Thanks for sharing. I looked through the article. `command-not-found` redirects and Typo-squatting on packages are improbable but possible given that there's rarely parity across any two app stores, but to re-iterate my original question, my question/concern is about what the data that is being shared w/ the app that I'm using.https://www.aquasec.com/blog/snap-trap- ... on-system/Snap Trap: The Hidden Dangers Within Ubuntu’s Package Suggestion System
Appreciate the response. Just to restate the first line of my question, I am concerned about a package from a third party repo, not from the official repo....and then you add in the oversight factor of a tested and vetted repository and the superior format is clearly deb. There is no explanation necessary for any software from a 'reputable' source that is different from any other foreign source.
There is no pro/con of the formats that matters, the difference is in delivery.
Curated repository wins.
Do you disagree with the articles I shared that show that installing .deb files from outside the Debian repo are a greater security risk than a containerized solution like flatpak or snap? It is possible that Canonical is a money-hungry company AND that they have a platform that is more secure when handling packages outside of the official debian repo...On top of that Snap are a kludge, a fat one at that, and one geared towards capitalization, that's all.
This is where we fundamentally disagree. Just because I accepted the ToS, that doesn't mean I cannot fight to protect my privacy.For a paid application, fine solution. I don't think there are privacy differences at all when you clamp down the worry to 'what is legal' - delivery doesn't matter, you clicked yes.
That is why I use firejail and blocked the internet for WPS Office when it tried to connect for no reason.
That I why I use Tracker Control on my Android phone to block apps trying to phone home.
That is why I use Firefox Multi-Account Containers so that the cookies I do concede are segmented and don't paint a full picture.
This thread was asking the question about what tools does Debian provide to protect privacy for non-official repo .deb installs, and objectively, that protection is not as complete as the modern containerization approach in snaps/flatpaks. As a Debian user, I can accept this, stop downloading 3rd party .deb files, and then immediately return to appreciating the various other positives that Debian provides.
Statistics: Posted by m4c-attack — 2024-06-26 08:16 — Replies 6 — Views 99