Admiral Patrick ( @ptz@dubvee.org ) English49•9 months agoGood thing I can just install applications from
apt
instead…user@pc:~$: sudo apt install app The following additional packages will be installed: snapd
…oh.
Lemmchen ( @Lemmchen@feddit.de ) English9•9 months agoThe reason why I’ll switch to Debian soon.
Fonzie! ( @lord_ryvan@ttrpg.network ) 3•9 months agoIMO Linux Mint is a great replacement, too, although it does not come with the default-Gnome desktop layout
pbjamm ( @pbjamm@beehaw.org ) English2•9 months agoI always find myself going back to Mint.
Fonzie! ( @lord_ryvan@ttrpg.network ) 2•9 months agoSame, I feel at home in the Cinnamon DE and no matter how tech savvy I am, the GUI software installer is so much more convenient than using the terminal
manpacket ( @manpacket@lemmyrs.org ) English8•9 months agoYea, not with
firefox
, at least not without switching to some third party repo. Draconic NEO ( @Draconic_NEO@lemmy.dbzer0.com ) 4•9 months agoCanonical’s changes to apt could be considered malicious in and of themselves because it installs from a source you didn’t request for, sure seems malicious to me.
Admiral Patrick ( @ptz@dubvee.org ) English3•9 months agoAgreed. Switching out .deb packages in the package manager for snap stubs was a bridge too far, and I went back to Debian.
duncesplayed ( @duncesplayed@lemmy.one ) English42•9 months agoThis is the major reason why maintainers matter. Any method of software distribution that removes the maintainer is absolutely guaranteed to have malware. (Or if you don’t consider 99% software on Google Play Store the App Store to be “malware”, it’s at the very least hostile to and exploitative of users). We need package maintainers.
wiki_me ( @wiki_me@lemmy.ml ) English11•9 months agoThe root of the problem i think is that the store is closed source, i don’t think you will find a lot of people willing to work for a closed source store for some for profit company.
Amy :3 ( @amycatgirl@lemmy.blahaj.zone ) English17•9 months agoAs a snap package maintainer i find it weird that there weren’t any guardrails in place to avoid situations like this, considering that the main snap consumer are Ubuntu users and Ubuntu is from canonical.
I guess I should’ve set my expectations a bit lower
garam ( @garam@lemmy.my.id ) English6•9 months agoyou confuse canonical with fedora or rhel standard… which… is sad… but at least flatpak is the savior in the end. haha…
OsrsNeedsF2P ( @OsrsNeedsF2P@lemmy.ml ) 8•9 months agoRed Had has 20x the employees as Canonical, I hope their product is better
Amy :3 ( @amycatgirl@lemmy.blahaj.zone ) English2•9 months agoYeah, my bad 😅
I’ve forgotten that Canonical is not like Fedora or Red Hat
…but at least flatpak is the savior in the end.
Flatpak definitely has a potential, I use them daily. Haven’t had any issues so far
caseyweederman ( @caseyweederman@lemmy.ca ) 5•9 months agoI’ve been… baffled… that all of Canonical’s different products don’t work better together.
Amy :3 ( @amycatgirl@lemmy.blahaj.zone ) English3•9 months agoIt’s not that they don’t work better in conjunction, it’s canonical’s lack of moderation in the snapcraft store.
This could’ve avoided day one by adding a manual review process (like what they are temporarily doing right now)
I don’t know how flathub handles new package submissions, but I think that they definitely need to have a process similar to what other distros have in place for native packages (heck, even Ubuntu’s own repos have a review process)
This is the best summary I could come up with:
Stemming from reports of several fake crypto apps appearing in Canonical’s Snap Store that aimed to steal user funds, temporary restrictions have been put in place while Canonical investigates the security matter.
A temporary manual review requirement has also been put in place on new Snap registrations.
This manual review is intended to thwart bad actors from registering names of legitimate applications (or at least legitimate sounding names) and using that as an avenue for pushing malicious Snaps to users.
"If you try to register a new snap while the requirement is active, you will be prompted to “request reserved name”.
Upon a successful manual review from the Snap Store staff, the name will be registered.
We want to thoroughly investigate this incident without introducing any noise into the system, and more importantly, we want to make sure our users have a safe and trusted experience with the Snap Store.
The original article contains 240 words, the summary contains 150 words. Saved 38%. I’m a bot and I’m open source!
Pantherina ( @Pantherina@feddit.de ) 10•9 months agoWooow Ubuntu didnt expect that huh…
Having a proprietary store ran by a single Company has nothing to do with Linuxes security model
Captain Beyond ( @beyond@linkage.ds8.zone ) 6•9 months agoWhen will we learn? (Drew DeVault, May 2022)
This isn’t even the first such incident with snap. https://github.com/canonical/snapcraft.io/issues/651
Hafiz Muhammad ( @HafizMuhammad@mastodon.social ) 5•9 months agoFedora > Ubuntu