The Future of Flatpak

I sometimes see Linux users sneering at Windows and Mac design mistakes or lack of “freedom”… but then there’s stuff like this.

Of course, Linux is then conveniently redefined in a way that nobody can be responsible, with finger pointing on every issue, rather than admit design flaws like this plague Linux as a whole.

I wish there were such thing as just "installing Linux" on a computer, and it shows the penguin when you boot up.

I get that you already preempted this, but: Flatpack is a weird extra layer on top of Linux. Most distros have package managers that work just fine. These package managers predate Flatpack and basically are the main thing that the distro provides (other than the community, of course).

Many Ubuntu or Debian users still use Flatpak, don't they? Even though there's already apt-get.

You, kind of, don't have much of a choice. There's thousands of packages and it's a ton of work. In addition, as Linux continues to get more popular, more vendors are releasing software that doesn't care to work with newer libraries, so Flatpack handles this nicely.

I only use Linux on servers, so the kind of stuff I need is always traditional apt-get, but yeah I always assumed using it on a PC would involve tons of snap or flatpak apps where they don't want to deal with the complexities of dependencies.

Ok, I do have one spare Linux laptop in my garage that I barely use, and I'm pretty sure how ever I installed Chromium used snap.

There sort of is, but you can't do anything with it, because you essentially have no user space utilities?

For all of the crap that people gave the term "GNU/Linux" it's even more true today considering there are Linux-based operating systems that don't use GNU utilities.

gjsman-1000 talks about "design flaws" in Linux above, but Linux is just the kernel. There is no "Linux" operating system, despite everyone, and even Linus probably? using that term.

If you call booting init and getting a black screen "an operating system," well... that's cool I guess.

I doubt Linus ever talks to the GTK people in any meaningful way, or any other desktop environment authors. So, what design flaws?

Do you call a ladder a badly designed scaffold because it doesn't have a horizontal platform? No, it's just something entirely different all together.

"GNU/Linux" can still mean too many different things. Even ChromeOS qualifies as that. You want GNU/Linux help, you need to specify what DE and everything. Or as the other comment said, what Bluetooth stack. You can say you're using Manjaro Cinnamon and either that's not specific enough, or someone says it's your fault for not using KDE.

I'm comparing to Windows or Mac. There's only one Bluetooth audio stack in Windows. If you want help with it, whatever you find online will apply to you, unless of course you've gone out of your way to swap it for another. Unlike Windows, Linux is open and people can build their own flavors, but those can have their own names.

Don't even get me started with how Ubuntu changed its entire GUI like 3 times so that it's unrecognizable each time. Feel bad for whatever IT departments had to keep taking new screenshots of how to do stuff.

If you don't like the above there are several BSD systems that give you a useable OS. You probably want a deskto though which none give.

FreeBSD has a desktop, doesn't it?

…it’s just too bad that Bluetooth stack is one of the worst ever conceived, you have zero options for an alternative, and you still have to get all your help from a volunteer support team.

>Flatpack is a weird extra layer on top of Linux

My brother in christ, systemd, x11 and even GNU are weird extra layers on top of Linux. Linux is just the kernel. This is exactly what "redefining Linux so it's never responsible for 99% you need to put on top of Linux to have a functional modern OS" is about.

How would you do this on Windows?

I explicitly acknowledged that in the other half of the sentence you partially quoted.

I also explained why I thought it was not really right to focus on the deficiencies of Flatpack… so, I’m not sure what the point in repeating that would be. In conclusion,

> Linux is […] exactly what […] you need

I agree!

But those are even worse from this point of view, I have no control over which apps can access my camera, or microphone.

I'm personally disappointed that sandboxing isn't easier in Linux. I hoped it would move past Windows and Mac, imagine a world where the majority of libraries are sandboxed too, we only let compression and decompression libraries read one stream and write to another, this would improve security. This has been done by both Google (in Android) and Apple (in iOS and Mac OS X), but hasn't seen general acceptance in Linux (as far as I can tell).

Bluetooth is hard. But it'd at least be easier if the Linux community weren't maxing out on complexity before even reaching the hardware. Even Windows struggled with drivers for a while.

Because on Linux, everything is based around trusted security since you have access to the sources whereas on iOS and Android, every single app you install could be a malware so those systems are based on untrusted security.

