Edit: There’s a short follow-up to this post: Exodus Bitcoin Wallet: Follow up.
tl;dr: A Bitcoin investor was recently scammed out of 9 Bitcoin (worth around $490K) in a fake “Exodus wallet” desktop application for Linux, published in the Canonical Snap Store. This isn’t the first time, and if nothing changes, it likely won’t be the last.
This post turned out longer than I expected. So if you don’t have the time there’s a briefer summary at the bottom under “In summary (the tl;dr)” along with my suggestions on what Canonical should do now.
Real tldr: someone downloaded a fake app and was scamed and here are the author’s recommendations:
Me: What are your recommendations, dear lemmy users? I bet you can come up with much better recommendations
The idea of a package maintainer that is vetted by the distribution channel comes to mind. That’s the model that has worked with most distros so far. I don’t see why it wouldn’t work here.
App Store moderation (because this is what we’re talking about) is a hard and labor intensive problem. I’m not sure it can be done well enough at scale for free without introducing easily gained mechanics.
That said, this seems just a list of ways to blame someone else for messing up and getting scammed.
I like the recommendations but I would also just ban cryptocurrency wallets from the app stores (and traditional finance apps capable of transferring funds electronically). There’s not much you can do to stop scams in that space but if the devs distribute their own apps, at least the user can verify they’re at the original developer’s site or repo or whatever and possibly hold them accountable.
That probably won’t help on the scams — people in the crypto world get scammed more than aging grandparents, it seems. But I don’t want Canonical or Flathub to be held liable due to a lack of moderation resources. If they can ever automate moderation to the degree it’s safe, bring back the finance app category with some safeguards.
Yeah for some apps downloading from the offical site is a good idea.