Latest 30 Comments

I've played the demo. It was enjoyable: not too difficult not too easy.
The only thing holding me back to buy is the early access.

View this comment - View article - View full comments - Report this comment

Quoting: buckysrevengeI live in a city 1½ hours south of Seattle, I remember buying the Steam Deck when it first came out and was so excited to get it in a couple days... then I found out it was shipping from Chicago and took over a week to get to me.

That's a kick in the butt, ain't it?

View this comment - View article - View full comments - Report this comment

Quoting: MakiNote that both vulnerabilities are for a local user to gain root access.

They're being blown up out of proportion, if you ask me. And I'm not happy at all about the tools used to find them or the methods to reveal them before a patch could be written and distributed.

I would caution against calling this "out of proportion". I think people wrongly assume that a "local" user has be at your keyboard to do damage. This is NOT the case. Everything you run is a "local" user, namely the account you typically work with. In this world of dependency hell, all it takes is a supply-chain attack. Someone could easily sneak some code into something you download and execute with your local privileges, and boom, you're toast.

View this comment - View article - View full comments - Report this comment

Quoting: Phlebiac

Quoting: Cesare BeauteI payed for a 320Hz 1440p monitor but can only use 144Hz

Does it not have DisplayPort? That's the better choice, when available. Odd that such a monitor would not have it.

It has ports for DisplayPort, but the monitor didn't come with the cable, it only came with an HDMI cable.

View this comment - View article - View full comments - Report this comment

Quoting: NagezahnJust a week ago or so I was thinking "wouldn't it be cool to play in a destroyed world and have the ability to gradually rebuild it and bring it back to life?". So. Yeah. Will check out the demo.

Have you tried Wildmender? It's pretty good, albeit not flawless, and the whole idea is re-growing a world.

I wish there were more games like it.

View this comment - View article - View full comments - Report this comment

I use Mupen64-Next in Retroarch cause i can get game capture to play nicely with it when parallel is set the plugin. That way it plays with Vulkan and game capture can capture it. I just set my Retroarch to run with OpenGL in general so that the UI won't interfere with the capture.

Gopher seems to lack cropping of the image so you get black bars in top and bottom. Also it seems that you can't just do a folder for games to be picked. It seems to run in Vulkan though which is nice for game capture.

Also it seems that the CPU overclocking does not play that nicely compared to Retroarch Mupen64-Next's fullspeed setting which makes it 60fps constant.

I think i will still stay with Retroarch Mupen64-Next as it has much more verbose options.

View this comment - View article - View full comments - Report this comment

Copy Fail was for me a big thing, because it's for so far I can remember the first Linux specific n-day vulnerability that showed commoditization.

Explanation:
I've seen many attacks and attack attempts on Linux specific things.
The others all used zero-days.
This is the first time I see miscreants use an n-days in the Linux ecosystem.
I suspect this proofs I don't run an anti-virus scanner company, because it probably has happened before.
Yet, I don't know these examples.

View this comment - View article - View full comments - Report this comment

Quoting: Ehvis

Quoting: ShabbyXHowever that something must be untrustworthy for there to be a threat. Most of what you use is from distro packages, so should be fine. Steam games aren't (closed source), so you just have to cross your fingers and trust the developer.

True, but the funny thing is. Can those really do much more damage with a "Fail" or a "Frag" than they could do without it? If you're serious about security and do everything you can to separate things, the answer would be yes. But in practice it is most likely a no.

If you run a virus scanner it will most likely keep the Anti-virus killer at bay.
Tor-browser and if I remember correctly firefox have their own download folder sandboxing.
Apache sandboxes itself.
Python enforces sandboxing beyond calling user.
All flatpacks are sandboxed beyond calling user.
It's true that not all sandoxed perectly and obtaining user access is already a great breach, but if you want to have an indication what it limits simply run
 cat /etc/passwd
Each of the lines is a seperate user, which when it obtains root access suddenly can read your files.

Edit:
With the exception of root and your personal account ofcourse.

View this comment - View article - View full comments - Report this comment

Quoting: Caldathras

Quoting: tohur

Quoting: eggroleWhen these things happen (I suspect it is only a matter of time) IMHO the only valid response is to boycott the companies restricting access. Petitions and voting new "leaders" in doesn't seem to work. Violence is always an option, but a terrible one.

