Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too

Quoting: RedjeAnd I don’t really get the hype for flatpak.

That's easy: Regular Linux packaging is an unpredictable, outdated and in many cases broken mess. Flatpak is not ideal, but fixes most of the biggest packaging problems and actually makes desktop Linux usable even for regular, non-technical users. Especially when combined with "immutable" distributions such as Bazzite.

Last edited by AsciiWolf on 9 Jan 2026 at 7:52 pm UTC

forget flatpaks, i cant wait to see things like our 3D desktops and beloved cube in an 3D enviroment!

I just like Linux and have been using it for 27 years.

Everyone use it the way they want to use it, that’s been the entire point of the project.

Last edited by Woodlandor on 10 Jan 2026 at 1:37 am UTC

I appreciate the linked article from UploadVR. Powerful ideas here, and they're amplifying my recent surge of interest in the Steam Frame. I'm believing that there's some really cool potential for "Personal Computing in VR".

"What I had trouble conveying is why openness and offline computing matter. I want an appliance that's both hard to break and easy to use, and I want a playground for everyone at least as big as the one I had to explore in 1995."

It's challenging to convey these ideas in words, though we try. I want to imagine that people will get a Steam Frame and feel it when they wouldn't have otherwise, because they already had a phone and computer and such that never gave them that experience.
I want to see those ideas the article covers, of blurred lines between "users" and "developers", of people creating lateral value, be proven in the real world.

Especially while Meta's VR program is, apparently, pulling back from expensive "creator competitions" that attempted to solve the same problem with the same "firehose of cash" approach that's worked so well for the likes of Amazon and Epic (with all of their freebies, etc.).

They're retreating, and Valve might show them up here in a way they can't pass off as "Steam is too big to compete with, we tried everything except launching our digital retailer with basic features like a shopping cart. Completely unfair."
No, Horizon-whatever has been established, the hardware was subsidized, they put their entire corporate identity into the "metaverse"...

...and Valve might still show them up. They might fail, but that can be said of any venture, and I think they have a shot at it.

Quoting: LoudTechie

Quoting: Eike

Quoting: LoudTechieIt creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.

It does. It's Debian.

Quoting: LoudTechieEdit: On the different versions support: yeah probably, Debian, Red Hat and Canonical do that too. Backwards compatibility and usability sometimes require work. This time though each of these versions need only to be maintained once for all distros.

Except for some special cases with two major versions (which both are security fixed) - nope, this doesn't happen. Version 2.17 and version 2.18 of whatever uses the same places for the files, so they cannot coexist.

As a Debian user myself I just happen to directly be in a position to point you to a package that they don't maintain in their repo and I myself use happily with an already existing deb version and is fully dpkg compliant AppimageLauncher.

You've silently changed topic here. We were talking about every package being maintained security-wise, not every program in the world being packaged. See what we've referenced:

Quoting: LoudTechie

Quoting: Eike

Quoting: Liam DaweI firmly disagree. That is chaos. Every distribution has a different set of packages and versions, with security problems having to go through each distro for each package.

How does this create a problem for me? My distribution cares for it.

And doesn't Flatpak support different versions of the same package as the same time? So, you can have one without the security flaw - and at the same time one with the security flaw?

It creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.

So, yes, quite obviously, no distribution can package everything you might want. But this no argument against deb, rpm or whatever. The question at hand was if using deb is creating security issues due to missing manpower.

Quoting: LoudTechieAlso on versions. For every library I encounter in my development work apt offers like 8 different versions. For example gtk library: 2.0, 3 and 4 and the mosquitto library in several different implementations.

First, and I already mentioned this, this is not a problem if several different major library versions are packaged as long as they are all security maintained.

Second, I can name you 20 libraries that do not have different versions in Debian that you can install next to each other for any that you give me that does. Try me.

Quoting: LoudTechieDebian also this year published a desperate request for help, because of a lasting 100% manpower shortage for the debian data protection team.