Hahaha, oh that is a hilarious attitude, you really believe that F/OSS means that implicit trust can be granted all across the supply chain. That I have access to the source makes a lick of difference in terms of vulnerabilities or exploits that can be found.

Once in college I cited Linus's Law in an impassioned apologia for Open Source. And I was duly corrected. Because Linus's Law really has no basis in reality.

https://en.wikipedia.org/wiki/Linus%27s_law

The reason Linux has such a model of blind trust in system services and applications is because it was based on Unix, which had an even more naïve model, because mostly, it was administrators and authorized users installing that stuff, there was more top-down monitoring and control, and just a smaller incidence of naked malice.

It's the same thing we see in earlier versions of Windows, or macOS, or the Internet. Look at the Internet in the mid-90s. Was it secure, with all the open source running on it? Hell naw. Every OS and protocol is vulnerable and attacked, and every OS and protocol revises security models based on modern-day threats. F/OSS saves nobody and mitigates virtually nothing.

To answer the GP, sandboxing has to be bolted-in to Linux after the fact. Linux's POSIX model is so old and needs to be so compatible. The only sandboxing in SVR3 Unix was chroot(2), you know? The Docker support and cgroups and virtualization are all new layers, and need careful integration. Nobody says that F/OSS doesn't need sandboxing. Nobody says that F/OSS is so secure that it can deviate from better-secured models. Quite the opposite.

Android and iOS are clean starts, mostly; didn't need to be backwards compatible, so they're tuned to the latest threat models of adversarial computing as you describe. But every single app you install on Linux could be a malware, too. I have no idea what "trusted security" or "untrusted security" are, but they aren't real terms of art in Cybersecurity, and they do nothing to describe the provenance or evolution of Linux security (which often has a lot of unused mitigations such as AppArmor or SELinux that get turned off right quick.)

That assumes that there are never zero days or other unpatched vulnerabilities. You should not trust applications because you have access to the source. Nobody is actively auditing the vast majority of open source code, well except of malicious actors who probably have a handful of remotes in a lot of RSS readers, chat apps, microblogging clients, etc., which they can use to compromise activists and journalist naive enough to trust desktop Linux.

A lot of Android vulnerabilities are bugs in open source parsers of untrusted data (open source as in AOSP or more widely used open source libraries). But the impact is smaller because Android has proper security boundaries. If desktop Linux was as popular as Android -- we would have a security disaster of epic proportions.

IMO flatpak should assume untrusted too, unless it's a distro specific repository of strictly reviewed/controlled code (like Fedora Flatpak repo, etc).

Several:

https://docs.freebsd.org/en/books/handbook/desktop/

Yep, and there are (were? It's been a while since I checked) even "distros" of FreeBSD that are specialized for desktop use. The main downside of FreeBSD is that it doesn't dumb itself down to appeal to the masses, so while it's great for experienced users it's a bit painful for newbies.

But in the mean time, I still trust a Linux distribution more than my phone when it comes to my private data.

My Linux distribution doesn't have a built-in advertising id, unknown manufacturer modifications I can't even look at or shady processes which have more power than I do.

I think it's time for the tech community to move beyond just the tech side and understand that security is also a social contract.

Last time I used FreeBSD, I found it more inherently user-friendly than Linux distros, mainly because it has a very nice handbook (linked in a sibling comment) with realistic examples. Also seems to have more things built in.

What made FreeBSD harder in the end was just that fewer people use it, so tons of third-party software supports Linux better, and it's easier to find online answers.

This is kind of a sophism, of course it's not perfect (nothing is) but I'll still trust this model over Android or iOS which have a built-in advertising id, manufacturer modifications I can't even look at and shady processes which have more power than I do.

Security is also a social contract.

In my experience, most of the apps, even the desktop ones, are still packaged by the distribution.

Flatpack is useful for the few ones that aren’t or for actively developed apps that get new useful features frequently.

This is just a pivot though, if you don't have good security then your privacy is worth nothing.

Irony being that Mac OS X is the best at privacy out of the commercial OS out there.

In today's world, attacks on your data are much more common than targeted exploits on the kernel so I would put it in opposite order. If there's no privacy then there's no security.

> Irony being that Mac OS X is the best at privacy out of the commercial OS out there.

The bar is very low and OSX is still way below a Linux distribution

I don't know anyone who uses it.