Boycotting a few companies into bankrupcy sends a clear message. And given how much hemming and hawing goes on about economics and GDP, I think it is the only language these people understand. Want to restrict the internet, suffer economic losses. All of a sudden the legislature becomes much more receptive and the companies themselves will start actually pushing back because it will now be existential.

people that think voting folks out doesn't work is why we have lazy a$$ people UNWILLING to hold their representatives accountable.. those fools get paid to be in office you threaten their livelihood they will listen when enough people are threatening them

You'll have to correct me if I'm wrong, as I am writing from a Canadian perspective, but there are a lot of countries whose politics are based off the British parliamentary system, just like Canada. At least for Canada, there is no recall option. In other words, the voters can only hold their representative accountable at election time. The politicians know that voters have short memories and tend to gamble quite confidently that the voters' anger will have cooled off by the time the election rolls around. It usually does.

Other issues come up, some politically manufactured, that distract the general voting population from the offense of an individual politician. Generally, the political parties are very careful not to stir up the voters' ire close to election time. So, it is not as simple as "lazy people being unwilling to hold their representatives accountable" -- although it does happen from time to time that a constituency's memory is longer than expected.

There's for most countries no recall option(for obvious stability reasons), but there're several control options, which does affect their ability to function and often even their income.
There're the spread out elections on different levels of government, which all preform checks and balances on each other.(on average 1 par year in Canada)
There's the ability to appeal to the other arms of the trias political.
There's the ability to track how your government has wronged you and remind others when the election does come up(freedom of speech), I'm actually quite surprised how few people do that, since everybody can write and people are quite publicly opiniated.

Your boss can't fire you any moment he likes, yet you still fear his power.
The same is true for politicians.

The accusation here's not laziness, but fatalism. I don't have absolute power, so I have no power, so I should take all the abuse.

View this comment - View article - View full comments - Report this comment

i have sunk a couple of hundreds of hours into first one. I loved it. But community died way too early.
and it was a bit limited.

Just add more content and hopefully this game will be better than first one.

View this comment - View article - View full comments - Report this comment

Quoting: ShabbyXHowever that something must be untrustworthy for there to be a threat. Most of what you use is from distro packages, so should be fine. Steam games aren't (closed source), so you just have to cross your fingers and trust the developer.

True, but the funny thing is. Can those really do much more damage with a "Fail" or a "Frag" than they could do without it? If you're serious about security and do everything you can to separate things, the answer would be yes. But in practice it is most likely a no.

View this comment - View article - View full comments - Report this comment

Just a week ago or so I was thinking "wouldn't it be cool to play in a destroyed world and have the ability to gradually rebuild it and bring it back to life?". So. Yeah. Will check out the demo.

View this comment - View article - View full comments - Report this comment

This looks so fluid, and the 3D effect is pretty sublime. The only thing holding me back from an insta-buy is that there's only around 10 hours of content so far, and the EA is around 2 years, I think. Reckon I'll still buy it, but I have a tendency with this style of release to play the 10 hours, then never play them again! But it looks so good, I think I'll pull the trigger on it anyway. Great devs too, and as the article notes, Linux native.

View this comment - View article - View full comments - Report this comment

Quoting: Ehvis

Quoting: Eike

Quoting: MakiNote that both vulnerabilities are for a local user to gain root access.

Isn't that what privilege escalation is all about?
You got to local user, then you enhance your rights and become root.
I mean, it's not like "local user" means someone has to sit at your keyboard...

No, but someone still needs to have a local user account. So this is a big problem for multi-user systems. But I imagine most of us operate their home machine for themselves only, so for most of "us" it's not immediately exploitable.

It means someone has to run something locally, which you the single user do all the time.

However that something must be untrustworthy for there to be a threat. Most of what you use is from distro packages, so should be fine. Steam games aren't (closed source), so you just have to cross your fingers and trust the developer.

What you should never do, is download random binaries off of the internet and run them (because what is this, windows?)

View this comment - View article - View full comments - Report this comment

Still waiting for MK1 cutscene stutters to be fixed

View this comment - View article - View full comments - Report this comment

Quoting: Renzatic GearFortunately, I was able to get in just ahead of the rush, and grab one for myself. It's currently sitting in a box somewhere in Washington state. I bet it has a label on it and everything.

No, I'm not impatient at all.

