[schmichael]

> I don't understand why anybody wants this.

Because creating debs is largely a completely distinct undertaking from the dependency and build management the developer of an app does.

Bundles, whether via images or static binaries, allow app developers to distribute their app against the exact dependencies it was developed against -- potentially using the same build system.

There's obviously tradeoffs to each approach, which is why I don't think there's one right way to distribute every bit of executable code on a system.

> People want containers to be magic but they're actually a hard problem.

I work on a container orchestrator, so I understand some of the difficulty. :) Mobile apps are years ahead of desktop apps when it comes to containerizing in a user friendly way. Obviously there's plenty of work still to be done, but the problem is far from intractable and the benefits are enormous.

[im3w1l]

Mobile apps are a hellscape. It's an example of how wrong things can go. Apps treat their privilege model as a license to abuse all their privileges as much as possible.

Ability to read Contact list? Location access? Great let's upload it all to the Googbook analytics for data mining our customers.

[schmichael]

But what's the alternative? No MAC and every app has all user privileges by default like most Linux distros?

I would argue the concept has not failed, just the implementations have fallen short. And for good reason! It's an extremely complex confluence of cutting edge technology, UX, security, privacy, etc. It's been improving, and surely the open source community can do it even better (or at least with a greater focus on privacy).

[nikau]

It would be nice to have a prompt when the phone asks for phone book access:

Allow Deny Fake

The Fake would just have generated names and numbers to pollute their data mining.