Signal usage survey, what versions do you use? Wanted for potential Flatpak adoption

There are big wishes for Signal to adopt the perfectly working Flatpak.

This will make Signal show up in the verified subsection of Flathub, it will improve trust, allow a central place for bug reports and support and ease maintenance.

Flatpak works on pretty much all Distros, including the ones covered by their current “Linux = Ubuntu” .deb repo.

To make a good decision, we need to have some statistics about who uses which package.

danie10,

The post here is a link to an online survey being done by the Signal Community. Users need to follow the link to answer the survey if they wish (but it means creating yet another new account which I’m getting pretty tired of as I’m now passing over 900 different logins all with unique passwords etc ;-)

Pantherina,

Understandable, if you dont care just use a temporary email like altadress

linearchaos,
@linearchaos@lemmy.world avatar

I generally use the latest available.

I tend not to use flatpack. I lost a few nights trying to get OBS plugins to work in flat pack. It would probably be fine for something as simple and straightforward as signal. But it’s more or less nothing but disadvantage to end users. That said I’m sure it’s a great savings for you guys.

Harbinger01173430,

I just use discord or WhatsApp on chromium in my Linux install xd

where_am_i,

Luckily for me, I’m on an Ubuntu derivative. So apt upgrade just does it. Sorry, OP, works for me in my preferred way, I don’t need any flatpacks. Let’s hope once they do one they keep building .debs nonetheless.

Pantherina,

Flatpaks work just as well. It is an electron app, that causes all the bloat. Signal is modern and everything apart drag&drop and maybe a tray icon (havent tried that) works.

where_am_i,

The heck are you all talking about? The post says Linux and Flatpack, while everyone somehow is discussing why signal is not on f-driod.

How the heck is this related?

Pantherina,

Hahaha, any comment here makes no sense. This is just to help that guy have an actually somewhat useful survey, because Signal devs have very strange priorities

LodeMike,

USERNAMES

Squizzy,

I’d love this but also temp sub users, I have it linked to my phone but I’d like to keep my real username and phone number private if using the app outside of my circle.

clever_banana, (edited )

I don’t use signal because I care about anonymity. I dont use flat pak because I care about security

sudneo,

Flatpak is generally very good for security. Especially considerino you can override some defaults, you can have fairly tight isolation.

clever_banana,

No, it doesn’t even cryptographicly check signatures on packages when it downloads them lol

sudneo,

That is one security aspect only, and signature checking is done by OStree, but the only key used is the one from flathub, from what I understand. So you don’t verify the key of the application author, but solely the one from flathub, which means if the flathub distribution pipeline is compromised, you will not notice it and install a malicious package.

That said, the isolation that provides is great, and things should be evaluated in context. I will consider much much more likely that a package I install has bugs/cves/is outright malicious, compared to the risk that the publisher pipeline gets compromised (this is essentially what the signature verification would protect from). This means that it is a huge net gain in terms of security, from my PoV, to have an “unverified” package running in flatpak, under the isolation that it provides, if we compare it to having it running in the native system, but verified.

In other words, there is not a specific scale that if you “don’t even do…”, then it means you are not secure at all.

Pantherina,

Hahaha wtf?

Its flatpak btw.

cypherpunks,
@cypherpunks@lemmy.ml avatar

github.com/dessalines/essays/…/why_not_signal.md

Kangie,

Oh look an essay full of fearmongering that adds nothing to the discussion. Thanks for contributing!

OsrsNeedsF2P,

It’s by one of the Lemmy founders btw

rar,

Doesn’t make him automatically correct however.

als,

Tbf it does suggest several alternatives.

zwekihoyy,

those were some bullshit bullet points lmao

lemmyvore,

They’re actually very good points.

