The new Snap app package format is a headline feature of the new Ubuntu 16.04, touted by Canonical as a secure way of developing software that makes it impossible for an app to steal your data.
“The security mechanisms in Snap packages allow us to open up the platform for much faster iteration across all our flavours as Snap applications are isolated from the rest of the system,” Olli Ries, head of Canonical’s Ubuntu client platform products and releases wrote earlier this month.
“Users can install a Snap without having to worry whether it will have an impact on their other apps or their system,” he continued.
But that claim is only half true, according to Matthew Garrett, a well-known Linux kernel developer and security developer at CoreOS.
He contends that using Snap packages on Ubuntu mobile does offer genuine security improvements, but on the desktop that claim is “horribly, awfully misleading”.
“Any Snap package you install is completely capable of copying all your private data to wherever it wants with very little difficulty,” wrote Garrett.
Submitted by: Arnfried Walbrecht