Hahaha, SimpleX on Android is fine, the Desktop client is kinda incompatible with anything (no flatpak, the ubuntu version is kinda broken, no repo, their sync requires a random firewall port to be open)
Security is a compromise between convenience and safety.
However, simply using flatpaks isn’t inherently more secure than using a binary or compiling from source. But it can make it easier to be secure for people that don’t want to manage their own sandboxes.
It’s also easier for devs so they only have to make one version of their app which in theory should work on all systems. But in practice I find it doesn’t always work that way
The AUR is not verified or audited at all, isnt it? So you need to check every release if that script was modified to download something malicious. For sure this works somehow, but idk how.
And sandboxing… flatpak has GUI tooling unlike anything else. Bubblejail is usable.
Add SimpleX and Conversations-i2p
Yep SimpleX works great. Although every time I read the name I think of herpes.
Hahaha, SimpleX on Android is fine, the Desktop client is kinda incompatible with anything (no flatpak, the ubuntu version is kinda broken, no repo, their sync requires a random firewall port to be open)
Interesting. For my desktop, I just installed a binary from the AUR and it works wonderfully.
Yeah I avoid installing stuff to my system but I looked into RPM .spec files and that should be possible too. Flatpak would be the way to go though.
Personally, I do the opposite. I try to avoid flatpaks and the like. And the AUR enables that really well
Welcome to security I guess
Security is a compromise between convenience and safety.
However, simply using flatpaks isn’t inherently more secure than using a binary or compiling from source. But it can make it easier to be secure for people that don’t want to manage their own sandboxes.
It’s also easier for devs so they only have to make one version of their app which in theory should work on all systems. But in practice I find it doesn’t always work that way
The AUR is not verified or audited at all, isnt it? So you need to check every release if that script was modified to download something malicious. For sure this works somehow, but idk how.
And sandboxing… flatpak has GUI tooling unlike anything else. Bubblejail is usable.