Support us on Patreon
PayPalLatest Comments by LoudTechie
Canonical call for testing their Steam gaming Snap for Arm Linux
10 Jan 2026 at 7:32 pm UTC
10 Jan 2026 at 7:32 pm UTC
Quoting: Purple Library GuySnap is for if you really, really want vendor support and/or if you're using Ubuntu.Quoting: LinuxerSteam snap works greatt including all the goodies inside fo gamer by default too but the flatpak of Steam is still a mess cos of access restrictions etc and cant be recommended just sayinMy distro packages Steam, so it's kind of a non-issue. IMO Flatpak is for things the distro isn't already packaging and for commercial things the distro can't package. And Snap is, um, for if you're using Ubuntu I guess.
Linaro reveal they're collaborating with Valve for the Steam Frame
10 Jan 2026 at 5:45 pm UTC Likes: 3
Documenting your experience in a forum post or something can really help others.
10 Jan 2026 at 5:45 pm UTC Likes: 3
Quoting: tfkI've ordered the FLX1s bundle. Let's see if this phone will set me free of Google's claws.Can we see too, when you do?
Documenting your experience in a forum post or something can really help others.
Canonical call for testing their Steam gaming Snap for Arm Linux
10 Jan 2026 at 4:38 pm UTC Likes: 6
10 Jan 2026 at 4:38 pm UTC Likes: 6
I think this is great news.
Canonical might unnecessarily cling to snap, but at least they're doing research in a known and reported problem.
Steam's compatibility with containerized package formats and repo policies.
Canonical might unnecessarily cling to snap, but at least they're doing research in a known and reported problem.
Steam's compatibility with containerized package formats and repo policies.
Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too
10 Jan 2026 at 4:30 pm UTC Likes: 3
Snap takes the federalization of standard package managers away, meaning that it's only compatible with a single centrally managed repo, this makes it way too sensitive to squables, rifts and manpower problems.
10 Jan 2026 at 4:30 pm UTC Likes: 3
Quoting: dziadulewiczPackaging for Linux is important to be easy and efficient. Flatpak and Snap are both great for creating a universal package distribution.For Flatpak I agree, that's one of its use cases.
Snap takes the federalization of standard package managers away, meaning that it's only compatible with a single centrally managed repo, this makes it way too sensitive to squables, rifts and manpower problems.
Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too
10 Jan 2026 at 3:19 pm UTC
Further on your second point. I'm not actually arguing that distro specific packages should disappear.
As I said before somewhere in this thread, they should as they were designed to apply to everything that requires root, such as drivers and other virus scanners. Things that don't, like games, applications and production software need a different system, than "distro approved". This isn't only, because it's less work, but also because "centrally approved" is a model ripe for abuse when Linux compatibility starts to matter to the market. Flatpak couldn't if it wanted, since as a containerized package format it can't run in ring0 and can thus not update things like the kernel itself.
On your third point. Truly, I thought that when you said that maintaining two package versions one with and without security flaw it was a counterpoint to the part you quoted, which stated that making a package distro independent was less work. This seems to be the same miscommunication as the past one. I was talking about how reduced developer effort had the potential of flowing over in better support. You were talking about how you disliked Flathub's policies.
In that sense the best argument in that direction is a rant of the developer of the default login of screen of if I remember correctly Gnome about how Debian's slowness in updating was keeping DOS(denial of service) patches at bay. Yet, I'm more inclined to agree with you than disagree in this sense. I use debian and avoid flathub(fedora's flatpak repo receives some leeway), because I agree with many of debians repo policies. I personally, also very much disagree with flathub's easy going attitude towards proprietary software.
I simply think the tech and movement show promise.
(Also on the argument I mentioned that dude was totally making a mountain about a mole hole. He was considering a technically advanced attacker who couldn't do a DMA attack, but still had physical access.)
On your final point. If you violate the law and don't handle it in time the government will take away your availability. The gdpr specifically is about ensuring confidentiality for the most personal data someone has. Availability and confidentiality are totally security. They're two thirds of the CIA triad.
