Plus no backdoors

  • unperson [he/him]
    ·
    3 years ago

    If I apt install kdenlive and then run kdenlive, the program has never ran as root and cannot make itself run a service in the background, or log keystrokes, or install other things.

    If I download a package or an installer from the Internet the publisher runs a program as admin on my computer and can do whatever it wants, bundle adware, start hidden services, whatever.

    My distribution is not 'another party to trust'. It's the party I already trust the most. If I or someone else find something harmful in a program that's on the repo, I expect the distro to remove the program or patch out the harmful parts, while I don't expect the first-party installer to become better in any way.