this post was submitted on 03 Sep 2023
-107 points (15.5% liked)

Linux

48397 readers
1016 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

The title says it all. Browsed Flathub and saw this fat warning label on the Steam Flatpak. Maybe not the best idea if you want to compete with Canoncial's Snapstore, but hey, what do I know 🤷

you are viewing a single comment's thread
view the rest of the comments
[–] wiki_me@lemmy.ml 0 points 1 year ago (1 children)

This is the warning:

This software is not developed in the open, so only its developers know how it works. It may be insecure in ways that are hard to detect, and it may change without oversight.

tbh assuming automatically open source software is more secure is false, At least one link which mentioned studies said that open source probably does not always "outperform" closed source software in term of security.

The relative security of open source software has been examined repeatedly by researchers since the early 2000s. Open source software contains no more flaws on average than proprietary software. In some cases, it may have fewer vulnerabilities.

Some might argue that having a paid team means better security, So i don't know if the warning about security is really justified, and it might give people a bad impression about flathub (that it is being dogmatic), at least link to some page providing a more detailed explanation would be better (and might prevent new FOSS users from getting a false sense of security).

No one claimed it was more secure

They claimed that if you needed to vett it for specific vulnerabilities, you were capable of doing so

And the song and dance about “open source isn’t more secure” is meaningless, as you don’t care about security the same way in all applications, and the ones trivial enough not to care about are going to be by and large open source

(Assuming their data collection methods were even adequate, as by definition they could only vett the open source half of the claim. We know for a fact that proprietary software routinely buries or hides vulnerabilities unless forced to do otherwise)