Even package managers are vulnerable to many security problems - can they guarantee that apps are not infected either directly or indirectly (through a library)? There is also flathub.
Windows have also an option to verify apps through certificates which isn’t the case with Linux AFAIK. If you want to stay safe on Windows to some degree you can, but the real problem IMO is that Windows is hugely more used and run by less technical persons. 🤷♂️
Even package managers are vulnerable to many security problems - can they guarantee that apps are not infected either directly or indirectly (through a library)? There is also flathub. Windows have also an option to verify apps through certificates which isn’t the case with Linux AFAIK. If you want to stay safe on Windows to some degree you can, but the real problem IMO is that Windows is hugely more used and run by less technical persons. 🤷♂️
This isn’t true
Linux package managers typically use GPG which is a much better solution. It is simpler and doesn’t have the unnecessary complexity of certificates.
What security problems do you think package managers are vulnerable to? If the upstream repo is compromised all bets are off regardless of the system.
You are right, GPG signing is good as well. But in both cases you still have unsigned apps.
Yep. And in such case an antivirus software might come handy.