I live in a city 1½ hours south of Seattle, I remember buying the Steam Deck when it first came out and was so excited to get it in a couple days... then I found out it was shipping from Chicago and took over a week to get to me.

View this comment - View article - View full comments - Report this comment

Quoting: Eike

Quoting: MakiNote that both vulnerabilities are for a local user to gain root access.

Isn't that what privilege escalation is all about?
You got to local user, then you enhance your rights and become root.
I mean, it's not like "local user" means someone has to sit at your keyboard...

No, but someone still needs to have a local user account. So this is a big problem for multi-user systems. But I imagine most of us operate their home machine for themselves only, so for most of "us" it's not immediately exploitable.

View this comment - View article - View full comments - Report this comment

I got mine yesterday and am loving it. It's pretty comfortable to hold, and it's definitely my main controller from now on.

View this comment - View article - View full comments - Report this comment

On the nested desktop mode, while it does run within Game Mode, you need to make a tweak to the OS to prevent it from corrupting the Steam client.
When the Steam client fails to start on Steam Deck, it wipes the home folder and reinstalls itself.
To avoid this, you have to disable the autostarting of the client, which requires unlocking and modifying the OS partition.
I made a symlink in the system partition which I start the nested desktop mode from in game mode, so it fails after an OS drive update.
And I reapply this patch after OS updates with a quick script, which I'll share here if I remember.

View this comment - View article - View full comments - Report this comment

Quoting: MakiNote that both vulnerabilities are for a local user to gain root access.

Isn't that what privilege escalation is all about?
You got to local user, then you enhance your rights and become root.
I mean, it's not like "local user" means someone has to sit at your keyboard...

View this comment - View article - View full comments - Report this comment

Finally. Now I might be able to get one.

View this comment - View article - View full comments - Report this comment

From the [issues](https://github.com/V4bel/dirtyfrag/issues) it seems Debian 12 is not affected, 13 and 14 are. I cannot say how trustworthy. The one-line-command also deletes the compromised cache, so infected systems should be clean after that command (if no malware got installed) if I understand it correctly. After this command it is still required to update once your distro delivers a patch. It seems the disclosure went wrong and got published too early, so distros may take a bit longer to deliver a patch than usual.

View this comment - View article - View full comments - Report this comment

I understand why they were not sure about the success of Steam Controller 2.
It does look bulky to me, and yes, it's not a cheap one.

View this comment - View article - View full comments - Report this comment

Note that both vulnerabilities are for a local user to gain root access.

They're being blown up out of proportion, if you ask me. And I'm not happy at all about the tools used to find them or the methods to reveal them before a patch could be written and distributed.

View this comment - View article - View full comments - Report this comment

Hmm, they did this with Steam Deck, worked well.
Hopefully the turn around isn't an entire year heh.

I want the frame next and wish I knew the price already.
This wait list would be great for that out of the gate.

They really should do this by default with new hardware.

View this comment - View article - View full comments - Report this comment

Sadly this isn’t going to help. Prices have shot up on steam account selling sites and number of accounts available dropping quick as soon as this was announced so I assuming scalpers are already prepared and we will see extremely long months waits despite this. Not sure what else can be done though.

View this comment - View article - View full comments - Report this comment

Quoting: GustyGhostI thought that the whole point of the announcement and store pages which encouraged people to wishlist this hardware was so that Valve could gauge interest.

At the very least they could have estimated interest based on traffic through their store pages.

to be fair, their wishlist system dont allow you to tell then, you want more than one unit...
and it should, it was quite common for people to have up to 4 controllers, they should support at least that

View this comment - View article - View full comments - Report this comment

I thought that the whole point of the announcement and store pages which encouraged people to wishlist this hardware was so that Valve could gauge interest.

At the very least they could have estimated interest based on traffic through their store pages.

View this comment - View article - View full comments - Report this comment

Out of all the Humble Choice bundles that they've released, this one got me subscribe for the first time because of Diablo IV, Shin Megumi Tensei V and the rest of the games minus Crysis 3 Remastered since it was the only one I already owned previously.

View this comment - View article - View full comments - Report this comment

Quoting: Mountain ManConsidering how poorly the original Steam Controller was received, I don't blame Valve for underestimating demand. The difference now is that the success of the Steam Deck has made people more accepting of what is still a radical departure from traditional controller design.

... and the fact that this controller dont have any missing feature+new features...
and tmr sticks

View this comment - View article - View full comments - Report this comment