The Future of Flatpak

Nice breakdown. I'm new to Linux and didn't know about this:

> Flatpak still uses PulseAudio even if a host system uses PipeWire. The problem with that is that PulseAudio bundles together access to speakers and microphones—you can have access to both, or neither, but not just one. So if an application has access to play sound, it also has access to capture audio

That's a pretty decent sized hole.

I sometimes see Linux users sneering at Windows and Mac design mistakes or lack of “freedom”… but then there’s stuff like this.

Of course, Linux is then conveniently redefined in a way that nobody can be responsible, with finger pointing on every issue, rather than admit design flaws like this plague Linux as a whole.

I get that you already preempted this, but: Flatpack is a weird extra layer on top of Linux. Most distros have package managers that work just fine. These package managers predate Flatpack and basically are the main thing that the distro provides (other than the community, of course).

But those are even worse from this point of view, I have no control over which apps can access my camera, or microphone.

I'm personally disappointed that sandboxing isn't easier in Linux. I hoped it would move past Windows and Mac, imagine a world where the majority of libraries are sandboxed too, we only let compression and decompression libraries read one stream and write to another, this would improve security. This has been done by both Google (in Android) and Apple (in iOS and Mac OS X), but hasn't seen general acceptance in Linux (as far as I can tell).

Because on Linux, everything is based around trusted security since you have access to the sources whereas on iOS and Android, every single app you install could be a malware so those systems are based on untrusted security.

That assumes that there are never zero days or other unpatched vulnerabilities. You should not trust applications because you have access to the source. Nobody is actively auditing the vast majority of open source code, well except of malicious actors who probably have a handful of remotes in a lot of RSS readers, chat apps, microblogging clients, etc., which they can use to compromise activists and journalist naive enough to trust desktop Linux.

A lot of Android vulnerabilities are bugs in open source parsers of untrusted data (open source as in AOSP or more widely used open source libraries). But the impact is smaller because Android has proper security boundaries. If desktop Linux was as popular as Android -- we would have a security disaster of epic proportions.

But in the mean time, I still trust a Linux distribution more than my phone when it comes to my private data.

My Linux distribution doesn't have a built-in advertising id, unknown manufacturer modifications I can't even look at or shady processes which have more power than I do.

I think it's time for the tech community to move beyond just the tech side and understand that security is also a social contract.