See, that's why calling it "linux" instead of "gnu/linux" confuses people and generates confused comments such as yours :)

I don't think so.

I'm on Ubuntu and mostly use debs (apt), I'll use Snaps if that's the easiest way to get an update. I use Appimages for some ephemeral stuff or when that's the only way developers release it (some 3d printing stuff). I haven't installed Flatpaks at all because it doesn't jibe with the distro overall.

The *BSDs have all the same issues that Flatpak is trying to solve. (ports aint it.)

if they were working fine there would be not need for flatpak

Arguably they are working fine, and there is no need for flatpak. That’s been my personal experience anyway.

FreeBSD can run one of several desktops. It doesn't have a desktop though - they are all independent third party desktops. It is a subtle distinction that only rarely matters

> I doubt Linus ever talks to the GTK people in any meaningful way

Interestingly he has had arguments with them over the years, most fervently related to the development of https://subsurface-divelog.org/

Ubuntu? I suspect not. Why would you when Snap is right there and is just as easy?

Debian: probably, yes.

Ubuntu derivatives such as Mint, Zorin OS, and ArduinOS use Flatpak instead.

Others, such as Asmi and Linux Lite, remove snap and offer the user the option of adding it back if they wish.

Sure, but not as my first choice.

Flatpack also ain't it either. Sure flatpack solves a few issues, but it introduces others and so the problem isn't solve. Maybe it will be eventually (though the lack of maintenance implies it won't be), but today it isn't solve.

I found ports works very well myself - everything kept up to date with upstream, and they take care to rebuild everything all the time so you rarely run into library ABI issues.

Yep, most house doors locks won’t survive a well placed kick, but in a safer community, that’s all people have. But in less trusting neighborhoods, everyone use steel bars on windows and have an additional steel door for every wooden one.

So you still can have bad actors in the package manager model, but something like Adobe who treat user agency with contempt is less likely to happen.

So I trust my distros and its maintainers more than I trust Apple. And Apple already have most of my data via iOS.

Hah! I stand corrected. Thank you for that. I always forget about his diving software.

Ok, I remembered it having a DE preinstalled for some reason, but now that you mention it, I remember installing it myself.

The article is about the fact that work on Flatpack has really slowed down. So it is reasonable to wonder if maybe nobody found it useful enough to work on it.

I mostly use Linux on my laptop. I thought you server folks needed this kind of functionality—you guys have to, like, serve stuff, be visible on the network, install weird software for business needs, right? As an individual, I can crank up the firewall, trust all of the people who use my laptop (it is just me) and not install sketchy software.

Maybe if somebody made a paid version of Linux for desktops, they could pay for people to do the job of designing a sandbox and store.

It sounds like not many volunteers find it very fun (which isn’t surprising, it sounds incredibly tedious, high-stakes, and annoying to work on). This isn’t the sort of thing people do for free and it also isn’t obvious what the business model is supposed to be… the incentives aren’t here.

I'm not a server pro, I just use some dev servers at work and have home servers. Most I did was administer the dev servers for small startups where I was mainly a SWE. So what I mean is, I've mostly only used Linux remote+headless and not on my laptop/desktop.

Ah, I thought Ubuntu only had the Debian package manager, but that's not the case anymore.

Documentation-wise it's miles ahead of Linux, mostly because it's developed as a single project rather than a bunch of pieces. Whenever I need to look up anything POSIX in a man page, I always read through FreeBSD's man page first.

Good heavens no. This has not been the case for a decade or more!

The first version with snap as standard was 16.04 in 2016:

https://ubuntu.com/blog/canonical-unveils-6th-lts-release-of...

However Ubuntu Core, its immutable distro built entirely from snap packages, was launched in 2014 and there was a Core version of Ubuntu 12:

https://old-releases.ubuntu.com/releases/ubuntu-core/release...

There are about half a dozen cross-distro packaging schemes for Linux, including Nix, Guix, AppImage, Flatpak, Snap, and 0install.

However two are mainstream and supported by large vendors: Flatpak is from the GNOME organisation and is backed by Red Hat and Fedora, and Snap is a Canonical project and part of Ubuntu, the single most widely-used distribution by a considerable margin.

Install GrapheneOS on your phone, problem solved? You get all the security sandboxing and layering of Android (plus the Titan M2 secure element). And you can decide which app stores you want to use and if you find sandboxed Google Play Services acceptable.