Consider wording and colouring of "Proprietary" tile
Please bear the following two points in mind when reading what I write below:
- I am on Team FLOSS.
- I am aware that "bikeshedding" in its original statement literally refers to arguing about the colour of a tiny part of a much larger project! Important update: the email I am thinking of only refers tangentially to colour!
!863 (merged) implements a tile that is shown for proprietary apps. It has three red icons, and text:
This app is not developed in the open, so only its developers know how it works. It could be insecure, or actively do nefarious things that are hard to detect or prevent.
By installing this app you are putting a high amount of trust in the developers.
Could we consider making the icons yellow or neutral gray, rather than red, for proprietary apps? By analogy to the safety tile: proprietary apps are not necessarily "nefarious". So to me yellow "warning" seems more apt than red "bad": the app might be benign, or it might not be, but we just don't know. (I'd hope that e.g. Flathub would yank a malicious app quickly if one were discovered.)
The second and third sentences are arguably true of all software. Sandboxing helps of course, but installing and using an app does always involve a level of trust in its developers not doing nefarious things in hard-to-detect ways. I doubt that anyone has audited the source code of the WhatsApp wrapper app I installed from Flathub.
The old text was:
This means that the software is owned by an individual or a company. There are often restrictions on its use and its source code cannot usually be accessed.
The first sentence is misleading IMO: all software is owned by one or more individuals or companies, regardless of its license. The new first sentence is much better.
The second sentence of the old text is true. It's a softer message, for better or for worse.
Perhaps:
This app is not developed in the open, so only its developers know how it works. There may be restrictions on its use, and it may be harder to tell if the app is insecure or nefarious.
By installing this app you are putting a high amount of trust in the developers.