Should I prefer a .deb over a snap package of the same version if I'm concerned about security?
Solution 1:
In general, if the snap
is kept up to date, this might be a better choice for security. So if you have a feeling the snap
is well maintained, go for that. On the other hand, some snaps are NOT well maintained or updated, and in this case the .deb
might still be a better choice.
Also, to vet publishers, try to see what other snaps they have released, check their activity on the Snapcraft forum, check on Github etc. This might give you an idea if they're public and active about their snap releases. In the case of Zoom, Oliver Grawert (ogra) is a Canonical employee.
In the case a company doesn't provide a snap version themselves, there is a community of members who distribute snaps called snapcrafters, but individual people can also release 3rd party snaps.
You could say that snaps are still very dependent on that either companies themselves, or reliable 3rd party distributors (like snapcrafters) make and maintain snap packages.