Imagine your friend that does not know anything about linux, don’t you think this would make them not install the firefox flatpak and potentially think that linux is unsafe?

I ask this because I believe we must be careful and make small changes to welcome new users in the future, we have to make them as much comfortable as possible when experimenting with a new O.S

I believe this warning could have a less alarming design, saying something like “This app can use elevated permissions. What does this mean?” with the “What does this mean?” text as a clickable URL that shows the user that this may cause security risks. I mean, is kind of a contradiction to have “verified” on the app and a red warning saying “Potentially unsafe”, the user will think “well, should I trust this or not??”

  • KindaABigDyl@programming.dev
    link
    fedilink
    arrow-up
    17
    ·
    5 months ago

    They should be worried. We don’t want them comfortable.

    So many negative things have entered our culture bc people don’t care about dangers. Nearly every app should have a warning

    • AeonFelis@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      5 months ago

      Nearly every app should have a warning

      No. If you put a warning on every app (except for the most trivial ones that don’t actually do anything useful) then the warnings mean nothing. The become something more than ass-covering legal(ish) BS.

        • AeonFelis@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          ·
          5 months ago

          What do you mean by “improving”? This alarming warning appears because Firefox requires permissions. Let us look at the permissions listed there:

          1. “User device access”. From the docs, I’d say the browser needs it for rendering?
          2. “Download folder read/write access”. This one is obvious - the files you download with your browser go there.
          3. “Can access some specific files”. This one, I’ll admit, is a bit cryptic - what files does it need to access? But this one is on Flatpak for making the permission so general.

          App permissions should not be about “this app cannot be trusted because it asks for scary scary permissions”. They should be about “take a look at the list of permissions the app requests and determine whether or not it make sense for such an app to need such permissions”.

          • jbk@discuss.tchncs.de
            link
            fedilink
            arrow-up
            2
            ·
            5 months ago

            To 1.: dri instead of all would handle hardware-accelerated rendering. Then some webcams or controllers won’t be accessible though. This one’s a bit complicated, since the necessary portals for e.g. generic USB device access aren’t yet there.

            To 2.: portals should be used instead of that. Using them doesn’t require these permissions.

            To 3.: click on details and see. This is Flathub making it easy to understand for users.

            Permissions should make clear whatever dangerous things an app can do. If not, why do all this effort of isolation? Firefox could delete everything in downloads, either by accident on Mozilla’s side, or a privilege escalation. If the app used portals instead, it couldn’t, at least without user interaction. Or a browser security vulnerability could open up any USB devices to webpages. It’s all about what could happen with granted permissions. And these can 100 % be fixed in at least some way.

    • alphafalcon@feddit.de
      link
      fedilink
      arrow-up
      6
      ·
      5 months ago

      They should not be worried, they should be educated.

      If you worry a new user enough they’ll go back to Windows or Apple because there’s less scary warnings there.

      We need to make the transition as pain free as possible. Learning about the joys of kernel compilation and SELinux can come later.
      The first step is "Hey, this is as usable as Windows, without stupid ads in the start menu.

    • Onihikage@beehaw.org
      link
      fedilink
      English
      arrow-up
      1
      ·
      5 months ago

      If “nearly every app” that people already use suddenly has a big warning on it, people will quickly decide the warnings are meaningless and start ignoring them, like Prop 65 warnings. Congratulations, we’ve moved the needle backwards.

      You have to meet people where they’re at. I finally switched to Linux when MS introduced a feature I wanted no part in (Recall AI), but I would have given up within a day or two if the transition hadn’t been basically seamless. I was able to pick up right where I left off, using all the same apps I did on Windows except MusicBee RIP, but now I’m in a better position than before, on an open-source OS instead of closed-source. Now there’s a little less friction between me and better, freer software.