How is it possible, that Signal still only provides a .deb package and no .rpm, or even better AppImage or Flatpak? There is an unofficial Flatpak but is it secure?

    • t3rmit3@beehaw.org
      link
      fedilink
      arrow-up
      6
      ·
      edit-2
      6 months ago

      Just because something is built out of love does not make it safe, and attestation is about safety. You wouldn’t trust an un-attested surgical device, just because there’s a really positive community around its design.

      Signal is a life-or-death app for some people.

      • Successful_Try543@feddit.de
        link
        fedilink
        arrow-up
        1
        ·
        6 months ago

        The ‘appstore’ of some distributions, e.g. Linux Mint, displays a warning or hint for unofficial flatpaks. In Mint the display of unofficial flatpaks are toggled off by default and there is a warning or recommendation displayed against toggling on.