Edit: Also my original point about manpower still stands, because there was nobody the project leader had to spring in. This takes away their time from other functions. One of the primary functions of any open source project leader is handling high profile responsible disclosure cases and negotiating about vendor support(vendor support is a functionality thing I admit, so you can from your definition of maintenance skip that one.
On the security comparison in this thread I actually mentioned another point. Against falthub's security policies..
Flathub fully relies on the security benefits of the containerization of flatpack to correct for all kinds of policy shortcomings.
Distro maintainers on the other hand rely on policy to avoid containerization.
For very needy programs like kernels, virus scanners and drivers containerization offers little benefit, since "the principle of least privilege" still means essentially full system access. As such containerization can't really do anything to help, while policy does help.
Yet for more limited programs like applications and games "the principle of least privilege" offers more protection. Flathub uses this to provide convenience instead of security, so if your favorite distro's, distro specific repos in their package manager and potentially a well curated flatpack repo with strict policies, such as the fedora repo. If you seek convenience flathub offers quite good value. It still by the offers bad value in the needy program category(see the local Steam complaints), but that's already well filled with distro specific packages.
In both cases Flatpak can offer value, but it needs to be used very differently.
10 Jan 2026 at 3:19 pm UTC
Quoting: EikeFirst my excuses. It was not my goal to change the topic. A. We have a definition difference. Maintenance is in my eyes less to not even about security. Maintenance is in my eyes the first place keeping something functional and compatible within your distro, B. In my logic every program can be critical for someone's workflow, since I and distros don't have the data to reliably determine that it's not. This is the explanation for my topic change. Not a counterpoint.Quoting: LoudTechieYou've silently changed topic here. We were talking about every package being maintained security-wise, not every program in the world being packaged. See what we've referenced:Quoting: EikeAs a Debian user myself I just happen to directly be in a position to point you to a package that they don't maintain in their repo and I myself use happily with an already existing deb version and is fully dpkg compliant AppimageLauncher.Quoting: LoudTechieIt creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.It does. It's Debian.
Quoting: LoudTechieEdit: On the different versions support: yeah probably, Debian, Red Hat and Canonical do that too. Backwards compatibility and usability sometimes require work. This time though each of these versions need only to be maintained once for all distros.Except for some special cases with two major versions (which both are security fixed) - nope, this doesn't happen. Version 2.17 and version 2.18 of whatever uses the same places for the files, so they cannot coexist.
Quoting: LoudTechieSo, yes, quite obviously, no distribution can package everything you might want. But this no argument against deb, rpm or whatever. The question at hand was if using deb is creating security issues due to missing manpower.Quoting: EikeIt creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.Quoting: Liam DaweI firmly disagree. That is chaos. Every distribution has a different set of packages and versions, with security problems having to go through each distro for each package.How does this create a problem for me? My distribution cares for it.
And doesn't Flatpak support different versions of the same package as the same time? So, you can have one without the security flaw - and at the same time one with the security flaw?
Quoting: LoudTechieAlso on versions. For every library I encounter in my development work apt offers like 8 different versions. For example gtk library: 2.0, 3 and 4 and the mosquitto library in several different implementations.First, and I already mentioned this, this is not a problem if several different major library versions are packaged as long as they are all security maintained.
Second, I can name you 20 libraries that do not have different versions in Debian that you can install next to each other for any that you give me that does. Try me.
Quoting: LoudTechieDebian also this year published a desperate request for help, because of a lasting 100% manpower shortage for the debian data protection team.This has nothing to do with security, it is about looking for GDPR issues.
Further on your second point. I'm not actually arguing that distro specific packages should disappear.
As I said before somewhere in this thread, they should as they were designed to apply to everything that requires root, such as drivers and other virus scanners. Things that don't, like games, applications and production software need a different system, than "distro approved". This isn't only, because it's less work, but also because "centrally approved" is a model ripe for abuse when Linux compatibility starts to matter to the market. Flatpak couldn't if it wanted, since as a containerized package format it can't run in ring0 and can thus not update things like the kernel itself.