This has nothing to do with security, it is about looking for GDPR issues.

There have been these leaks from a random site that all of the YouTubers are referencing regarding the leaked Steam Machine price. Some are saying $950 for the 512 GB model and up to $1100 for the 2 TB model. Of course these are not official, but we are in a RAM crisis.

What I never liked about Valve was their distribution method of only selling the hardware on Steam. No Amazon, no Best Buy, and no Walmart. It would be awesome if I could see a Steam Machine (Steam Deck too!) kiosk at Target so people know it exits. Heck, maybe the boxes for the Steam Machine could advertise that you can play thousands and thousands of games and the latest titles that come out next to Xbox and Playstation.

But they won't. They will instead tailor to the Gen-X/Millennial Steam user with a huge library and disposable income instead of bringing in new blood. This forces a user to randomly create a Steam account and THEN buy a Steam Machine vs buying a Steam Machine on Amazon or Best Buy and then they get the Steam account.

Quoting: Eike

Quoting: LoudTechie

Quoting: Eike

Quoting: LoudTechieIt creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.

It does. It's Debian.

Quoting: LoudTechieEdit: On the different versions support: yeah probably, Debian, Red Hat and Canonical do that too. Backwards compatibility and usability sometimes require work. This time though each of these versions need only to be maintained once for all distros.

Except for some special cases with two major versions (which both are security fixed) - nope, this doesn't happen. Version 2.17 and version 2.18 of whatever uses the same places for the files, so they cannot coexist.

As a Debian user myself I just happen to directly be in a position to point you to a package that they don't maintain in their repo and I myself use happily with an already existing deb version and is fully dpkg compliant AppimageLauncher.

You've silently changed topic here. We were talking about every package being maintained security-wise, not every program in the world being packaged. See what we've referenced:

Quoting: LoudTechie

Quoting: Eike

Quoting: Liam DaweI firmly disagree. That is chaos. Every distribution has a different set of packages and versions, with security problems having to go through each distro for each package.

How does this create a problem for me? My distribution cares for it.

And doesn't Flatpak support different versions of the same package as the same time? So, you can have one without the security flaw - and at the same time one with the security flaw?

It creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.

So, yes, quite obviously, no distribution can package everything you might want. But this no argument against deb, rpm or whatever. The question at hand was if using deb is creating security issues due to missing manpower.

Quoting: LoudTechieAlso on versions. For every library I encounter in my development work apt offers like 8 different versions. For example gtk library: 2.0, 3 and 4 and the mosquitto library in several different implementations.

First, and I already mentioned this, this is not a problem if several different major library versions are packaged as long as they are all security maintained.

Second, I can name you 20 libraries that do not have different versions in Debian that you can install next to each other for any that you give me that does. Try me.

Quoting: LoudTechieDebian also this year published a desperate request for help, because of a lasting 100% manpower shortage for the debian data protection team.

This has nothing to do with security, it is about looking for GDPR issues.

First my excuses. It was not my goal to change the topic. A. We have a definition difference. Maintenance is in my eyes less to not even about security. Maintenance is in my eyes the first place keeping something functional and compatible within your distro, B. In my logic every program can be critical for someone's workflow, since I and distros don't have the data to reliably determine that it's not. This is the explanation for my topic change. Not a counterpoint.

Further on your second point. I'm not actually arguing that distro specific packages should disappear.
As I said before somewhere in this thread, they should as they were designed to apply to everything that requires root, such as drivers and other virus scanners. Things that don't, like games, applications and production software need a different system, than "distro approved". This isn't only, because it's less work, but also because "centrally approved" is a model ripe for abuse when Linux compatibility starts to matter to the market. Flatpak couldn't if it wanted, since as a containerized package format it can't run in ring0 and can thus not update things like the kernel itself.

