target OS is debian or linux mint

  • Spectacle8011@lemmy.comfysnug.space
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    This is kind of a bad comparison. Theoretically, malicious authors could sign their Flatpak packages and Flatpak could verify it with cryptography. It doesn’t matter if you’re downloading a “crypto-wallet” that’s really just a phishing exercise.

    • delirious_owl
      link
      fedilink
      arrow-up
      2
      ·
      6 months ago

      That’s why they put their public key fingerprint on many distinct domains, and users can import them and pin them. Flatpak doesn’t support this. Apt does.