Or is it just buggy?

You are viewing a single thread.
View all comments View context

@Pantherina
Yeah, by the same logic lets also call hotdogs dangerous because people have also choked on them!

https://nypost.com/2023/07/11/4-year-old-girl-dies-after-choking-on-costco-hot-dog-report/

At some point we should understand and agree that PEBKAC is a real thing. Logic dictates not to blame Linux and hotdog, and instead understand the consequence of using unverified/unvetted software.

@Bro666

permalink
report
parent
reply
0 points
*

This makes no sense.

The equivalent would be

A: have a hotdog you buy, which you eat with your teeth and your gut and you know how to do it (and also that hotdog doesnt interfere with your body, its a theme not actual molecules that comparison still makes no sense)

B: have a hotdog that decides how it is eaten, and manipulates your body to eat it in any arbitrary way

permalink
report
parent
reply

@Pantherina
I’m sorry that this bug have happened.

But did you, or whoever faced this bug, “eat” it with your “teeth” though? No they didn’t. Why? Because like any proprietary software, OpenSource tools also come with certain terms and conditions that user is expected to read, digest, understand, accept, and then utilize the tool:

https://fosstodon.org/@Mehrad/112128648273530651

User had all the possible chance in the world to read the code and make sure it doesn’t do what it’s not supposed to do.
🧵👇

permalink
report
parent
reply
0 points

Yes for sure, but Firefox, Android etc are also all opensource and allow to install only opensource components, still their model is way more secure.

But for sure, KDE will never become as restricted, as otherways these extensions would not exist.

permalink
report
parent
reply
0 points

Well, yes: the store does advise caution, as we have little control over themes and widgets uploaded by their parties. The same way we would advise caution about running random software downloaded from the internet. That said, it does say KDE Store, so we should have some degree of control over it for our users’ sake. That is what we are working on.

That said part II, we can’t do with it the wider communities support. There simply isn’t the human resources necessary. The 2 options we have are to close down the store completely (but then people will just go to random GitHub repos and download stuff from there), or try to leverage the community to help us locate and remove (or at least quarantine) dodgy products.

permalink
report
parent
reply
0 points
*

Absolutely, and I would like to help with that.

But I think there are multiple parts to this:

  1. Fix the backends so that for example dolphin extensions are directly installed in the correct way and dont even need such scripts
  2. Restrict extensions and themes to be nonexecutable at least by default
  3. Involve the community to mark “dangerous addons” that need executable scripts to install themselves or work; and to report malicious addons; and to add an enforced test before the addon is published

Of course a dolphin extension always executes code. I think hiring a bunch of KDE users as pretesters could work, to enforce that every extension needs to be tested by the 2 community members to end up in the store. There could also always be a way to unhide untested addons etc.

And enforcing stricter guidelines for the extensions is also important of course

permalink
report
parent
reply

KDE

!kde@lemmy.kde.social

Create post

KDE is an international technology team creating user-friendly free and open source software for desktop and portable computing. KDE’s software runs on GNU/Linux, BSD and other operating systems, including Windows.

Plasma 6 Bugs

If you encounter a bug, proceed to https://bugs.kde.org, check whether it has been reported.

If it hasn’t, report it yourself.

PLEASE THINK CAREFULLY BEFORE POSTING HERE.

Developers do not look for reports on social media, so they will not see it and all it does is clutter up the feed.

Community stats

  • 1.1K

    Monthly active users

  • 433

    Posts

  • 1.9K

    Comments