https://mullvad.net/en/help/install-mullvad-app-linux
Trying to install VPN and these are the instructions Mullvad is giving me. This is ridiculous. There must be a more simple way. I know how to follow the instructions but I have no idea what I’m doing here. Can’t I just download a file and install it? I’m on Ubuntu.
More or less: yes.
It’s copy and pasting 5 lines into the terminal and hitting enter. It’s not that hard. If it’s not worth the 15 seconds of ‘work’ you probably don’t need the software that badly.
And it’s not the default. Usually you shouldn’t add random software sources and download software from some websites. Your Linux package manager should be the source for software. (Software Manager / Store / Synaptics, … whatever Ubuntu calls it) It installs software with one or two clicks with the mouse, the software there is tested and tied into the rest of the systems and tens of thousands of packages are available. No malware guaranteed, and updates are handled automatically.
And with other Operating systems it’s also ridiculous: You need to find the website of some software, avoid malware and copycats that advertise similar software with ads, click download, click ‘yes’ I accept a download with a harmful extension. Then you need to open the file manager and double click on it. Then a window opens and you need to click ‘next’. Accept the terms. Give permission to install and maybe remove a few ticks and choose a location. I’d say it’s about the same amount of work and the downside is it doesn’t necessarily handle updates and security fixes.
I think Ubuntu doesn’t have Mullvad available in their own repository. I took another approach and imported their settings/profile into the VPN/network manager that is available per default on many Linux distributions. No install required at all. But importing the settings isn’t easier, so YMMV here. And I think you have to create a profile for each and every country/endpoint which is a bit cumbersome, depending on what you’re trying to do with the VPN.
Telling people to just run random code they found on the internet and don’t understand is really bad advice.
That statement is certainly true.
But how do you think you install software on Windows? You download a random installer from the internet and double-click it. The installer is an executable file and runs some code on your computer to set up the software. I’d argue it’s exactly the same.
In the one instance you copy and paste code and run it. In the other instance you execute an installer that also contains the random code. And you can’t even have a look what happens.
The real issue is: You have to trust the vendor. If you don’t trust Mullvad, don’t run their 5 lines of code. But you then also shouldn’t install their software and not run their windows installer. I don’t see a way around this ‘trust’ issue.
The proper way of course would be a standardised process that also confines the software into containers with minimal permissions. Something like Android Apps. In theory you could add a default update process so the vendor just needs to define an update server in the (apk) installer file. Google didn’t do this, but they want people to use their Play Store. And I don’t think we have a permission system that is actively used on any of the major desktop operating systems, anyways.