Imagine your friend that does not know anything about linux, don’t you think this would make them not install the firefox flatpak and potentially think that linux is unsafe?

I ask this because I believe we must be careful and make small changes to welcome new users in the future, we have to make them as much comfortable as possible when experimenting with a new O.S

I believe this warning could have a less alarming design, saying something like “This app can use elevated permissions. What does this mean?” with the “What does this mean?” text as a clickable URL that shows the user that this may cause security risks. I mean, is kind of a contradiction to have “verified” on the app and a red warning saying “Potentially unsafe”, the user will think “well, should I trust this or not??”

  • bloodfart@lemmy.ml
    link
    fedilink
    arrow-up
    12
    arrow-down
    1
    ·
    4 months ago

    Good.

    People need to view out of channel software with a hairy eyeball.

    Hell, I run Debian all over and it’s absurd that the main repositories don’t do checksums on downloaded packages!

      • bloodfart@lemmy.ml
        link
        fedilink
        arrow-up
        1
        ·
        4 months ago

        yeah apt just trusts the server if it properly identifies itself

        the barrier to entry for attacking that seems pretty high though

        if that freaks you out, switch to a rhel derivative, they got a shiny progress bar

    • refalo@programming.dev
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      4 months ago

      I think it’s absurd that most distros have no tools whatsoever for doing regular checksums of their own files. Windows certainly got that part right IMO.

      • bloodfart@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        4 months ago

        I’m double checking this myself now, but there are plenty of tools (debsum) they’re just not part of the default implementation as of last time I looked.

        • refalo@programming.dev
          link
          fedilink
          arrow-up
          2
          ·
          4 months ago

          Right, I’m talking about like periodic or real-time scanning and alerting, which DISM/SFC on windows does.

          • bloodfart@lemmy.ml
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            4 months ago

            i’m almost 100% that debsums on apt stuff and the --verify flag in rpm distros do what sfc did. (kinda, debsums and --verify check against a list of checksums from the repo, i’m pretty sure sfc cracks open an actual known version of the files and compares em with whats on disk)

            idk what dism does.