The problem is that all the suggested alternatives are unworkable for adoption by the general public (they require stuff like Tor, self-hosting etc.)

zwekihoyy,

one of the points is cia funding. they are bullshit

clever_banana,

How do you read this without JS?

femboy_bird,

Git clone

Cd [the clone]

[Text editor of choice] why_not_signal.md

[Exit text editor]

Cd …

Rm -rf [the clone]

clever_banana,

I’m on a phone

progandy,

You can read the raw text raw.githubusercontent.com/…/why_not_signal.md

femboy_bird,

The appeal of signal is it is a good option (may have flaws but it is better than say discord) and it’s pretty easy to get normies using it, all the other alternatives you mentioned are obscure and convincing normies such as friends and family to use them is much harder, and while signal isn’t perfect, it’s certainly better than whatsapp or other proprietary solutions

xinayder,

So… not using Signal because it’s based off a conspiracy theory that it’s secretly funded by CIA?

Well, let’s stop using RSA and encryption because the most used secure crypto algorithms today were created by none other than the NSA!

EDIT: None of the alternatives provided are good alternatives for Signal. Matrix is an extremely complicated protocol that lacks some features compared to normal IM apps (I use Matrix and the experience is quite close to a standard messaging app). XMPP is dead and has a very niche userbase. The others are not suitable for being a daily messaging app.

Signal is a good alternative and while I do agree with some points, they are not bad enough to prevent you from using it (e.g. not having usernames).

danielquinn,
@danielquinn@lemmy.ca avatar

Personally I install it with pacman and generally avoid Flatpaks due to annoying problems I’ve had with it limiting filesystem access in the past. My biggest problem is that it seems to “forget” that I’m logged in if I don’t use it regularly, meaning I have to regularly re-auth it on my desktop since I use it infrequently there.

Pantherina,

Flatpaks are generally made way to loosely. Always “not breaking” > “being secure”.

So this should not really be the case, drag&drop doesnt work yet, maybe copy-pasting files doesnt if the app cannot access that directory statically (you need to add an attachment from within the app, your file picker will open which is a “portal” which links that file into the apps container and thus allows the app to see it.)

Everything else works normally, screensharing too

danielquinn,
@danielquinn@lemmy.ca avatar

That’s an understandable goal, but as a user, breaking the user experience when I go to send a file to someone only to find that I can’t even see it in some apps is a deal breaker. If the app can’t be trusted to do that, I won’t use it.

Pantherina, (edited )

What do you mean by this?

This makes no sense.

You cannot trust any app to do anything. Look at their code, or ask people that know people that heard of people that looked at their code (how it is currently done in FOSS, lol).

Modern apps integrate portals & pipewire permissions. Bad apps dont, and they suck. Please annoy Slack with that, they have to adopt the Flatpak and modernize the code. Its like a few dozen lines to replace a custom own filepicker with the xdg-desktop-portal file picker of the OS.

danielquinn,
@danielquinn@lemmy.ca avatar

I wasn’t talking about Slack. Actually, my worst Flatpak experience was with PyCharm. The fs limitations mean it couldn’t see files like ${HOME}/.config/git/ignore or load up my shell environment inside the IDE. It’s basically a neutered version of the app because someone decided to draw the security/usability line too far in the one direction.

It’s fine if you think that’s a good idea, but as a user, the choice of packaging means it’s not useful to me, so I won’t use it.

Pantherina,

Oh, the user above was mentioning slack, sorry.

Pycham is also proprietary. This is an unofficial repackage of the app done by volunteers.

It probably works fine just not for your workload. But I can imagine why someone would want to sandbox Pycharm…

And to your issues, have you even tried to poke holes in the sandbox? You can use KDEs settings or Flatseal.

Launching a terminal can be done via flatpak-spawn.

I think you dont get this. Flatpak is important. Linux is completely powerless, there are people installing invasive apps which then can do what they can on Windows. Compare that to Android (which is obviously way less complicated because of how apps are used).

Flatpak is a new system to build apps, of course it cant read some ~/.config directory thats the point. If you store stuff there you are used to a different way and will need to adapt. Or you use their official binaries.

