How is it possible, that Signal still only provides a .deb package and no .rpm, or even better AppImage or Flatpak? There is an unofficial Flatpak but is it secure?

  • HoornseBakfiets@feddit.nl
    link
    fedilink
    arrow-up
    0
    ·
    5 months ago

    Personally I don’t understand the large warnings on flatpaks built by others, by that logic you should get a warning sign each time you download from the Ubuntu community apt repository.

    OSS is built out of love, and to me this warns guilty before proven innocent.

    • theorangeninja@lemmy.todayOP
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      Well I think you have to distinguish between a messenger and other programms, because a messenger has a lot of sensitive data.

    • t3rmit3@beehaw.org
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      5 months ago

      Just because something is built out of love does not make it safe, and attestation is about safety. You wouldn’t trust an un-attested surgical device, just because there’s a really positive community around its design.

      Signal is a life-or-death app for some people.