Didn’t HEVC work by default for Years now?

Yes, you can have more narrow permissions, and the examples you listed are all valid and examples of apps with sensible permissions.

But since app developers can choose their apps permissions on their own, many apps have broad permissions like the access to the entire filesystem.

Some examples listed in the post:

GIMP, Gedit, VLC, Libreoffice, Audacity, VSCode, Dropbox and Skype

All of these have either the filesystem=home or filesystem=host permission, giving the app acess to basically everything and compromising security.

Flatpaks can have more narrow permissions but aren’t required to have narrow permissions. The post’s statement that many applications have broad permissions remains true.

I stopped using programs like etcher for flashing iso’s after i found out you can just run

cp /path/to/your/file/example.iso /dev/[insert device here]

For example

sudo cp ./Downloads/archlinux-2023-09-01.iso /dev/sdb

I love it because it just works on any linux machine, always. Of course, this is maybe not fit for your usecase.

You can also use dd, tee or even echo, the archwiki has a good section on flashing iso’s.