Steam could easily gave automation the installs and runs games in a sandbox. Then watches what they do. The things it needed to do to steal the crypto should be vastly different than what a game should be allowed to do.
Why so? Assuming this is the 1st complaint against the game, what was steam supposed to do in the past month?
Modern_medicine_isnt@lemmy.world 1 day ago
ryathal@sh.itjust.works 4 hours ago
Malware creation and detection are billion dollar industries playing an eternal cat and mouse game with each other. These programs don’t just instantly try to steal every file the second they run.
Modern_medicine_isnt@lemmy.world 1 hour ago
I am decently versed in the game of cat and mouse. The fact is, valve could do it. It is just somewhat expensive. Make a law that game distributors are liable for losses if they distribute malware and you would see how well they could do it.
Die4Ever@retrolemmy.com 20 hours ago
There are so many ways malware could get through that. What if it waits for a specific date or a certain amount of progress in the game? This automated sandbox probably wouldn’t be smart enough to beat the game, certainly not with as many games as they have.
Modern_medicine_isnt@lemmy.world 1 hour ago
I chose not to spell out the full test. The fact is, valve could do it. It is just somewhat expensive. Make a law that game distributors are liable for losses if they distribute malware and you would see how well they could do it.
dafta@lemmy.blahaj.zone 1 day ago
This isn’t foolproof. A lot of malware these days is resistant to analysis because they can detect that they’re running in a sandbox and refuse to run the malicioua code.
Modern_medicine_isnt@lemmy.world 1 hour ago
I chose not to spell out the full test. The fact is, valve could do it. It is just somewhat expensive. Make a law that game distributors are liable for losses if they distribute malware and you would see how well they could do it.
dogs0n@sh.itjust.works 21 hours ago
It isn’t easy as you say.
If they could let us run games in a sandbox/virtualised area that would be amazing though. That’s a very big ask though.
I do know that xbox consoles run games in their own hyper-v vm which gives extra protections to us from most malicious code.
Obviously this would be hard for Steam to implement, but it would be a very nice measure.
Modern_medicine_isnt@lemmy.world 1 hour ago
I didn’t say it was easy. The fact is, valve could do it. It is just somewhat expensive. Make a law that game distributors are liable for losses if they distribute malware and you would see how well they could do it.
Nibodhika@lemmy.world 8 hours ago
Have you seen the malware? It would have passed that test.
Modern_medicine_isnt@lemmy.world 1 hour ago
Clearly it passed thier test. But it was not undetectable.
pulsewidth@lemmy.world 3 hours ago
It had a password protected zip file in an update that hid the payload. That is pretty damn basic and would not have gotten past any retail antivirus program’s heuristic detection.
Chances are that Valve is treated as a ‘trusted publisher’ by Microsoft Defender and thus it bypassed the scan. The malware even payload explicitly checks that no retail antivirus was installed, and that Microsoft Defender was active, prior to attempting to extract and run its payload.
(See comments about for explicit details regarding the malware)
Nibodhika@lemmy.world 3 hours ago
Password protected zip file is also a way to deliver content an indie dev might use to lock content, so that on its own is not enough, but also the “payload” was connecting to a remote server, which is not indication of bad behavior, lots of games connect to remote servers and receive commands from there, e.g. event X starts now, or something. Except in this case it allowed a reverse shell.
kbobabob@lemmy.dbzer0.com 1 day ago
Obviously, Steam is supposed to vet the source code of every game thoroughly before it ever gets put up for sale.
pulsewidth@lemmy.world 3 hours ago
Dumb take. There are many ways to scan software without needing access to the source code.
Do you think retail antivirus providers approach every developer of every program version to request a copy of their source code for review before they can verify it’d safe?
AwesomeLowlander@sh.itjust.works 23 hours ago
I wonder how many people are taking your statement at face value without recognising the sarcasm…
KuroiKaze@lemmy.world 19 hours ago
It’s not sarcastic. That’s exactly how most of these platforms work behind the scenes. They run automated, dynamic and static analysis against all the app code looking for potentially harmful signatures.
AwesomeLowlander@sh.itjust.works 19 hours ago
Pretty sure Steam already does that. And no automated (or even manual) analysis is going to be 100% foolproof, or we wouldn’t be worrying about supply chain attacks in Linux. So that puts us back at square one.
Nibodhika@lemmy.world 8 hours ago
That’s not analyzing the code. Also almost assuredly steam does that. Finally that wouldn’t catch this since it was a back door, as long as the attacker didn’t use it it would not be detected by any automated means.