On your third point. Truly, I thought that when you said that maintaining two package versions one with and without security flaw it was a counterpoint to the part you quoted, which stated that making a package distro independent was less work. This seems to be the same miscommunication as the past one. I was talking about how reduced developer effort had the potential of flowing over in better support. You were talking about how you disliked Flathub's policies.
In that sense the best argument in that direction is a rant of the developer of the default login of screen of if I remember correctly Gnome about how Debian's slowness in updating was keeping DOS(denial of service) patches at bay. Yet, I'm more inclined to agree with you than disagree in this sense. I use debian and avoid flathub(fedora's flatpak repo receives some leeway), because I agree with many of debians repo policies. I personally, also very much disagree with flathub's easy going attitude towards proprietary software.
I simply think the tech and movement show promise.
(Also on the argument I mentioned that dude was totally making a mountain about a mole hole. He was considering a technically advanced attacker who couldn't do a DMA attack, but still had physical access.)
On your final point. If you violate the law and don't handle it in time the government will take away your availability. The gdpr specifically is about ensuring confidentiality for the most personal data someone has. Availability and confidentiality are totally security. They're two thirds of the CIA triad.
Edit: Also my original point about manpower still stands, because there was nobody the project leader had to spring in. This takes away their time from other functions. One of the primary functions of any open source project leader is handling high profile responsible disclosure cases and negotiating about vendor support(vendor support is a functionality thing I admit, so you can from your definition of maintenance skip that one.
On the security comparison in this thread I actually mentioned another point. Against falthub's security policies..
Flathub fully relies on the security benefits of the containerization of flatpack to correct for all kinds of policy shortcomings.
Distro maintainers on the other hand rely on policy to avoid containerization.
For very needy programs like kernels, virus scanners and drivers containerization offers little benefit, since "the principle of least privilege" still means essentially full system access. As such containerization can't really do anything to help, while policy does help.
Yet for more limited programs like applications and games "the principle of least privilege" offers more protection. Flathub uses this to provide convenience instead of security, so if your favorite distro's, distro specific repos in their package manager and potentially a well curated flatpack repo with strict policies, such as the fedora repo. If you seek convenience flathub offers quite good value. It still by the offers bad value in the needy program category(see the local Steam complaints), but that's already well filled with distro specific packages.
In both cases Flatpak can offer value, but it needs to be used very differently.
Linaro reveal they're collaborating with Valve for the Steam Frame
9 Jan 2026 at 8:02 pm UTC Likes: 1
9 Jan 2026 at 8:02 pm UTC Likes: 1
Quoting: fabertaweThe granny problem is probably what Steam pocket people are hoping Valve will fix, since they made such great strides in handling that on the Steam Deck.Quoting: JarmerI would LOVE to switch to a linux phone, but for me a daily driver has to have the following:The phone I already mentioned does all of those things apart from maybe the banking app (depends on the bank). I use PureMaps (Linux) with voice navigation. I have bluetoothed to my car, bluetooth speaker, TV, earbuds and headphones. Also records video.
- banking apps for remote deposit and other stuff
- reliable maps with gps and navigation
- whatsapp & signal & sms
- bluetooth connection to car audio
- all day long battery with medium usage
- decent camera - don't need fanstastic features, just need to be able to quickly open and snap kids moments
so far I don't think there is anything?
Edit: disclaimer: there are teething troubles with the new phone (I have the original) but they will get ironed out very quickly (as with the original, no issues for me), the devs are amazingly productive for a small team and super helpful.
Also, you can't switch your Granny to one of these from Android (that's what they're ultimately aiming for though), you'll need some Linux experience to get the best out of it and really enjoy it.
Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too
9 Jan 2026 at 7:41 pm UTC Likes: 2
Also on versions. For every library I encounter in my development work apt offers like 8 different versions. For example gtk library: 2.0, 3 and 4 and the mosquitto library in several different implementations.
Debian also this year published a desperate request for help, because of a lasting 100% manpower shortage for the debian data protection team.
I've also encountered several times that debian warned me about the fact that this version still had unpatched vulnerabilities.
Edit: I'm willing to believe the flathub maintainers to be more lax than the Debian maintainers and thus leave more unpatched packages in their repo, but flathub isn't flatpack. Fedora has its own repo and a few others do too. This is actually the primary feature that differentiates it from Snap.
