> The best of both worlds is having a centralized distribution of verified software but still be able to install unverified software, in my opinion.
Can an average user download a random app and be hit with malware on default settings with that model? Then it isn't the best of both worlds at all, it's the same old "blame the stupid user" broken strategy we've been using forever.
At least on my system, installing an external package does present a warning (not as alarmist as Apple's, of course) that installing from repositories doesn't.
So yes, Linux really does have the best approach here.
You can add a repo though. You add a repo you thought was trustworthy or a repo becomes compromised, the end.
> So yes, Linux really does have the best approach here.
Nope, just another "blame the idiot user" excuse. Feel free to try again though.
Get over it. You're not going to alter computing with your Hacker News comment. The only real way to stop malware is through code signing. This isn't a new concept or something that Apple came up with, it has always been the case and it's about time we stopped pussyfooting around it.
Can an average user download a random app and be hit with malware on default settings with that model? Then it isn't the best of both worlds at all, it's the same old "blame the stupid user" broken strategy we've been using forever.