[squiggleblaz]

Linux users who install their apps via a package manager (other than, iiuc, AUR) have at least the vetting of a third party. And this is why a lot of work goes into reproduceable builds and minimal bootstraps.

Apps provided on any platform by major, trusted vendors are much more likely to be safe. Apple/Microsoft/Adobe might find themselves compelled to add a government backdoor, but they're probably not going to chuck in code to send your credit card number to the darkweb.

As for install random programs from unknown vendors on the Google Play Store, yeah, I'm a bit nervous about that. It would be nice if we could manage trust on such platforms in some way, but all we can do is hope to be on guard at all times. Google clearly doesn't care if you get hacked by a third party, as long as they don't do it directly.