this post was submitted on 21 May 2026
539 points (99.4% liked)

Technology

86333 readers
3248 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
top 50 comments
sorted by: hot top controversial new old
[–] gandalf_der_12te@discuss.tchncs.de 135 points 1 month ago (2 children)

the simple solution would be to put every game into a sandbox by default

[–] scholar@lemmy.world 135 points 1 month ago (2 children)

Every program ideally should be in a sandbox and if it wants permission to access something it should have to ask for it.

[–] defaultusername@lemmy.dbzer0.com 62 points 1 month ago (2 children)

Kind of like Android or iOS.

Flatpak tries to accomplish this on Desktop, and it works, but isn't as comprehensive as something like Android or iOS.

On the extreme side, there is QubesOS, which runs every app in a dedicated virtual machine, including the networking stack.

[–] LodeMike@lemmy.today 8 points 1 month ago (4 children)

Flatpak also doesn't ask for permissions. If an app requires a new one does it just add it upon update?

I believe so.

load more comments (3 replies)
[–] BradleyUffner@lemmy.world 3 points 1 month ago (1 children)

I've never seen a flatpak prompt me for permissions. If it needs something it didn't have it just silently fails for me and I have to guess what permission it needed manually using flatseal. Is that normal or am I setup wrong?

[–] defaultusername@lemmy.dbzer0.com 2 points 1 month ago (1 children)
load more comments (1 replies)
[–] justlemmyin@lemmy.world 2 points 1 month ago (1 children)

Is that what proton does on Linux?

[–] elvith@feddit.org 19 points 1 month ago (1 children)

No, that's just to make Windows programs/games run on Linux. But you can e.g. use the Flatpack version of Steam to Sandbox Steam and its games (https://docs.flatpak.org/en/latest/sandbox-permissions.html)

[–] gandalf_der_12te@discuss.tchncs.de 1 points 1 month ago (1 children)

thanks, i didn't know that! i'll keep it in mind.

[–] elvith@feddit.org 6 points 1 month ago (1 children)

Only downside: Initially the creator of a Flatpack defines how it is sandboxed. For Steam it's rather permissive. It's not like on mobile where you get asked for permission for everything potentially dangerous/privacy invading, but rather like the earlier days on mobile where you install a Flatpack and implicitly allow all permissions it wants.

An update might change the permissions or introduce new ones. You can use tools like Flatseal to change the permissions of installed Flatpack apps, but keep in mind that those changes will probably be gone after the next update and can introduce problems.

In the end, sandboxing something like Steam is hard, as you not only need to think about Steam's permissions, but also any game you might run from it...

yeah personally i would be fine if it could access anything but my own personal files / the OS installation.

[–] HertzDentalBar@lemmy.blahaj.zone 10 points 1 month ago

Those are my favourite type of game.

/s

[–] DevoidWisdom@sh.itjust.works 102 points 1 month ago

And compaines wonder why we have trust issues.

[–] HAL_9_TRILLION@lemmy.dbzer0.com 54 points 1 month ago* (last edited 1 month ago)

Joke's on them. I just put games in my library and never install them.

[–] GutterRat42@lemmy.world 50 points 1 month ago

That's the horror part. It's part of the immersion.

[–] BeUnique@lemmy.zip 32 points 1 month ago (7 children)

Shouldn't Valve be scanning for these types of things!? The alarming part is that players had to find it

[–] FireWire400@lemmy.world 31 points 1 month ago* (last edited 1 month ago)

There are so many games on Steam and every day a few hundred more are added. I assume there are automated checks and rudimentary malware scans in place but those aren't fault proof.

[–] rob_t_firefly@lemmy.world 12 points 1 month ago

This appears to have originally been published as a totally different non-malware game. Either the original dev got their account taken over or turned heel, because the entire game was replaced with the malware game as an update to an existing game rather than a new published game.

I'm only speculating as I don't know much about the Steam publishing process, but I wonder if that helped the malware sneak past more rigorous checks which would happen on a totally-new upload.

[–] bold_atlas@lemmy.world 11 points 1 month ago* (last edited 1 month ago)

Couldn't they just put the malware in encrypted compression files that the game unpacks on the client end?

[–] Hudell@lemmy.dbzer0.com 7 points 1 month ago (3 children)

When I first published a game on steam, valve kept blocking it because I had checked "controller support" and they tested it and said it didn't work with controllers. I tried to find any controller that didn't work, asked a lot of people to test it for me as well, no issues whatsoever. Gave up and unchecked that option. Game got approved. Players used controllers just fine, I went back and checked it and never heard anything from valve again.

load more comments (3 replies)
[–] BradleyUffner@lemmy.world 5 points 1 month ago

Scanners are only going to pick up known "off the shelf" malware. They are never going to pick up something bespoke that the developers wrote themselves.

[–] TotallyWorthLife@lemmy.world 1 points 1 month ago

With the amount of games published every day, they can't. They should, but really can't. Either they keep it this way, or review each and every game under the Sun to find malware before they get published.

load more comments (1 replies)
[–] teslekova@sh.itjust.works 28 points 1 month ago (1 children)

Well, that's pretty horrifying.

[–] osanna@lemmy.vg 4 points 1 month ago (1 children)
[–] HugeNerd@lemmy.ca 1 points 1 month ago

Why, you wanna steal his joke?

[–] tehn00bi@lemmy.world 20 points 1 month ago (3 children)

When is valve removing windows 11?

[–] Warl0k3@lemmy.world 41 points 1 month ago* (last edited 1 month ago)

Isn't that exactly what SteamOS is doing?

[–] Kolanaki@pawb.social 14 points 1 month ago

When you buy a Steam Deck or Steam Machine.

[–] Chais@sh.itjust.works 9 points 1 month ago

They can't. It's not sold through Steam.

[–] Lost_My_Mind@lemmy.world 16 points 1 month ago

"Valve removes free game"

What? Why are they removing free games??? Oooooh, they must want you to pick the paid games....

"after players discover it contains malware that steals your data"

Oh. Well that's a very good reason to remove it. Thanks Valve!

[–] panda_abyss@lemmy.ca 13 points 1 month ago

Once wasm 64 bit deploys more, we should migrate as much as possible to it.

That at least will make it harder to access random files and keys from disk due to the sandboxing.

Sandbox escapes are still possible, but that’s an additional level of control we can enforce.

[–] BoxOfFeet@lemmy.world 9 points 1 month ago

Nothing's free in Waterworld.

[–] LapGoat@pawb.social 7 points 1 month ago

to be devils advocate, that is pretty scary.

[–] TryingToBeGood@reddthat.com 7 points 1 month ago
load more comments
view more: next ›