On your third point. Truly, I thought that when you said that maintaining two package versions one with and without security flaw it was a counterpoint to the part you quoted, which stated that making a package distro independent was less work. This seems to be the same miscommunication as the past one. I was talking about how reduced developer effort had the potential of flowing over in better support. You were talking about how you disliked Flathub's policies.
In that sense the best argument in that direction is a rant of the developer of the default login of screen of if I remember correctly Gnome about how Debian's slowness in updating was keeping DOS(denial of service) patches at bay. Yet, I'm more inclined to agree with you than disagree in this sense. I use debian and avoid flathub(fedora's flatpak repo receives some leeway), because I agree with many of debians repo policies. I personally, also very much disagree with flathub's easy going attitude towards proprietary software.
I simply think the tech and movement show promise.

(Also on the argument I mentioned that dude was totally making a mountain about a mole hole. He was considering a technically advanced attacker who couldn't do a DMA attack, but still had physical access.)

On your final point. If you violate the law and don't handle it in time the government will take away your availability. The gdpr specifically is about ensuring confidentiality for the most personal data someone has. Availability and confidentiality are totally security. They're two thirds of the CIA triad.

Edit: Also my original point about manpower still stands, because there was nobody the project leader had to spring in. This takes away their time from other functions. One of the primary functions of any open source project leader is handling high profile responsible disclosure cases and negotiating about vendor support(vendor support is a functionality thing I admit, so you can from your definition of maintenance skip that one.

On the security comparison in this thread I actually mentioned another point. Against falthub's security policies..
Flathub fully relies on the security benefits of the containerization of flatpack to correct for all kinds of policy shortcomings.
Distro maintainers on the other hand rely on policy to avoid containerization.
For very needy programs like kernels, virus scanners and drivers containerization offers little benefit, since "the principle of least privilege" still means essentially full system access. As such containerization can't really do anything to help, while policy does help.
Yet for more limited programs like applications and games "the principle of least privilege" offers more protection. Flathub uses this to provide convenience instead of security, so if your favorite distro's, distro specific repos in their package manager and potentially a well curated flatpack repo with strict policies, such as the fedora repo. If you seek convenience flathub offers quite good value. It still by the offers bad value in the needy program category(see the local Steam complaints), but that's already well filled with distro specific packages.
In both cases Flatpak can offer value, but it needs to be used very differently.

Last edited by LoudTechie on 10 Jan 2026 at 4:24 pm UTC

Packaging for Linux is important to be easy and efficient. Flatpak and Snap are both great for creating a universal package distribution.

Quoting: dziadulewiczPackaging for Linux is important to be easy and efficient. Flatpak and Snap are both great for creating a universal package distribution.

For Flatpak I agree, that's one of its use cases.
Snap takes the federalization of standard package managers away, meaning that it's only compatible with a single centrally managed repo, this makes it way too sensitive to squables, rifts and manpower problems.

Quoting: Eike

Quoting: Tethys84Except nobody will be able to afford the Steam Machine. I would be surprised if Valve didn't indefinitely delay or even eventually cancel it because of the skyrocketing prices on RAM alone.

It depends. If they made a fixed price contract early enough, they might be able to offer their boxes cheap.

Yeah. After all, this is not a cost of production problem, it is a "what the traffic will bear" supply and demand problem. So if some manufacturer has a contract to deliver hardware for $X, they will still make money doing that, just not as much money as they think they can bilk us for.

Quoting: AsciiWolf

Quoting: RedjeAnd I don’t really get the hype for flatpak.

and actually makes desktop Linux usable even for regular, non-technical users.

Flatpak has uses, some of the stuff you said is true, but this is ridiculous. I am a regular, non-technical user. I use Mint, it's the most user-friendly distro around. It is possible to install Flatpaks in Mint, and I have installed a couple, but not enough to make a noticeable difference to how usable my desktop is. Flatpaks are some icing on one or two slices of the cake for "regular, non-technical users".

Being non-technical does not mean I can't recognize a statement that completely contradicts the reality of my experience when I see one.