this post was submitted on 30 Oct 2024
1452 points (98.5% liked)

Games

32373 readers
1927 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 1 year ago
MODERATORS
 

Now if only they could more clearly communicate when games are playable offline.

you are viewing a single comment's thread
view the rest of the comments
[–] catloaf@lemm.ee 2 points 4 days ago

It's trust that a hacker won't ever learn how to sign their code in a way that causes it to be respected as part of the game's code instructions.

That's not an accurate description of the exploit you describe. It sounds like the attacker bundled a signed and trusted but known vulnerable version of the module, then used a known exploit in that module to run their own unsigned, untrusted code with high privileges.

This can be resolved by marking that signature as untrusted, but that requires the user to pull an update, and we all know how much people hate updating their PC.