I’ll stick to Session anyways.
Nice move. AppImage makes distribution much simpler, especially for people who don’t want to depend on a specific package manager.
IMO flatpaks are a better option, appimages are just bringing people back to the insecure “find it on a website and download it” method of package management
This is also one of the reasons why I dislike curl sh
Flatpaks can be unsafe too though.
Can’t wait for them to adopt the community-maintained Flathub version.
Did they publish source?
Is that preferred over other types of distributions of the application?
The flatpak has always been unofficial so many people distrust it for that reason
The
signal-desktoppackage on Arch Linux isn’t official either, I’m guessing — should that not be trusted either?If you don’t trust your distro packages, you should not use that distro. In my mind Arch Linux maintainers are way more trustworthy than a random guy maintaining the Flathub version.
If you don’t trust your distro packages, you should not use that distro.
Kind of my point. How high should my trust fence be before I can’t install anything at all. 😅
Didn’t Arch just have a major security issue due to their packages essentially being random guys too? (And I think the same thing could theoretically happen to most distributions?)
No. Their “here’s also this unofficial repository of builds completely maintained by random community users… USE AT YOUR OWN RISK - You have been warned!” ArchUserRepository got the least used (often long abandoned) packages hijacked by some bad actors.
But “Less than 1% of the least used packages in the unofficial repository you were explicitly warned about got hijacked by people trying to infect oyur PC” would not have been an interesting headline gathering attention.
No, that was AUR. Those were user-generated packages with nearly no vetting.
To add to that, the wiki also makes it pretty clear users should be careful. It’s nice to have for packages that aren’t in the main repos, so it makes sense to have it somewhat part of the distro, but it does take manual effort to install aur packages, so in my mind, that’s the best way to do it.
Big red label at the top: https://wiki.archlinux.org/title/Arch_User_Repository
Windows users are out there downloading random exe files…
Does it still require a phone number, thus eliminating all possibility of privacy?
yeah I have concerns about using signal as well. but that’s unfortunately grounds for a witch hunt in these parts.
people who use signal are obsessed with defending it at all costs. they’re a scary bunch. the users honestly turned me off to using the app as much as the app itself did.
There’s a difference between privacy and anonymity. You can have privacy without anonymity. So, it’s about what you want out of the app. If you’re looking for anonymity then it’s not the app for you, and there are other apps that can do that better.
You still require a phone number to register. You can then create a username and hide your phone number. That’s what Signal offers at this time.







