[kwlug-disc] $30,000/yr to get your app on the $nap $tore
Mikalai Birukou
mb at 3nsoft.com
Tue Mar 16 17:34:04 EDT 2021
> I didn't realize that Ubuntu has erected a paywall around their walled
> garden Snap Store.
> You can't get your app on the Snap Store without Ubuntu's permission,
> you can't run your own Snap Store or provide snap autoupdates without
> Ubuntu's permission because the server side is proprietary (unlike
> Flatpak), and if your app is related to a commercial business, Ubuntu
> wants a cut.
> https://www.nitrokey.com/news/2021/nextbox-why-we-decided-and-against-ubuntu-core
>
> This is exactly the sort of nonsense I'm trying to get away from,
> motivating my migration from MacOS to Linux.
Quote from an article:
"""
The hack has the central problem that all devices in the Global Store
are identified as the same device and "this can cause problems".
"""
Me thinking:
- Why should store identify devices?
You really want to get upgrade bits anonymously. Just in case. Okay,
your delivery hash crypto is non-breakable, but DoS on update of a
particular client may leave it vulnerable, and indicate that it is time
to attack. Attacker chooses time of an attack. Defender chooses place,
i.e. architecture it uses.
- Why should server and everyone know how many devices I use?
Looking at Signal, Wire, others.
<abs> 3NWeb </abs> :)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20210316/3ac5fc2c/attachment.htm>
More information about the kwlug-disc
mailing list