I enjoy y'all acting like this couldn't happen with flatpak or AppImages
this post was submitted on 23 Feb 2024
0 points (NaN% liked)
Linux
47237 readers
3343 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
Those are just app distribution formats. Since there's just 1 snap store which can deliver snaps, they're not comparable.
What Flatpak stores are there in widespread use other than flathub? (Additional servers that depend on the runtimes flathub distributes don't count.)
Oh, it totally could.
I don't actually see anyone in here making such an argument.
How is this notable or interesting then? I thought we were all just accepting that malicious software is an inherent part of all open platforms.
Open platforms often have individuals running/hosting their own repositories, which means the risk is distributed.
This means that the individual repository can be attacked without affecting the whole network. The risk is still there, but they would have to simultaneously attack all repositories at once and succeed with all of them.
In a corporate-hosted platform like Snaps, you have one centralized location that can be abused and that can affect all repositories in the system.
If someone hacks Canonical, they can make the whole Snap Store an attack vector without nearly as much effort.
If someone hacks Canonical, they can make the whole Snap Store an attack vector without nearly as much effort.
So basically the same as if someone hacked flathub? Or if someone hacked Canonical/Debian/Red Hat/whoever and gained access to their package signing key?
I don't understand why people are so hell bent on hating Snaps. The architecture is literally better than Flatpak -- and I'm quite sure it's possible to run one's own Snap host. Some people say they're bloated and slow, well not anymore than Flatpak (actually less) and people love that?
The architecture is literally better than Flatpak
Why?
I don’t understand why people are so hell bent on hating Snaps.
Every single time I tried snaps in the last years I had a bad time. Either they were slow to start, refused to work (Docker snap) or made my machine boot significantly slower. Granted, I haven't bothered in a year or so.
At this point they just released unfinished software that was not ready for production, forced it onto people and are surprised when everybody remembers snap as being partially closed source, slow and unreliable. Even if it's not now, that's how the first impression was and it's going to stick forever.
Refer to an earlier post on the downsides of flatpak, Snap basically doesn't have a lot of those issues other than the fundamental ones regarding a canonical far package
You may have used Snaps when they used XZ compression. XZ is a stellar compressor, but for static data. It compresses better at the cost of being slower, nowadays Snaps use fast algorithms tuned for faster decompression, so it starts a lot faster.
Snaps were a mistake.
There, I said it.
Snaps wasn't and isn't needed from day 1
they are needed, linux need universals package manager, building for every single distro is a waste of time
Linux needed a universal package manager and it got three. Snap is not needed.
A bit of history. The first universal packaging format was snap by Canonical and used to be called Click apps and it was made for the Ubuntu mobile OS and later to the Ubuntu desktop. Red Hat in response to that created the FlatPak format. The AppImages are community effort.