The signal org produces a debian-compatible package and an apt server. I suppose there are hoops to jump through to make that work reliably on other distros but by that point my interest in using Linux was dwindling. (I actually moved for the performance benefits which didn’t materialize I think due to linux’ piss poor memory handling – I have a pretty low end laptop with only 16 gb of ram. the above we’re all just issues along the way).
If you care to trust random strangers with your secure messenger that’s a choice you can make (admittedly the desktop isn’t particularly secure to begin with but even more reason to use the actual org’s build imo). I’m sure christian heusel is very reputable.
I don’t consider “wanting a secure app to be installed through first party means” to be particularly unusual. I know in Linux it’s standard to just install random stuff from the internet with root. I’ve obviously done that myself, but for secure stuff I want first party. Making a flatpak wouldn’t be hard (they probably just need to review someone else’s work – it’s like an intern project)
So I went and looked it up, and signal-desktop is listed as a reproducible build, so theoretically you should be able to go and check that it conforms to the source
The signal org produces a debian-compatible package and an apt server. I suppose there are hoops to jump through to make that work reliably on other distros but by that point my interest in using Linux was dwindling. (I actually moved for the performance benefits which didn’t materialize I think due to linux’ piss poor memory handling – I have a pretty low end laptop with only 16 gb of ram. the above we’re all just issues along the way).
It’s also in the official arch repositories, so any arch-derived distro has an easy install. I don’t know about other distros however
If you care to trust random strangers with your secure messenger that’s a choice you can make (admittedly the desktop isn’t particularly secure to begin with but even more reason to use the actual org’s build imo). I’m sure christian heusel is very reputable.
And you also need to trust your OS not taking screenshots of your apps or recording the text displayed onto your screen
There’s plenty of links in this chain, there’s a lot you need to be aware of if you’re going to those lengths. Pick your battles
My os does not do that
I don’t consider “wanting a secure app to be installed through first party means” to be particularly unusual. I know in Linux it’s standard to just install random stuff from the internet with root. I’ve obviously done that myself, but for secure stuff I want first party. Making a flatpak wouldn’t be hard (they probably just need to review someone else’s work – it’s like an intern project)
So I went and looked it up, and signal-desktop is listed as a reproducible build, so theoretically you should be able to go and check that it conforms to the source
https://reproducible.archlinux.org/
But this isn’t anything I’ve looked into myself, so feel free to look into it