • Its only worse than not having it at all in the sense of giving users a false sense of security. Imagine if apps on mobile could decide what permissions they want automatically granted without the user opting in. The sandbox HAS to be enforced by default to be good. And the other issue with flatpak is the security, which we had several problems with in the past. On the same note, people criticise snap but its a much more competent solution from a technical standpoint regarding security and since people get all their apps from flathub anyways, the “propreitary” backend is mostly irrelevant. And before anyone says “snap store had malware hosted” that is not an issue with the format itself but the infrastructure.