Do you execute shell scripts that are curled from the internet?
Why not? The reason is probably the same why other people argue that they don't want to install desktop apps anymore.
They don't trust those apps, because the security model they have in place doesn't live up to their expectations. Most users don't use opensnitch, selinux or firejail because those tools - honestly - suck for normal users.
We need to make app sandboxing easier, GUI driven and as simple as the android settings app (when it comes to the approachability).
The dumpster config fatigue that is selinux is just a bad joke and nobody will ever be able to use this tool correctly without having to make thousands of mistakes.
We have to build better profilers that use reasonable sandboxes by default, and allow to generate a config automatically for the end users.
The useless tech that is flatpak/snap/appimage is pretty much not what it promised initially when it nowadays bundles a microkernel, shared libraries and everything the app needs ... but cannot even protect my user's profile folder from the app I'm running.
Why not? The reason is probably the same why other people argue that they don't want to install desktop apps anymore.
They don't trust those apps, because the security model they have in place doesn't live up to their expectations. Most users don't use opensnitch, selinux or firejail because those tools - honestly - suck for normal users.
We need to make app sandboxing easier, GUI driven and as simple as the android settings app (when it comes to the approachability).
The dumpster config fatigue that is selinux is just a bad joke and nobody will ever be able to use this tool correctly without having to make thousands of mistakes.
We have to build better profilers that use reasonable sandboxes by default, and allow to generate a config automatically for the end users.
The useless tech that is flatpak/snap/appimage is pretty much not what it promised initially when it nowadays bundles a microkernel, shared libraries and everything the app needs ... but cannot even protect my user's profile folder from the app I'm running.