Devuan also provides [contrib] and [non-free] packages from Debian though we don’t recommend using them:

    the [contrib] section contains free code that depends on non-free software.
    the [non-free] section contains packages distributed under the terms of proprietary licenses that deny you one or more computing freedoms.

But sometimes you don’t have a choice. If your machine requires non-free firmware to run, some computing is better than none. You should be aware that non-free firmware may contain undisclosed functionality that may be used against you (backdoors or spyware) and there’s little chance to discover it as the source code is not available for review. Using non-free software means to trust the vendor not only to be cooperative but also not to be coerced into shipping insecure or malevolvent code.

Proprietary software licenses (non-free) may grant the vendor explicit or implicit rights beyond what the law requires from you as a user such as copyright waivers for content created using the program or the ability for the vendor to use your image or sell your private information. Please consult a lawyer before choosing to relinquish your freedom.

Distribution Packages

I still hope that there's a place for distribution packages. The leaf packages ("apps") do need some kind of sandboxing, as sandboxing is good and important to have (not only to protect the "root" user, but protect the user's data, as usually there's more privacy-related juicy info in $HOME than in all of the system folders).

Even with Flatpak, there's still some duplication (e.g. the GTK version from the distro package and the Freedesktop Platform Flatpak), but it's better than Snap's "let every snap ship with its own version of ICU" or AppImage's "just run this executable, it contains Everything" approach.

RISC-V is the future man!

A distant one, but a future nonetheless...

That means that it only runs programs that you directly tell it to run.

Implications

What this essentially means is that any windows malware needs to be executed to work, so if you download a corrupted version of someProg that in turn downloads and executes someMalware, then nothing would happen. The reason being is that instead of executing someMalware like Windows, for the malware to work it would need to be initiated by WINE, and therefore by you. Installing WINE does not open your computer up to any "Windows malware" because you are directly in control of what exes, bats, and coms WINE executes. The only theoretical danger is if you download a Linux program that downloads a windows virus, and then calls WINE to execute that virus, and then fixes everything to work out of the WINE sandbox.