9 Jan 2026 at 7:41 pm UTC Likes: 2
Quoting: EikeAs a Debian user myself I just happen to directly be in a position to point you to a package that they don't maintain in their repo and I myself use happily with an already existing deb version and is fully dpkg compliant AppimageLauncher.Quoting: LoudTechieIt creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages.It does. It's Debian.
Quoting: LoudTechieEdit: On the different versions support: yeah probably, Debian, Red Hat and Canonical do that too. Backwards compatibility and usability sometimes require work. This time though each of these versions need only to be maintained once for all distros.Except for some special cases with two major versions (which both are security fixed) - nope, this doesn't happen. Version 2.17 and version 2.18 of whatever uses the same places for the files, so they cannot coexist.
Also on versions. For every library I encounter in my development work apt offers like 8 different versions. For example gtk library: 2.0, 3 and 4 and the mosquitto library in several different implementations.
Debian also this year published a desperate request for help, because of a lasting 100% manpower shortage for the debian data protection team.
I've also encountered several times that debian warned me about the fact that this version still had unpatched vulnerabilities.
Edit: I'm willing to believe the flathub maintainers to be more lax than the Debian maintainers and thus leave more unpatched packages in their repo, but flathub isn't flatpack. Fedora has its own repo and a few others do too. This is actually the primary feature that differentiates it from Snap.
Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too
9 Jan 2026 at 7:28 pm UTC Likes: 1
A. Distro independence. By having every package keep to itself differences between distros don't hurt the packages.
B. Unsigned proprietary packages. FOSS packages are easy to verify, because you can inspect them for unwanted behavior. Especially, since uncovering the tools used is one of the primary ways to identify malware developers. It's, why many repositories can include packages from people they wouldn't normally trust or even totally anonymous sources. For proprietary packages you don't have this luxury unless your name is Apple. As such the trust placed in proprietary packages normally flows directly from the trust in their developer, which is achieved with having them sign their packages. Now the question arises, what if we want proprietary packages, but their developer refuses to support our obscure package manager and thus sign it. This is where the hybrid approach of containerization comes in: you might not be able to inspect the code, but you can inspect the container limits and at least assure yourself it doesn't touch anything it shouldn't touch.
9 Jan 2026 at 7:28 pm UTC Likes: 1
Quoting: PyrateI hope Valve goes all in and makes an official Steam client flatpak.To me the containerization is the price for a few very important flatpack/flathub features.
Also hope SteamOS finally moves to Wayland whenever the Frame and Machine come out.
Flatpak's advantages are curious, I've noticed that the convenience benefits it brings have started to come in opposition with the security and containerization aspect it first featured. For me, I'd drop the containerization if it meant Flatpak becoming the user package manager for all Linux. Maybe there can be a standalone variant for the security benefits so that aspect is still present in a separate capacity.
A. Distro independence. By having every package keep to itself differences between distros don't hurt the packages.
B. Unsigned proprietary packages. FOSS packages are easy to verify, because you can inspect them for unwanted behavior. Especially, since uncovering the tools used is one of the primary ways to identify malware developers. It's, why many repositories can include packages from people they wouldn't normally trust or even totally anonymous sources. For proprietary packages you don't have this luxury unless your name is Apple. As such the trust placed in proprietary packages normally flows directly from the trust in their developer, which is achieved with having them sign their packages. Now the question arises, what if we want proprietary packages, but their developer refuses to support our obscure package manager and thus sign it. This is where the hybrid approach of containerization comes in: you might not be able to inspect the code, but you can inspect the container limits and at least assure yourself it doesn't touch anything it shouldn't touch.
Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too
9 Jan 2026 at 6:57 pm UTC Likes: 1
The ideal of a Flatpack like situation is that all maintainers together need to do just as much work as one distribution.
Edit: On the different versions support: yeah probably, Debian, Red Hat and Canonical do that too. Backwards compatibility and usability sometimes require work. This time though each of these versions need only to be maintained once for all distros.
9 Jan 2026 at 6:57 pm UTC Likes: 1
Quoting: EikeIt creates a problem for you, because your distribution doesn't have enough manpower to maintain all packages. This means they will skip some packages which might be critical for your workflow.Quoting: Liam DaweI firmly disagree. That is chaos. Every distribution has a different set of packages and versions, with security problems having to go through each distro for each package.How does this create a problem for me? My distribution cares for it.
And doesn't Flatpak support different versions of the same package as the same time? So, you can have one without the security flaw - and at the same time one with the security flaw?
The ideal of a Flatpack like situation is that all maintainers together need to do just as much work as one distribution.
Edit: On the different versions support: yeah probably, Debian, Red Hat and Canonical do that too. Backwards compatibility and usability sometimes require work. This time though each of these versions need only to be maintained once for all distros.
Steam Frame and Steam Machine will be another good boost for Flatpaks and desktop Linux overall too
9 Jan 2026 at 6:45 pm UTC Likes: 2
B. As the history of appimage and android APK's clearly displays those large players you mentioned would've loved a neatly unified approach to package distribution.
C. The third software freedom is formulated by the fsf as and I quote here: "The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this." Clarifying here clearly that shared by those experts you mentioned aren't only meant for themselves, but for the entire community. You might argue that only the developers qualify under the community, but that isn't how I see it used generally. Most of the time it's used to describe all users. The fsf is a group of those contributing experts. This implies that at least some of these experts don't develop it just for experts.
D. The beauty of open source is that it's the tide that lifts all boats. As such Valve indeed gets to lift on the works of others with Linux and the ecosystem. Yet, it also adds to Linux and the ecosystem by submitting its own patches. These patches add value for many beyond Valve. For these patches I'm thankful towards Valve even though they as such benefit from community support and R&D savings. They drastically improved Wine, gave KDE some neat extras, solved several driver issues and enabled equal graphics processing with Windows through their contributions to the Khronos project.
E. Your Snap analysis shows, why Flatpack has massive value for those experienced professionals. They don't want to compile their programs a billion times for a billion different distros and versions. Snap offered insufficient room for competition and customization as such faltpack was introduced.
F. Unverified flatpacks aren't half as dangerous as unverified packages(yes, you can download and install debs straight from the web), since these have full root access. Unverified is just dangerous.
Having said that:
A. You're completely right .deb/.rdp/.snap aren't going away, but they'll be brought back to the place they belong: root level system extensions like drivers, virus scanners and such. I still get shivers every time I install a game or a production program through apt and it requires root.
B. Yes, it makes malware spreading harder, because it makes software distribution generally harder. That's a bug not a feature.
C. Flathub(not Flatpack) does add a level of insecurity Linux didn't previously have. It has a pretty loose security policy. Most repos including the fedora flatpack repository require the repo maintainers to have compiled and understood the code before pushing it(canonicals snap store is an exception). Flathub doesn't. This is dangerous as Canonical has displayed with several cryptoscam wallets in their snap store.
Especially and this probably what you meant with the danger of unverified Flatpacks, because flathub does make it dangerously easy to install non-developer signed(unverified) Flatpacks. Most repos get away with providing non-developer signed packages, because they can check them for themselves. Flathub doesn't do that.
9 Jan 2026 at 6:45 pm UTC Likes: 2
Quoting: GuestA. Liam writes to new users or at least not kernel developer level users"Linux has, historically, been quite messy when it comes to software distribution. We have various distribution-specific packaging formats like .deb (Debian / Ubuntu), .rpm (Fedora) and the list just goes on and on. Canonical also went their own way with Ubuntu for the likes of Snap, but the real winner is going to end up being Flatpak and the main Flathub store."Software distribution under Linux is anything but chaotic. On the contrary, it is extremely orderly.Each distribution offers its own software library and package format. This, among other things, increases system security. This makes it much more difficult to implant malware under Linux.
Snap was most certainly developed by Ubuntu to try to provide unique packages for all variants of its distributions, thus avoiding having to recompile packages x times for each of the Ubuntu versions still in use.
Flatpack will never replace .deb, .rpm, or other packages. Furthermore, unverified Flatpacks can pose serious security problems on a system.
