There is a huge difference. I use only two types of software: Packages that are in the Debian "main" archive or software I wrote myself. Forget about the latter.
The former can have backdoors, of course, but at least there is some kind of control. Because the packages are built from source code, backdoors can be identified, hopefully. The security level will be even better when reproducible builds are in place.
Snap and xdg-app seem to a way to distribute untrusted, maybe even proprietary, programs to otherwise free systems. No idea, why one would want that, but some of their security improvements are very good, e.g. sandboxing, no maintainer scripts...
Power management, mobile and firmware developer on Linux. Security developer at Aurora. Ex-biologist. mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer. Also on Mastodon.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Re: The Horror!
Date: 2016-04-22 02:57 pm (UTC)The former can have backdoors, of course, but at least there is some kind of control. Because the packages are built from source code, backdoors can be identified, hopefully. The security level will be even better when reproducible builds are in place.
Snap and xdg-app seem to a way to distribute untrusted, maybe even proprietary, programs to otherwise free systems. No idea, why one would want that, but some of their security improvements are very good, e.g. sandboxing, no maintainer scripts...