this post was submitted on 21 May 2026
538 points (99.3% liked)

Technology

86387 readers
3301 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] gandalf_der_12te@discuss.tchncs.de 135 points 1 month ago (2 children)

the simple solution would be to put every game into a sandbox by default

[–] scholar@lemmy.world 135 points 1 month ago (2 children)

Every program ideally should be in a sandbox and if it wants permission to access something it should have to ask for it.

[–] defaultusername@lemmy.dbzer0.com 62 points 1 month ago (2 children)

Kind of like Android or iOS.

Flatpak tries to accomplish this on Desktop, and it works, but isn't as comprehensive as something like Android or iOS.

On the extreme side, there is QubesOS, which runs every app in a dedicated virtual machine, including the networking stack.

[–] LodeMike@lemmy.today 8 points 1 month ago (2 children)

Flatpak also doesn't ask for permissions. If an app requires a new one does it just add it upon update?

I believe so.

[–] hirihit640@sh.itjust.works 1 points 1 month ago* (last edited 1 month ago) (1 children)

I think either Bazaar or GNOME software center does tell you if an app asks for more permissions, I forgot which one though

[–] LodeMike@lemmy.today 1 points 1 month ago (1 children)

GNOME Software. That's not what I'm concerned about though.

load more comments (1 replies)
[–] BradleyUffner@lemmy.world 3 points 1 month ago (1 children)

I've never seen a flatpak prompt me for permissions. If it needs something it didn't have it just silently fails for me and I have to guess what permission it needed manually using flatseal. Is that normal or am I setup wrong?

[–] defaultusername@lemmy.dbzer0.com 2 points 1 month ago (1 children)
load more comments (1 replies)
[–] justlemmyin@lemmy.world 2 points 1 month ago (1 children)

Is that what proton does on Linux?

[–] elvith@feddit.org 19 points 1 month ago (3 children)

No, that's just to make Windows programs/games run on Linux. But you can e.g. use the Flatpack version of Steam to Sandbox Steam and its games (https://docs.flatpak.org/en/latest/sandbox-permissions.html)

load more comments (3 replies)
[–] HertzDentalBar@lemmy.blahaj.zone 10 points 1 month ago

Those are my favourite type of game.

/s

[–] DevoidWisdom@sh.itjust.works 102 points 1 month ago

And compaines wonder why we have trust issues.

[–] HAL_9_TRILLION@lemmy.dbzer0.com 54 points 1 month ago* (last edited 1 month ago)

Joke's on them. I just put games in my library and never install them.

[–] GutterRat42@lemmy.world 50 points 1 month ago

That's the horror part. It's part of the immersion.

[–] BeUnique@lemmy.zip 33 points 1 month ago (7 children)

Shouldn't Valve be scanning for these types of things!? The alarming part is that players had to find it

[–] FireWire400@lemmy.world 31 points 1 month ago* (last edited 1 month ago)

There are so many games on Steam and every day a few hundred more are added. I assume there are automated checks and rudimentary malware scans in place but those aren't fault proof.

[–] rob_t_firefly@lemmy.world 12 points 1 month ago

This appears to have originally been published as a totally different non-malware game. Either the original dev got their account taken over or turned heel, because the entire game was replaced with the malware game as an update to an existing game rather than a new published game.

I'm only speculating as I don't know much about the Steam publishing process, but I wonder if that helped the malware sneak past more rigorous checks which would happen on a totally-new upload.

[–] bold_atlas@lemmy.world 11 points 1 month ago* (last edited 1 month ago)

Couldn't they just put the malware in encrypted compression files that the game unpacks on the client end?

[–] Hudell@lemmy.dbzer0.com 7 points 1 month ago (3 children)

When I first published a game on steam, valve kept blocking it because I had checked "controller support" and they tested it and said it didn't work with controllers. I tried to find any controller that didn't work, asked a lot of people to test it for me as well, no issues whatsoever. Gave up and unchecked that option. Game got approved. Players used controllers just fine, I went back and checked it and never heard anything from valve again.

load more comments (3 replies)
[–] BradleyUffner@lemmy.world 6 points 1 month ago

Scanners are only going to pick up known "off the shelf" malware. They are never going to pick up something bespoke that the developers wrote themselves.

load more comments (2 replies)
[–] teslekova@sh.itjust.works 28 points 1 month ago (1 children)

Well, that's pretty horrifying.

[–] osanna@lemmy.vg 4 points 1 month ago (1 children)
load more comments (1 replies)
[–] tehn00bi@lemmy.world 20 points 1 month ago (3 children)

When is valve removing windows 11?

[–] Warl0k3@lemmy.world 41 points 1 month ago* (last edited 1 month ago)

Isn't that exactly what SteamOS is doing?

[–] Kolanaki@pawb.social 14 points 1 month ago

When you buy a Steam Deck or Steam Machine.

[–] Chais@sh.itjust.works 9 points 1 month ago

They can't. It's not sold through Steam.

[–] Lost_My_Mind@lemmy.world 16 points 1 month ago

"Valve removes free game"

What? Why are they removing free games??? Oooooh, they must want you to pick the paid games....

"after players discover it contains malware that steals your data"

Oh. Well that's a very good reason to remove it. Thanks Valve!

[–] panda_abyss@lemmy.ca 13 points 1 month ago

Once wasm 64 bit deploys more, we should migrate as much as possible to it.

That at least will make it harder to access random files and keys from disk due to the sandboxing.

Sandbox escapes are still possible, but that’s an additional level of control we can enforce.

[–] BoxOfFeet@lemmy.world 9 points 1 month ago

Nothing's free in Waterworld.

[–] LapGoat@pawb.social 7 points 1 month ago

to be devils advocate, that is pretty scary.

[–] TryingToBeGood@reddthat.com 7 points 1 month ago
[–] Gsus4@mander.xyz 1 points 1 month ago

They had to do one thing...

[–] Squatcher@piefed.social 1 points 1 month ago

But it was a "feature"

load more comments
view more: next ›