Just because apps are not ready this doesnt mean it is not clearly the way we will do GUI apps. 800+ apps officially verified. We are approaching official universal Linux support here!

danielquinn, (edited )
@danielquinn@lemmy.ca avatar

No, I haven’t tried to poke a hole in a sandbox. Generally speaking, if I have a choice between pacman -S <app> or “install with Flatpak and then fiddle with sandbox settings” I opt for the former. I get that you think this is important, and Flatpak is a nifty idea, but in terms of usability, it has failed me repeatedly to the point where I don’t want to use it, so I don’t.

You seem to be coming from a position of “Flatpak good, so everyone must use it”, which is nice, but it’s naïve. Flatpak is ok, but it has usability problems, and since you want people to use it, usability is kind of important. It also introduces a frustrating divide from a user perspective. The idea that “desktop apps” should be installed via Flatpak, and everything else with a proper package manager is madness from a user’s perspective. I don’t understand how you can’t see that, but you’re going to have to accept it 'cause newsflash: not everyone thinks like you.

Finally, packaging for Flatpack is a Pain In The Ass. I say this as someone who’s tried it. The build system is clearly biased toward particular use cases and particular languages, which is great if you’re in that camp, but for everyone else it comes across as impractical for the intended purpose.

So yeah, it’s great that this is important to you. Go ahead and develop the shit out of Flatpak, and maybe even work on the user experience some more. I’ll keep having a look from time to time, but for now, it’s not happening, and this attitude of yours, that the rest of us will just “need to adapt” to your preferred way of working… if I wanted that I’d use a Mac. GTFO.

Pantherina,

Its easy. If you have a problem, report it. Instead of arguing about it they may have already fixed it.

If you want to run a proprietary app unconfined, do so.

But you also have to admit that reading some git config in a non flatpak directory is actively against the sandboxing principle, and thus requires manually allowing that access.

Sure, flatpaks need more popups that do exactly that.

Dividing “GUI apps” and other packages is easy. Go to a store, if it has an icon, install it via flatpak, if it has no icon, then you may not do that.

Appstream metadata so to speak.

Finally, packaging for Flatpack is a Pain In The Ass

Agreed.

okay maybe stop being so rude? Flatpak is the possibility for a secure system. We see how painfully slow adoption for that is on every Desktop, mac and windows too.

But it is great to have this, and I am sure we could make your Pycharm work by applying that override. The rest has to be done by the developers and it is important to care.

It is the same as with wayland, people need to change their software to ask for permission, follow standards and dont do weird shit. Only then the UX is solved.

And by the way what is stopping you from just using some apps as native system apps, and flatpak for the rest?

danielquinn, (edited )
@danielquinn@lemmy.ca avatar

Dude, you’re the one being rude. I was done with this conversation yesterday and you just keep coming back like it’s an argument you can “win” by insisting that I think like you and change my behaviour to be like you.

You started the whole thread looking for input and when you didn’t get the response you wanted you just berated the respondents telling then how wrong they were.

I’m done here. You’ve forced me to go digging around Lemmy to see if there’s a block function.

Pantherina,

Ok strange. I gave you a good and not one sided response.

Like, totally strange. I dont see how my comment could have been offending in any way. You had a specific problem leading to a generalized conclusion.

where_am_i,

Last time I installed slack through flatpack I couldn’t send any files. Not through drag-and-drop, neither through the filepicker. The latter was just empty.

Downloading files from slack also had awfully weird side-effects.

Slack doesn’t have an apt repo, so I download debs and updat manually. Maybe once half-a-year.

If that’s the experience I’d get on my signal through flatpack, I’d also rather be downloading manually. And I’d even compile from source rather than deal with that flatpack stuff.

Pantherina,

Slack is proprietary garbage with bad Linux adoption. Apps need to integrate Portals themselves, if they are used to having access to anything they will use a regular file picker which only works if they already have access to your stuff.

Signal integrated all the stuff, Pipewire, Portals.

Please try… before comparing random proprietary apps (that also probably still dont work on Wayland, which also means they are insecure by design) to general Flathub.

Just learned yesterday there are over 800 verified apps on Flathub! Made by official developers! On Distro repos this is nearly 0

where_am_i,

This is just so bad. I can’t use anything snap/flatpack cuz it simply won’t let me send a file. As it runs on it’s on file subsystem and doesn’t have access to anything else.

On the other hand, an app that has access to my entire hard-drive is awfully insecure, right? So, what’s the solution?

in the meantime they could include an option “I allow this app to acess my whole $HOME, thanks, I need it cuz I am a user not a security researcher”. Until then I’m not touching flatpack

Danitos,

You can use Flatseat to config the permissions (including files) that Flatpaks have. It has a nice GUI

Vincent,

This is just a random user doing a very unrepresentative poll back in June last year - I don’t think it’ll influence Flatpak adoption in any way.

gzrrt,
gzrrt avatar

Not being able to run Signal on my Android tablet feels really inconvenient. That would be no. 1 on my wish list

Pantherina,

Try Molly on both devices but yeah Signal should fix this.

maiskanzler,

That’s the biggest pain point with Signal and WhatsApp in my opinion. Telegram does it, but then of course it’s much easier for them to support. Sharing content from my tablet is such a hassle.

breakcore,

I use warpinator to share between my phone, laptop and desktop at home. It uses the local network.

But yea, I use signal to share often, when I am out.

chemicalwonka,
@chemicalwonka@discuss.tchncs.de avatar

I’m thinking about abandoning Signal given the fact that they use AWS servers, still insist on requiring a phone number to use the APP and haven’t yet implemented nicknames like Telegram

If you want absolute control over your communications, the only way is to self-host an XMPP server

Pantherina,

Yeah Signal sucks a lot. It is poorly very convenient to use.

XMPP had too little funding. But it could totally replace Signal, no question.

SimpleX is also cool and truly privacy first

Petter1,

Why not matrix?

smileyhead,

Both are great for chat! End of debate.

woelkchen,
@woelkchen@lemmy.world avatar

Matrix, the protocol, is quite nice.

Element, the Matrix reference client, is too complicated IMO. If everyone were to only use FluffyChat, it would be great but then FluffyChat afaik doesn’t implement every protocol feature and and you could end up in compatibility issues with Element users.

Purely as a client I find Telegram the most convenient. I think more should copy their homework from there, heck perhaps post the client to Matrix.

Petter1,

I hope matrix protocol gets to be the interoperability protocol for all the messenger apps ☺️ one can dream… Go EU, lol

Vincent,

Your data is always encrypted before it reaches the AWS servers though, so it’s not like Amazon has access to them. The phone number/nicknames is still in progress, but it’s hard to do that securely, and given that their user base is really big now, they also need to make sure it works well for everybody.

Spectacle8011,
@Spectacle8011@lemmy.comfysnug.space avatar

The concerns about AWS servers are around metadata. If metadata were not a concern, why not just use Whatsapp? They use the Signal protocol so messages are end-to-end encrypted by default, and most people already have it or are willing to download it as compared to Signal.

Vincent,

Signal also encrypts your metadata. (And notably, WhatsApp does not.)

Spectacle8011,
@Spectacle8011@lemmy.comfysnug.space avatar

That seems like the wrong place to link to. Shouldn’t you be linking to Sealed Sender?

Vincent,

Yeah that might be better! I knew of my link off the top of my head, which enumerates what unencrypted data Signal does have access to, i.e. almost nothing.

sexual_tomato,

I quit using signal after they stopped supporting text messaging on Android. I had my whole family using it and that just evaporated overnight 😭

Pantherina,

So your family used SMS? Sms is horrible, you should just not use it.

If signal supported encrypted SMS that would be useful. DekuSMS is the only alternative here, as Silence is abandoned.

But it makes sense that they dont want to pretend SMS was a good standard.

Meanwhile, they use a phone number for anything, ironic

sexual_tomato,

My parents are approaching 60. I told them that the signal text message app would work a lot like iMessage if we both used it. And it did. It was great. For the other people that used signal, the experience was generally better. For other people that didn’t, SMS was fine because that’s how I was going to talk to them anyway.

The thing is, My parents are not going to go to more than one app to communicate with other people. Since it no longer sends and receives text messages, it doesn’t work with 99% of the other people in their lives.

