nostr:npub1akz7ttaqv3y4m7eu3n56d8lcchpx0w5fa56nzf4vrshv5h8npnrs8qfcqj I'm kind of on both sides of this. I definitely default to sudo apt install, but I also see benefits to the containerizing and sandboxing of apps. What's important to keep in mind, I think, is that the isolation of these apps is, at best, a mitigation of the threat, not an elimination of it. And at worst, it provides a false sense of security about these app formats.