Flatpack is used as the primary source of software access on distributions at the stage of development alpha / beta, on distributions that are immutable due to their structural complexity, or on new distributions that do not yet have enough software to offer their users. Flatpack is in no way intended to replace .deb, .rpm or other formats.
To understand Linux, analyze all of this from the perspective of developers and system engineers/architects. As an amateur unfamiliar with Linux, it is impossible to speculate on this subject without making a mistake.
From a down-to-earth point of view, Linux is free and benefits large groups such as IBM, Oracle, Microsoft, Amazon, Google, etc.
It's not Valve and its Steam client that are giving Linux a boost, but rather the other way around. Linux is provided to Valve in a fully functional state. Valve then simply adds its own layer (just like with Android for telephony), allowing them to launch an operating system bearing their name while drastically reducing research and development costs.
Today Linux is much easier to access for inexperienced users, but it should not be forgotten that this is an operating system developed by and for experienced professionals.
B. As the history of appimage and android APK's clearly displays those large players you mentioned would've loved a neatly unified approach to package distribution.
C. The third software freedom is formulated by the fsf as and I quote here: "The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this." Clarifying here clearly that shared by those experts you mentioned aren't only meant for themselves, but for the entire community. You might argue that only the developers qualify under the community, but that isn't how I see it used generally. Most of the time it's used to describe all users. The fsf is a group of those contributing experts. This implies that at least some of these experts don't develop it just for experts.
D. The beauty of open source is that it's the tide that lifts all boats. As such Valve indeed gets to lift on the works of others with Linux and the ecosystem. Yet, it also adds to Linux and the ecosystem by submitting its own patches. These patches add value for many beyond Valve. For these patches I'm thankful towards Valve even though they as such benefit from community support and R&D savings. They drastically improved Wine, gave KDE some neat extras, solved several driver issues and enabled equal graphics processing with Windows through their contributions to the Khronos project.
E. Your Snap analysis shows, why Flatpack has massive value for those experienced professionals. They don't want to compile their programs a billion times for a billion different distros and versions. Snap offered insufficient room for competition and customization as such faltpack was introduced.
F. Unverified flatpacks aren't half as dangerous as unverified packages(yes, you can download and install debs straight from the web), since these have full root access. Unverified is just dangerous.
Having said that:
A. You're completely right .deb/.rdp/.snap aren't going away, but they'll be brought back to the place they belong: root level system extensions like drivers, virus scanners and such. I still get shivers every time I install a game or a production program through apt and it requires root.
B. Yes, it makes malware spreading harder, because it makes software distribution generally harder. That's a bug not a feature.
C. Flathub(not Flatpack) does add a level of insecurity Linux didn't previously have. It has a pretty loose security policy. Most repos including the fedora flatpack repository require the repo maintainers to have compiled and understood the code before pushing it(canonicals snap store is an exception). Flathub doesn't. This is dangerous as Canonical has displayed with several cryptoscam wallets in their snap store.
Especially and this probably what you meant with the danger of unverified Flatpacks, because flathub does make it dangerously easy to install non-developer signed(unverified) Flatpacks. Most repos get away with providing non-developer signed packages, because they can check them for themselves. Flathub doesn't do that.
- GOG now using AI generated images on their store [updated]
- CachyOS founder explains why they didn't join the new Open Gaming Collective (OGC)
- The original FINAL FANTASY VII is getting a new refreshed edition
- GOG job listing for a Senior Software Engineer notes "Linux is the next major frontier"
- UK lawsuit against Valve given the go-ahead, Steam owner facing up to £656 million in damages
- > See more over 30 days here
How to setup OpenMW for modern Morrowind on Linux / SteamOS and Steam Deck
How to install Hollow Knight: Silksong mods on Linux, SteamOS and Steam DeckRecently Updated
- What are you playing this week? 26-01-26
- Caldathras - Game recommendation?
- buono - Will you buy the new Steam Machine?
- CatGirlKatie143 - Browsers
- Arehandoro - Welcome back to the GamingOnLinux Forum
- ced117 - See more posts