They own and run a pretty large business. There’s no way that they’re staying on more than one messaging platform. You can talk all day about what they “should” do, but at the end of the day just getting them to switch to another app was a huge lift for me. Not only did they switch back to regular SMS, I burned a lot of credibility with them on tech related stuff through no fault of my own.

Repeat this story for the 90 or so people I had converted. There was no critical mass, so adoption evaporated overnight because my social graph is not enough to provide any sort of critical mass and adoption.

Pantherina,

That sucks I am very sorry to hear that.

The thing is just that nobody should use SMS really. If they have a business they may have experience with it and whatever but really, dont use SMS at all…

Then it is just a single messaging app.

It makes no sense to include unencrypted SMS in an encrypted messaging app over secure protocols. Like, SMS are all scanned, surveilled and can easily be manipulated.

sonori,
@sonori@beehaw.org avatar

SMS is also the common standard for talking to people.

For the vast, vast majority of people, the technical security of, ‘hey, you want to catch a movie next saturday’, is far less important then the message actually getting through.

Qute simply, it is far more important for a communication method to be easy and universal then to be secure against attacks the vast majority of people do not think they will ever encounter. When most people want to tell their neighbor two houses down that the dog has gotten out again being able use the app they already use to communicate is far more important to them then then a bunch of technical jargon about end to end encryption.

moon_matter,
moon_matter avatar

I hate that the developers of secure messaging apps in particular are deaf to this. It's so easy to just add SMS as a fallback and yet they refuse to.

Pantherina,

Thats email too, which is less bad

sonori,
@sonori@beehaw.org avatar

Why is email less bad than SMS? It’s about as (in)secure.

Email also fulfills a different role, as it is for longer, more formal, and less time sensitive messages. Nevertheless, more modern and technical encrypted email clients go out of their way to still work with unencrypted messages insteand of being deliberately incompatible as Signal is.

Pantherina,

Email uses modern TLS, SMS uses some ancient encryption from the 90s or so, that just doesnt work.

If you trust the servers email is fine.

You can use Deltachat to chat over email. The protocol is universal its just how you use it.

Trust me a signal/xmpp/matrix message could look like an email too.

Email + Encryption is poorly optional yes. But you are asking for an internet chat service to support a different, ancient, insecure and unprivate protocol that has nothing to do with it.

Deku SMS supports encrypted and unencrypted SMS, this makes sense.

sonori,
@sonori@beehaw.org avatar

Yes, you could technically use email like SMS, while the standard allows for up to five days for the message to go through that’s pretty rare, in practice it’s primarily used to send long messages from one computer to another, not a single sentence or two between phones.

In practice, it is about as secure as SMS, as both require similar levels of dedicated effort to interpret. Most of the actors with the hardware used to intercept and decrypt SMS are the same actors who can compromise a server, or outright have acess to the backdoor they paid 10 million to put in RSA. Not that they need it, as the largest email providers by far do often work with law enforcement anyway. Both SMS and email attacks are seen at about the same rate and scales, which is to say rarely outside of government agencies where both are unfortunately routine.

Signal is primarily designed and marketed to fufill the same basic role as SMS, as evident from just how much of an afterthought anything but the mobile app is, how said app copies the same format as SMS for messages, how it required an phone number to use and sync phone contacts, and how it did support SMS for quite some time. It is emently reasonable for Signal to have continued to have featured the messaging format most of the people it could talk with used.

Pantherina,

Agree that in practice SMS are intercepted just as much as Emails. But its entirely different and SMS does not use RSA afaik.

The last paragraph stressed for me how confusing this would be for noobs. A messenger that seems to do exactly the same but differently. People would not get it and think if they use Signal for SMS this would be secure somehow.

