Hello, gorgeous community!

My friend, a generally non-technical person is looking for a good gaming distro. He has been daily driving Windows and OS X before, his main motivation for switching Linux is to streamline his contributions to a game development project we have, that is largely Linux-based (we use Nix for dev environments and build automation).

The only Linux distro I’ve ever used for gaming is SteamOS, and all my other experience is in the Nix/Arch domain, so I am not sure what to recommend to my friend.

As I mentioned, the only hard requirement we have is a possibility to sustainably use Nix package manager with experimental functions (command, flakes), - and I am willing to help my friend setting it all up. But I also would like him to be able to use the OS for gaming whilst experiencing only the expected and acceptable amounts of pain.

So far we have Nobara and Chimera on our radar. Is there something you can recommend? Any advice in general would be helpful, thanks in advance!

You are viewing a single thread.
View all comments View context
1 point

None of the desktop environments included with Linux Mint (really) support Wayland. X11 allows any app to keylog easily. X11 is quite bad for Security. Cinnamon has experimental support.

permalink
report
parent
reply
5 points

X11 allows any app to keylog easily.

Yeah, any app that runs on your computer… at which point you have bigger problems than keylogging.

When’s the last time you’ve heard of keylogging being a common problem on Linux btw?

permalink
report
parent
reply
1 point

Just because a malicious application is installed on your computer doesn’t mean it should be allowed to freely exfiltrate data. It does not require root to perform this attack, a malicious script or AppImage could just as easily steal your keypresses. Or an extension in your browser, or a mod for your favorite game. You shouldn’t need to read all the code for every application (including each subsequent patch and update) just to be sure it isn’t stealing your data. Plus, why not use Wayland?

permalink
report
parent
reply
3 points

Again, if you have malicious code running on your computer it can do lots of things. It can access your files, the network etc. You have to keep an eye on security vulnerabilities all the time anyway, which thanks to FOSS is easier. You’re pigeonholing on keylogging but there are lots of ways that malicious code can hurt.

Windows has chosen to go the route of allowing malware in and dealing with the fallout later. It didn’t work out so great. UNIX and Linux have been on the side of not allowing malware in at all if possible.

If you want to use a system that restricts access to all apps to all resources all the time you can, but I think you’ll find it very limiting and inconvenient. But it would be your choice.

In the meantime, if my choice is to disregard the purely hypothetical threat of keylogging, I should be able to do that, especially since breaking inter-window communication also breaks all desktop automation.

And that’s why I don’t use Wayland: it broken desktop automation and it won’t give us a choice in the matter, for the sake of one, randomly selected, purported security issue.

permalink
report
parent
reply
1 point

My point was that X11 is insecure. Security through obscurity is not security. Wayland does not send every keypress to every application, which protects against this attack vector. Wayland is both significantly smaller and more secure than X11. X11 was designed in a time when software was built to simply trust anything that runs on the computer. We need to move past just putting our trust in the software we run. At the very least raise the barrier to perform such an attack.

permalink
report
parent
reply
2 points

Do you sandbox each and every process? Do you whitelist everything each process can do? Every file it can access, every which way it can use the network, every bit of CPU and RAM and hardware resource it can use?

If you don’t do that, why do you want to impose upon me a complete block of inter-window communication, which I use for desktop automation, and which has basically zero security impact in the wild?

I don’t mind Wayland having security features, but why are they so heavy-handed and non-optional? Things like firewalls, AppArmor, cgroups, they’re all customizable. Why is Wayland all or nothing?

permalink
report
parent
reply

Linux Gaming

!linux_gaming@lemmy.ml

Create post

Gaming on the GNU/Linux operating system.

Recommended news sources:

Related chat:

Related Communities:

Please be nice to other members. Anyone not being nice will be banned. Keep it fun, respectful and just be awesome to each other.

Community stats

  • 1.9K

    Monthly active users

  • 530

    Posts

  • 3.5K

    Comments