1. 14
  1.  

  2. 46

    The Linux community values their privacy and others’. That’s something Discord needs to be taught.

    There is no privacy on Discord to begin with. Packaging would be the least of my worries, if I was using it.

    1. 11

      Yes, it would be preferable to use only open-source software that you’ve built yourself, and to only communicate on platforms where you control the data. Many people, however, do choose to use Discord and similar chat apps regardless.

      I think for people who have made that choice, it is meaningful to talk about ways to limit how much other information those apps can scrape up about your system. The communications you use the app for, obviously, are under the control of the app provider. The privacy intrusions aren’t limited to that, though. It is common for advertising SDKs to scan any data they are permitted to access, in order to fingerprint a device or a user. It really does make sense to want to limit things as much as possible, and it sucks when app vendors nag users to do things that are less secure or less private.

      1. 6

        Perhaps I’m not getting the authors problem – the rant goes on and on, and only in the last sentence it seems to allude that the issue is that the web site offers native packages instead of Flatpak/Snap?

        I mean … yeah? My policy is to not use Flatpak/Snap/… so the website offering *.deb/*.rpm seems fine to me.

        Not sure how this is related to security/privacy that Flatpak/Snap are supposed to provide. I’m not seeing that either.

        1. 6

          There is no privacy on Discord to begin with.

          This is why Discord users have so much to gain from Flatpak and Snap.

          Some enforced privacy is better than no privacy at all.

          1. 15

            The alternative I had in mind was no Discord at all, rather than no privacy at all. :)

            1. 4

              What privacy does Flatpak/Snap guarantee, actually?

              1. 3

                I think people are hinting at sandboxing in Flatpak (don’t know about Snap) as a means of restricting access to the system:

                https://docs.flatpak.org/en/latest/sandbox-permissions.html

                Permissions for the Discord Flatpak can be found here:

                https://github.com/flathub/com.discordapp.Discord/blob/818f10af0b0238d8ffd4c6df027e296c39944fe5/com.discordapp.Discord.json#L13

                device=all seems pretty far-reaching.

                1. 1

                  Apparently that’s required to access devices like microphones and webcams.

                  While not ideal, –device=all can be used to access devices like controllers or webcams.

                  https://docs.flatpak.org/en/latest/sandbox-permissions.html#device-access

                  1. 2

                    Apparently that’s required to access devices like microphones and webcams.

                    Indeed. One would hope that more fine-grained access policies were possible. But I think Pipewire support in xdg-portal is going to make this possible?

                    https://github.com/flatpak/xdg-desktop-portal/blob/master/src/camera.c

                2. 1

                  Read this https://www.ctrl.blog/entry/firefox-linux-flatpak-snap.html

                  Containerized applications can prevent the discord client from doing various things with its read access to violate your privacy, among other things.

            2. 16

              I’m on Arch. I also noticed this. I just clicked on “I know what I’m doing” and switched to the web UI while the official Arch package repo caught up. It took about 1 day.

              an attempt at dodging security measures

              To me it just seems like an attempt to fast track updates, not anything nefarious. At least the Arch package doesn’t seem to be officially maintained by Discord. Not sure about Flatpak and Snap. So that means they have to wait for the community to update dozens of Linux repos.

              I would personally love if Discord could maintain Flatpak, Snap, Arch, Apt, Yum, etc.

              1. 5

                I don’t think it has to be nefarious to be harmful. I don’t think it really matters whether the team that built this feature was aware of why people might not want to be nagged; the intent isn’t the point. The effect is what we can observe, and I do think the effect is negative.

              2. 13

                The only officially supported installation method for Discord on Linux is the .deb and .tar.gz files they provide. Any other installation method, including both the Flatpak and Snap, is unofficial and not supported by Discord.

                1. 3

                  There’s a difference between only officially supporting one installation method, and designing your software to undermine the other installation methods even when they have been chosen. Especially when said other installation methods add security measures for users’ privacy.

                  1. 9

                    designing your software to undermine the other installation methods even when they have been chosen

                    “Designing to undermine”, in my opinion, is absolutely not what’s happening here. They try and make updates less painful through their admittedly kind-of-clunky official distribution channels.

                    To avoid doing that when it’s installed through another method, they’d have to maintain an built-in check for these non-official distribution channels.

                2. 8

                  Dunno but I’m glad for the “No bullshit” update experience. Got asked to install the new .deb, direct link to what you need and be done. They probably just didn’t expect non .deb people, still you can dismiss it. They still don’t require you to add any 3rd party apt-source or so. Also privacy/self-hosting wise I wouldn’t look at discord..

                  1. 5

                    calibre does this too, and with the dreaded curl | bash to boot.

                    Discord is not necessarily a privacy-preserving medium, and it’s not free software: but maybe that’s fine for some use cases like gaming where you may not want to host a server, and are willing to make the trade-off for a no-hassle experience.

                    Ideally we’d have a free option with a similarly easy experience, but I’m not sure we do. Meanwhile, I don’t put this down to malice.

                    1. 5

                      If packagers are patching Discord to put Discord into a Flatpak or Snap, then it’s on those same packagers to patch this update dialog. It’s the same separation of responsibility between any upstream and a distributor: the distributor is responsible for their patches! How can upstream be anticipate 3rd-party, downstream changes?This is a bug in the Flatpack/Snap package.

                      As an aside, this kind of reaction is why my $DAYJOB doesn’t package our Electron app for Linux - we’d rather not deal with this kind of feedback where the true responsibility of support is diffused between our company, the OS maintainers, PPAs, etc, but we end up taking heat from takes like this. You can use our product just fine in Firefox and leverage all the browser’s well-known tools for privacy and customization.

                      1. 6

                        Discord isn’t patched, its packages are simply installers for the tarball using the chosen system.

                        Discord is closed-source software, it can’t be patched that easily.

                      2. 2

                        What are the security/privacy benefits of snap and flatpak?

                        1. 4

                          I’m not sure about flatpak, but I’ve done a little snap packaging. A snap package, roughly speaking, runs inside a container. The packager has to explicitly grant the package every right to break out of that container. Those rights include things like writing to the file system, using the GPU, or listening on network ports. The idea is that snap makes it more difficult for a package to “accidentally” overstep the boundaries set by the packager.

                          1. 2

                            Read this https://www.ctrl.blog/entry/firefox-linux-flatpak-snap.html

                            Containerized applications can prevent the discord client from doing various things with its read access to violate your privacy, among other things.

                          2. 2

                            Do any platforms enforce that binary signatures match the package’s signature? This feels like a common security feature that would cause problems with this technique.