input-leap will but it's still in development
wreckage
joined 2 years ago
I'm all for defensive driving, but if an animal (or someone) jumps at the front of your car at the last moment, how can you avoid it?
I agree. That's what I learn when I was in school. We also had to identify objective and subjective texts
You're correct, but just like you said, many applications need that.
If I install LibreOffice on Windows or Android, it'll also have access to all my files. I really don't see how that makes Linux more insecure.
Sure, ideally it would use portals, I just don't like the attitude of the blog post.
Addressing concerns or areas for improvement, and suggesting users solutions like installing Flatseal, would be far more constructive. Even better would be submitting pull requests to enhance security themselves, since they seem to know so much about it. Instead, they're just spreading FUD and complaining about small problems or nonsensical arguments like Windows adopting rust. Since when Rust is more used on Windows than Linux?
For instance, the blog post mentions Xorg's security concerns but overlooks mentioning Xorg's alternative Wayland, the default in most distributions when using KDE Plasma or Gnome, which are also the most used.
If security is so important, there are distros like Qubes OS, but most users don't need that level of paranoia, specially if it ruins workflow, performance and productivity
As far as I know, the only possible way to escape the sandbox is to use flatpak-spawn --host and add --talk-name=org.freedesktop.Flatpak but I only ever seen that on apps like vscode.
Imo, the point of flatpak's sandbox is to give an extra layer of protection in case of security vulnerabilities. Permissions exist so apps can still work as they're supposed to. It's not a virtual machine isolated from the rest of the system where you can or should install malware.
Besides, the manifest is public and needs to be approved to be on the default repository.
Even if a flatpak app has full access to host, they can't read the private data of other flatpak apps (~/.var).
First thing I read and it's not even true.
Flatpak's permissions are also far too broad to be meaningful. For example, many applications come with the filesystem=home or filesystem=host permissions, which grant read-write access to the user's home directory
You can absolutely have more narrow permissions
For example, by default, Firefox only has read/write access to xdg-download and mpv only has read access to host and write access to xdg-pictures (to save screenshots). Discord by default only has read access to xdg-videos and xdg-pictures and write access to xdg-download.
I'm not even going to waste time reading the rest...
I don't even check protondb anymore. If it's a single player game with no anticheats involved, I know it'll work.
The only reason I still have a windows Partition, is due to the lack of HDR support on Linux.
I recommend a RSS reader like Inoreader, FreshRSS, Tiny Tiny RSS
He looks like a very wise cat
Just because it's more modern doesn't mean it's a 1:1 replacement.
Wired is cheaper, and it has better quality, but it can also be annoying if you're doing sports.
It's the same for HD and SSD. I still prefer HD to store multimedia and backups, despite being slower and older than SSD.
There is no reason for them not to coexist.
That used to be true a few years ago, but now games just works without any tinkering from my experience. Except some online games due to kernel level anti cheats (like Fortnite and Valorant), but I prefer single player games anyway