Apologies, I deleted my comment instead of editing it, but I meant to add that even with the shady workaround, if you have sandboxing it likely greatly reduces this risk.
Be very wary of what apps you install, and in fact, try to only use FOSS.
People need to stop touting FOSS as more secure. More auditable, sure. But there are many, many examples of FOSS applications being insecure or abusive.
The bottom line is just “be wary of what apps you install period.”
Sure, but I didn’t mean to say that FOSS couldn’t be insecure. Software itself can obviously be insecure, like we saw with xz. At least with FOSS though, it’s more difficult for it to be hidden.
Apologies, I deleted my comment instead of editing it, but I meant to add that even with the shady workaround, if you have sandboxing it likely greatly reduces this risk.
Be very wary of what apps you install, and in fact, try to only use FOSS.
People need to stop touting FOSS as more secure. More auditable, sure. But there are many, many examples of FOSS applications being insecure or abusive.
The bottom line is just “be wary of what apps you install period.”
Sure, but I didn’t mean to say that FOSS couldn’t be insecure. Software itself can obviously be insecure, like we saw with xz. At least with FOSS though, it’s more difficult for it to be hidden.