Well, that’s pretty horrifying.
dad, that you?
Shouldn’t Valve be scanning for these types of things!? The alarming part is that players had to find it
This appears to have originally been published as a totally different non-malware game. Either the original dev got their account taken over or turned heel, because the entire game was replaced with the malware game as an update to an existing game rather than a new published game.
I’m only speculating as I don’t know much about the Steam publishing process, but I wonder if that helped the malware sneak past more rigorous checks which would happen on a totally-new upload.
Scanners are only going to pick up known “off the shelf” malware. They are never going to pick up something bespoke that the developers wrote themselves.
There are so many games on Steam and every dey a few hundred more are added. I assume there are automated checks and rudimentary malware scans in place but those aren’t fault proof.
Couldn’t they just put the malware in encrypted compression files that the game unpacks on the client end?
With the amount of games published every day, they can’t. They should, but really can’t. Either they keep it this way, or review each and every game under the Sun to find malware before they get published.
Maybe? Games are huge nowadays and looking through all of them will probably be impossible and not sure how well it’ll prove? Google does that and there still are a lot of malware on play store.
That’s the horror part. It’s part of the immersion.
Joke’s on them. I just put games in my library and never install them.
the simple solution would be to put every game into a sandbox by default
Every program ideally should be in a sandbox and if it wants permission to access something it should have to ask for it.
Kind of like Android or iOS.
Flatpak tries to accomplish this on Desktop, and it works, but isn’t as comprehensive as something like Android or iOS.
On the extreme side, there is QubesOS, which runs every app in a dedicated virtual machine, including the networking stack.
I’ve never seen a flatpak prompt me for permissions. If it needs something it didn’t have it just silently fails for me and I have to guess what permission it needed manually using flatseal. Is that normal or am I setup wrong?
That’s normal.
Flatpak also doesn’t ask for permissions. If an app requires a new one does it just add it upon update?
I believe so.
I think either Bazaar or GNOME software center does tell you if an app asks for more permissions, I forgot which one though
GNOME Software. That’s not what I’m concerned about though.
IIRC Discover on KDE also tells you on the update list. But only somewhere in the list of updates - theres no explicit dialog warning you of changes/new permissions
Is that what proton does on Linux?
No, that’s just to make Windows programs/games run on Linux. But you can e.g. use the Flatpack version of Steam to Sandbox Steam and its games (https://docs.flatpak.org/en/latest/sandbox-permissions.html)
thanks, i didn’t know that! i’ll keep it in mind.
Only downside: Initially the creator of a Flatpack defines how it is sandboxed. For Steam it’s rather permissive. It’s not like on mobile where you get asked for permission for everything potentially dangerous/privacy invading, but rather like the earlier days on mobile where you install a Flatpack and implicitly allow all permissions it wants.
An update might change the permissions or introduce new ones. You can use tools like Flatseal to change the permissions of installed Flatpack apps, but keep in mind that those changes will probably be gone after the next update and can introduce problems.
In the end, sandboxing something like Steam is hard, as you not only need to think about Steam’s permissions, but also any game you might run from it…
yeah personally i would be fine if it could access anything but my own personal files / the OS installation.
Those are my favourite type of game.
/s
Nothing’s free in Waterworld.
And compaines wonder why we have trust issues.
When is valve removing windows 11?
When you buy a Steam Deck or Steam Machine.
They can’t. It’s not sold through Steam.
Isn’t that exactly what SteamOS is doing?
“Valve removes free game”
What? Why are they removing free games??? Oooooh, they must want you to pick the paid games…
“after players discover it contains malware that steals your data”
Oh. Well that’s a very good reason to remove it. Thanks Valve!
Yikes!
to be devils advocate, that is pretty scary.
Once wasm 64 bit deploys more, we should migrate as much as possible to it.
That at least will make it harder to access random files and keys from disk due to the sandboxing.
Sandbox escapes are still possible, but that’s an additional level of control we can enforce.
But it was a “feature”
They had to do one thing…
laughs in proton
Proton does not protect you from harm. It’s not a sandbox.
what about bazzite set to immutable?
That does not stop things from stealing your data.
No but it also doesn’t have windows on the other side, someone would have to target a proton setup to get much of anything.
Ye no. If i made malware for windows that goes over all reported drives wine will just happily translate that. Hell, by default wine will map root as z: so no, wine/proton will not help.
Even wannacry was able to cause some damage to linux if ran through wine
Why wouldn’t they? Linux is gaining market share.
Yeah, it’s slowly gaining market share, but it’s still a minuscule size of the user base
Would that even help? Windows malware can run on Linux precisely thanks to Wine and Proton.
You don’t actually believe this, right?
My uneducated guess is that it would run inside the prefix but would have troubles with basic Windows dependencies not availiable/running, prefix’s folder structure being cut down to the most basic components and barebones, and that nothing actually runs like in Windows but is rather translated from Linux commands to Windows one and back? Meaning there’s no processes or services like in a VM, no way to run cmd or powershell scripts, nothing to steal without leaving containment? Am I wrong somewhere?
I recall there was a wave of dread about Proton leaving host system easily accessible and not implementing any security measures as they are out of scope, but if we assume it’s a virus targeting Windows, I’m half sure it would have troubles doing anything the usual way.
The malware won’t be able to do as much as it could on windows, but it can still access all of the files your user account has access to. It can steal, encrypt or delete all of your files. It can also access your microphone if you have one connected.
You can run Wine as a different user or run it with firejail to limit what it has access to.
Is it applicable to Proton in some way? I’m guilty of using less popular and thus less veried cracked software with it so I’d like some level of protection. Can I separately write it in some config file?
Proton is just Wine with some modifications. You can use the same sandboxing methods you would use with Wine.
Firejail runs apps in a sandbox.
And you can make a separate non-root desktop profile to run it in so even if it somehow escapes containment it can’t run sudo commands or steal your main login’s data.
Hey PieFed user, posting a 5-minute meme video where the guy struggles to make a custom virus do something through Proton isn’t the own you think it is. It literally corroborates my point. Windows viruses and malware will not work through Proton.
