I recently saw the game called “Bongo Cat” on Steam which monitors yours keystrokes and accordingly plays the bongo drums. I saw that it was not working properly on Wayland because it does not allow the game to record keystrokes from other apps.
This got me thinking; how does Steam Valve protect us from malware? I was searching for “steam games malware” on DDG and found out that there were a few incidents regarding this.
I understand that Steam probably has a robust mechanism for understanding game behavior but it’s kind of a black-box for us.
Is there any independent vulnerability checker for games? How paranoid should one be before downloading games from steam?
PS: I know that as Linux users, most attack vectors don’t work for us but it’s good to be aware just in case.
Edit: I need to clarify. I know Steam is just a game-launcher, it’s not supposed to protect the user after the game is installed. I meant to say how does Valve protect the user from malicious games? Is their mechanism known?
As I understand it, Steam has a report feature on their store page for reporting games. Presumably that goes to a person that looks at it.
I think to upload games to Steam you also need to prove your identity. Which means if you do upload malware, then it’s easy to track you down.
Of course, that takes time and things can slip through the cracks. Steam games are still full programs that run on your computer and can do anything a regular program can do, there’s no sandboxing.
Treat them like you would apps on the Google Play store; assume that they’re mostly safe but also give additional scrutiny to ones with low review counts or AI generated images.