Whatsapp never integrated SMS and its used everywhere. Okay, there are video conference platforms that allow to log in via the phone network, but yeah, dont do that.

firewallfail,

I think they just gave very valid reasons to include sms in signal, adoption. It took me years to get my contacts on signal and I was finally at the point that >80% of my messages were encrypted, that dropped to <10% the day sms was dropped. If I refused to use sms I would effectively be cutting contact with my family.

cheesebag,

In the US on Android, unencrypted SMS messaging comes default. How do you propose getting a technologically illiterate boomer to not use SMS?

noddy,

They went from doing some communication secure with signal, to doing no secure communication, because of a rug pull of a genuinely convenient feature. The problem with communication apps is that it is almost impossible to convince anyone to use anything they haven’t heard about, if it is not very convenient. They’re not going to use a separate app just for communicating with a single person/a few people.

Looks like RCS might be viable in the future when it works on both iphones and androids though. I just hope that it doesn’t all go through googles servers.

smileyhead,

RCS is still not available for Android. For now proprietary Google Messages is required to connect Google proxied RCS servers.

And I would be suprisied if this won’t stay that way.

Pantherina,

RCS is controlled by a few companies and also requires a specific app. Nearly all messengers work on iOS too (apart based Briar)

Thorned_Rose,
Thorned_Rose avatar

You do realise that mobile data is non-existent or limited in some counties right? Even here in New Zealand mobile data is still limited or expensive and the main communication, especially between people who don't know each other, is SMS. Some encryption is still better than nothing.

Pantherina, (edited )

Crazy. But Signal never encrypted SMS.

And even if they did, this would be worse than signal protocol and really confusing, because SMS only worked between signal and an sms app, encrypted sms would only work between signal and signal too.

So you would have the same encryption over 2 protocols and people may just stay with sms all the time which is baaad.

So seperate apps, I dont get peoples problems.

I recommend DekuSMS for encrypted SMS.

Thorned_Rose,
Thorned_Rose avatar

That's why Silence was forked from Signal.

You don't get people's problems because I'm going to hazard a guess that it's not a problem for you and therefore you don't actually have any lived experience with the issue. Or not currently anyway. But given you don't seem to be too interested in peoples actual experiences and seem more interested in talking over people and insisting that your eristic arguments are the only right answer, I'm going to leave this conversation here and continue to have a hard time converting family and friends to Signal because they still use SMS and Signal doesn't give a shit about people in countries where SMS dominates.

Pantherina, (edited )

My comment was not personal or anything, so I ask you to also please stay rational.

I also complained about Signal not supporting encrypted SMS, but again, Whatsapp never supported SMS and still is used like all over the world.

Signal doesnt have to be better than Whatsapp to deserve adoption. It already is, and everyone should just replace it.

I was clear about that, and threw Whatscrap off my device, spent hours convincing people to switch, and at least in my bubble that worked pretty okay as they are left-y and even though often tech illiterate accept that Signal is like a baseline of Security and simply not hard to use or anything.

A statement: if you use SMS to avoid whatsapp, maybe you should prefer to use Whatsapp. I dont and in rare cases I use whatsapp, but literally nobody gets how insecure SMS is. I immediately ask them to install an encrypted SMS app and nobody does, which kinda sucks.

I am in a lucky position to not rely on SMS. I dont get the “as little apps as possible” mentality of people that at the same time have like all the tracking apps on their devices.

I just have understanding for Signal to have dropped SMS. It is misleading to have it in the same App, nobody gets shit.

In the current situation I will convince people that already have Whatscrap to also install Signal. Like nobody deletes whatsapp, which takes away lots of the arguments for using Signal (meta is still getting all the “who knows whom”).

I understand that it sucks for you. And supporting SMS really is no big efford. But I also understand Signals position.

FOSS doesnt always need to be better than proprietary tracking garbage. People need to be f**ing educated to intrinsically use anything that is more privacy friendly.

Btw Silence is no longer maintained so I recommend DekuSMS.

AlexJD,

Same. I just didn’t have any use for signal after SMS removal. Yes I know SMS is insecure but I was stuck. Either you use a separate secure app and magically convince everyone else to use it whilst falling back onto a separate SMS app anyway (for those who don’t use the encrypted app). Or alternatively you just have to use a mainstream app like Google Messenger with SMS plus RCS.

