← Back to team overview

ubuntu-phone team mailing list archive

Re: Installing click packages without Ubuntu-one

 

On Mon, Oct 14, 2013 at 5:41 PM, Nicolas Delvaux
<contact@xxxxxxxxxxxxxxxxxxx> wrote:
>
>
> 1/ Reinstalling is already possible on the desktop (and opt-in)

It is not, you need to do this yourself. Nothing tracks apps installed
through apt, the only thing being tracked today are apps installed via
the software center that had been uploaded via the software center by
upstream developers (the equivalent of the click appstore). Nothing
has change there, we're just making it easier for upstream developers
to upload their apps directly and not have to go through maintainers.


> 2/ http://qa.debian.org/popcon.php?package=stellarium ?
> Requiring to identifying users may indeed provide more accurate numbers.
> But this has a privacy cost. Is popcon so bad?

This would (almost) be the equivalent of having popcon enabled by
default, which it is not today.


> 3/ Fair enough. You could also just publish an update for the malicious
> package that would remove it and popup something to the user (or
> whatever else, this is the same as if a malicious package was found in
> Debian repositories).

Yes, we will do that too, but not everybody is going to be updating
their apps diligently, so this would be for extreme, time-sensitive
cases.


-- 
Martin


Follow ups

References