Distributing through Flathub is insecure?

FeatherWallet creator shared his findings:

1 Like

While I appreciate their concerns about signing and auditing limitations and runtime bloat, it strikes me as plainly biased that they characterize debian as being good because its popularity increases scrutiny, while flatpak is bad because its popularity makes it an enticing target.


To play devil’s advocate, the big difference there is Debian having single source of true vs Flatpak having everyone who is willing as source

1 Like

Maybe that’s why bitwarden doesn’t have flatpak

So now im gonna change all my flatpaks to appimages :scream::sob:

Gonna use this to keep them updated

As per Distrotube video

Good old privacy, never ending journey.

Appimages are worse than Flatpaks from this topic’s standpoint. There’s no signed package verification whatsoever.

The problem is with Flathub, not flatpaks, they are good.

Well, there’s one, but it is unofficial.

Well the flatpak just downloads the official deb and ships that. The poc for a flaptak is there, Bitwarden have just not taken ownership of the flathub app yet.