At least when signal supported it I could migrate family to signal and then our communication would be encrypted and they could still message everyone else over SMS. It meant a large portion of my messages were encrypted. After SMS removal everyone I had on signal just quit so there was no one to communicate with. Trying to get people to use multiple apps was like herding cats.

possiblylinux127,

How about putting it on F-droid? That won’t happen as they ship to much proprietary software.

Pantherina,

Its so strange that you need to use Twinhelix’ random project or Molly, as Signal doesnt care

smileyhead,

Signal wants to provide updates themselfs to make sure they are fast in case of big security bug. F-Droid can lag behind to provide new version of app.

But they should at least provide F-Droid repo.

possiblylinux127,

F-droid is only a few days behind at most. They are arguing against F-droid with evidence that’s out of date. I think it has more to do with laziness than anything.

The good news is that Molly exists.

Vincent,

Laziness is a very negative way of putting it. Another would be prioritisation - with limited budget, what is the best way to get as many people as possible to have their communications encrypted?

clever_banana,

Right, stickers and gifs are more important than security and privacy

Vincent,

It could be both. A highly private app that nobody uses provides less privacy than an app that’s only somewhat less private (i.e. has to be downloaded via Google Play or via a self-updating APK from their website instead of F-Droid) that millions of people use.

FutileRecipe,

with limited budget, what is the best way to get as many people as possible to have their communications encrypted?

They could dump their existing code that let users SMS non-Signal users and upgrade it automatically to E2EE if the other number has Signal. Oh wait, that would worth adoption, nevermind.

Vincent,

That would’ve been great to keep, and the Signal team thinks so too, but they were kinda forced to remove it by Google: community.signalusers.org/t/…/57

Spectacle8011,
@Spectacle8011@lemmy.comfysnug.space avatar

I don’t think Signal is interested in doing that.

s38b35M5,
@s38b35M5@lemmy.world avatar

I prefer the deb that works. I get a signal.update almost every other day. I don’t remember to update my flatpaks anywhere near that often. I also appreciate that it doesn’t force me to include dependencies that are already met.

Pantherina,

You can update flatpaks automatically using systemd. Automatic updates are a thing and should be everywhere.

discuss.kde.org/t/…/9287

FutileRecipe,

Automatic updates are a thing and should be everywhere.

Absolutely not…most especially prior to production deployment. How else would someone see the change logs before hand or see/test if it would hurt their environment?

Pantherina,

I have no idea what a production environment is for you. If it is some kind of sealed off stuff yeah maybe, but otherwise I hope you use a Distro that handles updates the way you need it.

Not updating because things will break is a sign of a bad distro.

FutileRecipe,

Production environment is typically in the corporate world, not usually a homelab. Service providers often have a SLA uptime guarantee of 99%. They don’t often push patches as soon as available due to the varied nature of corporate environment. They don’t have one or two PCs to worry about: they can have tens of thousands. Downtime equates to money lost. So patches get tested before being deployed. Depending on the patch, that can be 48 hours to a week or two. Major OS upgrades can be months-long test, but the company usually does that and follows it while it’s still in beta.

Updates are pointed to a server the company controls, not the Internet. Updates get tested on test servers and test machines that replicate those in production. It typically gets monitored for 48 hours to measure glitches and performance. Once satisfied, the company controlled update server pushes into production machines.

Why test patches before deploying to productions?

Pantherina,

Ok this is a specific case, interesting info, thanks.

Obviously this has nothing to do with single user computers, going to software stores, pressing “update” buttons etc.

So it is unrelated to my point.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • linux@lemmy.ml
  • slotface
  • kavyap
  • thenastyranch
  • everett
  • tacticalgear
  • rosin
  • Durango
  • DreamBathrooms
  • mdbf
  • magazineikmin
  • InstantRegret
  • Youngstown
  • khanakhh
  • ethstaker
  • JUstTest
  • ngwrru68w68
  • cisconetworking
  • modclub
  • normalnudes
  • osvaldo12
  • cubers
  • GTA5RPClips
  • Leos
  • tester
  • megavids
  • provamag3
  • anitta
  • lostlight
  • All magazines
    •