Best & secure way to install some app

I’ve read a lot of articles here about this subject but I couldn’t reach to a final conclution. I just found out the flatpak is not secure any more for installing our app from it.

This is the list of app I need to use:
Joplin ( note organization )

So this is the list of 8 apps I need to use on Qubes OS. What’s the best option for me to install them securely & would able to update them.

Thanks in advance :slight_smile:

Thx for the link but as I said I have read these artciles, but I can’t understand what do you yet.

For example for installing discord could you please let me know what should I do ?

Based on the link you provided first I have to check if discord app exists in default repositories. So how can I check this?

I went to discord official site & couldn’t find any instruction for getting the package name. Just they had a file with .deb & .tar.gz format to download.

I see two other solutions in another topic:

Method one:
Installing discord on TemplateVM. But I’ve heard that I don’t should connect Templatevm to the internet due to security. So this method doesn’t work

Method two:
Installing through snap by this command:
Fedora: > sudo dnf install snapd
Debian: > sudo apt install snapd
Then: > sudo snap install discord

but again I don’t know if there is any security risk here & what should I do about updating the app ?

I think what you want to do for apps like discord is to copy a template and copy untrustedVM and rename something like discord template and discord vm. then set discord vm to use discord template as its template.

Then you can download discord and look into the documentation or fearch the forum for how to move discord from your vm to the discord template

This way if your discord app is malicious it does not infect everything else running off your default template and you isolate any danger to just the discord vm or any other vms you use discord template for.

Now I made an standalone template based on fedora and then download discord with .tar.gz format from their official site. Then I unzipped it and opened the folder and then click on discord icon. The discord showed up.

Now I have some questions:

  1. How I’m able to add the shortcut to the application list, because any time I want to open it I have to go to file manager & click on discord icon

  2. How can I update the app later?

  3. Is it the safe way If I keep this standalone template for installing the app that I need and have no any other activity on that?

Also I just installed Joplin on the standalone template based on fedora with this command:

wget -O - | bash

But when I want to open it I get this error:
Can not mount AppImage, please check your FUSE setup.

This is not a thing, it’s either a StandaloneVM or a TemplateVM. It’s recommended that you build the latter to then use for AppVMs, since any modification (malicious or not) will persist in the former.

I explained this to you here:

Before you proceed any further with your customization, you should strongly consider reading some important pieces of the documentation:

1 Like