112
Steam is a ticking time bomb (www.spacebar.news)
submitted 7 months ago by corbin@infosec.pub to c/technology@beehaw.org
you are viewing a single comment's thread
view the rest of the comments
[-] MachineFab812@discuss.tchncs.de 6 points 7 months ago

More like, if the Steam app ever goes 64bit, watch out. A non-shittified app like so should never require 4gb+ of RAM or anything more complicated than a 32bit instruction set.

not correcting you on the contents of the article or anything, just that 32bit is nothing close to a mark against the Steam app.

[-] Zangoose@lemmy.one 1 points 7 months ago

Isn't supporting 32-bit apps on a 64-bit OS a security concern though? I thought that's why some linux distros were disabling 32-bit repositories by default on their 64-bit versions

[-] jarfil@beehaw.org 4 points 7 months ago

Not by itself.

Distros are shutting down system 32bit repos, because they require effort to be maintained: people who patch possible security holes, and people who test and package them. As most people have switched to 64bit systems, developers are no longer maintaining 32bit versions, no longer patching them, and barely anybody cares to check or run them, so any possible security flaws can slip through.

This is all irrelevant if you run stuff in a VM, or a container: so it has a security flaw? Cool, let it get... nothing, it's contained.

Games running in a contained Wine, or in a OS container, can have all the security flaws they want, who cares. Games also rarely get security patches, or any kind of patches at all, so running them contained should be standard practice anyway.

[-] MachineFab812@discuss.tchncs.de 2 points 7 months ago* (last edited 7 months ago)

32-bit apps use a sub-set of the same instructions that still exist on current 64-bit systems. Running 64-bit alone does nothing to eliminate any flaws, real or imagined, from the 32-bit side of things.

As @jarfil@jarfil@beehaw.org has stated, 32 bit repos are being de-listed because no one can be bothered to maintain them(on a professional, full-time basis), and that lack of code/functional review could allow flaws to slip through. Meanwhile, a lot of those same 32-bit repos continue to exist(as community-maintained versions - my preferrence anyways) and can be accessed by interested users from most distros. They aren't blocked, just de-listed and unsupported by those distro maintainers.

[-] Zangoose@lemmy.one 2 points 7 months ago

Thanks for the explanation! I didn't realize it was mostly a maintenance limitation, I thought maybe 32-bit instructions could be an extra attack vector on a physical CPU instruction level or something like that.

this post was submitted on 05 Apr 2024
112 points (100.0% liked)

Technology

37702 readers
172 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS