Thank you for the serious response. I did edit my post several times when I realized how confrontational it sounded, and I apologize that it still sounded that way in its final form.
In order to help you understand where I’m coming from, let me explain the first thoughts I had when I found out that snaps auto-update. I use RocketChat for my small group of video content creators. It provides a well-organized communication system, and because it’s both open-source and self-hosted, we can be sure it’s completely private (as far as our security practices will allow.) I used to have RocketChat installed manually, and I would skim through the changelogs before I applied an update.
Here’s a very practical concern I had about switching RocketChat from manual to Snaps: if the snap will automatically pull in any update the developer publishes, then the developer could publish an update that adds a backdoor and allows outside access to my private chats. Of course, the chats on my server don’t store very sensitive information, but once again, I support privacy out of principle, not because I’m keeping secrets.
I understand that the RocketChat developers would be hard-pressed to find a reason to publish such an update, and that doing so would cause all sorts of other problems I’m not addressing. Additionally, I trust the RocketChat developers not to publish an update that adds a backdoor, but with free & open software, I’m not supposed to have to trust the developers, I’m supposed to be able to see things for myself, before I install it on my server/computer.
I know this is only a hypothetical scenario, but all security flaws are hypothetical before they’re exploited. With how overreaching the US government has become in recent years, it’s conceivable to me that they might, say, attempt to force the RocketChat developers to publish an updated Snap with a backdoor to infiltrate the RocketChat server of somebody under investigation. There’s also the possibility of desktop app Snaps being updated to access a computer’s camera, microphone, or filesystem, although from what I understand there may be some security features in Snaps that could prevent that from happening.
Ultimately, I switched my RocketChat server to using Snaps because I know they’re coming down the pipeline whether I want them to or not. (A few weeks later, I had a failed update take my server offline and manual intervention was required to get it working again.) But I’m not comfortable using Snaps on my personal desktop computer as long as it’s set up in a way where the developers give me a time limit to review their code before it’s installed to my system without my knowledge or consent. Does that make sense?