Reason 9,584 not to install random .debs from the Internet, *even when you trust the source*:

Brave changed their signing key, breaking app updates. They expect you to manually download, import, and trust a new key from Terminal to fix your system.

Great for Linux experts. Not so great for literally anyone else. Plus, depending on your OS and how it handles GPG and key errors, it could break automatic updates, regular OS updates, etc.

Show thread

Even worse: Brave gets root access to your system every time you install or update their software. They could have used that scary amount of power to fix and avoid this. But they didn't, and it's on users to fix Brave's issues.

· · Mastodon Twitter Crossposter · 1 · 2 · 3

Stick to your curated app stores, folks. Or at least sideload using lower risk technologies like snap and Flatpak. And app developers, DO NOT MAKE YOUR USERS PIPE CURL TO SUDO to install your apps. Provide your apps in a sane format.

Show thread
Sign in to participate in the conversation

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!