So Snap, is not so safe, I would guess this very same thing could happen to flatpak too.

Chat about just about anything else
Forum rules
Do not post support questions here. Before you post read the forum rules. Topics in this forum are automatically closed 30 days after creation.
Locked
Knightstmplr1
Level 3
Level 3
Posts: 100
Joined: Mon May 15, 2023 11:30 am

So Snap, is not so safe, I would guess this very same thing could happen to flatpak too.

Post by Knightstmplr1 »

I have always despised using either Snap or flatpak and have always refused to ever give in and use them.

I have always found .deb packaging to do the job quite well in Linux distro's.

This article below shows just how scammers have been able to scam users out of their bitcoins etc, simply by incorporating their scam into a Snap package.

I'm feeling this could also be the case with flatpak as well, this article below made for interesting reading for me this morning, enjoy.

https://www.theregister.com/2024/03/28/ ... ore_scams/

"Part of the problem is that these apps look legitimate to casual inspection because the Snap Store badges them as "safe." Unfortunately, that just means the apps are strictly confined in a sandbox, but for the scammers' purposes, that doesn't matter. The apps look like the real thing and use simple social engineering to extract users' credentials, which they then use to siphon off the victim's funds. But the apps can't touch your system, so by Snap confinement rules, they're "safe."

If this can be done so easily and escape notice, then these container based packages are not very "safe" at all by anyones standards.
Last edited by LockBot on Sun Apr 28, 2024 9:50 pm, edited 1 time in total.
Reason: Topic automatically closed 30 days after creation. New replies are no longer allowed.
User avatar
BenTrabetere
Level 7
Level 7
Posts: 1899
Joined: Sat Jul 19, 2014 12:04 am
Location: Hattiesburg, MS USA

Re: So Snap, is not so safe, I would guess this very same thing could happen to flatpak too.

Post by BenTrabetere »

Knightstmplr1 wrote: Fri Mar 29, 2024 10:25 amIf this can be done so easily and escape notice, then these container based packages are not very "safe" at all by anyones standards.
I consider them to be safe. I have Fedora and Ubuntu (and also Manjaro) on another machine, and I rotate using them weekly - I am not particularly fond of flatpak, but they have never given me any problem on Fedora. Same with Snaps and Ubuntu. I have used AppImages for almost as long as I have been using Linux, and I have a double-handful of them on my main driver that get regular use. Again, no problems.

I am fully aware there is a potential for malware in container-based packages, but the same potential also exists with traditional packages. As I understand it, the limiting factor is the security model for Linux - not perfect, but still very good.

I think it is a Good Thing™ Canonical and Flathub are taking steps to review their listings.
Patreon sponsor since August 2022
Image
rickNS
Level 10
Level 10
Posts: 3014
Joined: Tue Jan 25, 2011 11:59 pm

Re: So Snap, is not so safe, I would guess this very same thing could happen to flatpak too.

Post by rickNS »

Container packages are probably quite safe, for the most part anyway, first we have heard of them being tampered with?
However, investing in soap bubbles, or crypto-maginary currencies not so much. I have zero sympathy for people who put money into something you can not touch. I boggles my just how many people do. Some pretty smart people lost a lot of money too.
https://www.entrepreneur.com/business-n ... ore/443653
Mint 20.0, and 21.0 MATE on Thinkpads, 3 X T420, T450, T470, and X200
Locked

Return to “Open Chat”