• trevor
    link
    fedilink
    English
    548 months ago

    Sandboxing does nothing for social-engineering attacks, which is what many of the malicious snaps were designed for.

    And the thing that makes the Snap Store uniquely bad is that there’s no human review. Anyone can throw up a malicious snap, and there are very good odds that it’ll get served there. Even the Flathub, a community-run project, has human reviews before new apps get published. Canonical, despite having money and resources that community projects don’t, can’t seem to be bothered to take basic steps to protect their users.