Bonum Certa Men Certa

Why You Shouldn’t Use SteamOS, a Really Incompetent GNU/Linux Distribution With Security Pitfalls (Lutris is a Great Alternative)

Guest post by Ryan, reprinted with permission from the original

It was bowling night on Wednesday, and between frames, I was reading about SteamOS.



Michael Larabel on Phoronix and plenty of others have blogged about it over the years, and Richard Stallman gave some vague opinions about relativistic harms vs. good that it may do for the Free Software community.



While I don’t think there’s anything wrong with proprietary games, in particular, one of the issues I do have with them is DRM, or Digital “Rights” Management. A better name for this is Digital Restrictions Management, or just “digital handcuffs”.



The industry has tried it on everything from movies, music, video games, and books, but it never stops people from attacking it and eventually winning. On a good day, DRM flakes out and causes problems for people who went and paid for a licensed copy of the program, on a bad day, it makes what they’ve “purchased” completely unusable and worthless.



It also causes perfectly good TVs to malfunction because you tried to plug them into your computer to watch Amazon Prime Video or something, and instead it tells you the screen doesn’t support the latest HDCP DRM version.



In another example, when Borderlands 3 released with that horrible DRM that ran in a virtual machine and caused the game to chug along and crash, and finally (after it was pirated), the publisher removed that form of DRM. Or when Microsoft’s Activation servers occasionally glitch and start telling the user they’re running “counterfeit Windows”.



When a person pays for something, and then gets this, it’s not just an insult, it’s an outrage.



But there are some people, like the fools who used iTunes, and then spent years having Apple telling them how and when and where they could use their music files, then finally could PAY THEM AGAIN for a clean copy, and THEN had Apple delete all of their files without asking and tell them to subscribe for $12.99 a month to Apple music.



These fools may or may never learn that DRM is, at a fundamental level, just a way to cheat them out of their money over and over again.



It sucks to be them, but we shouldn’t join them just because a computer seems “easy to use” or “pretty to look at”. I mentioned earlier, we can make Free Software easy to use and pretty to look at too.



All of these issues aside, Valve, the company that makes Steam, also made “SteamOS”, which is a GNU/Linux distribution pitched as “really optimized for gaming”.



However, when you look at what Reddit users say about it, you quickly find complaints that Valve has committed the horrendous security practice of logging in everyone as the same “user”, meaning even if you have different passwords, it’s really the same Linux account, and none of your files or browsing history or anything is off limits.



You’re all using this same account, which is bad for privacy, and you end up stepping on each other’s toes due to the organizational mess.



They’ve essentially re-invented Windows 98’s concept of “users” for some godforsaken reason.



Moving right along, we see that Valve also sometimes goes more than a year and a half without even patching it for security issues. Nothing wrong with using an OS that hasn’t gotten a security patch in 18 months, right?



Then they complain that while it includes the proprietary Nvidia drivers, they’re usually much older than the ones you could install yourself if you have an Nvidia card and some other GNU/Linux distribution, and due to the unpredictable releases and long periods without any patching, the open source AMD and Intel drivers which are bundled with the OS in every GNU/Linux distro have fallen far behind and may not be up to the task of running current software or hardware.



Then what really made me go “OMGWTF” was when Valve switched the underlying system away from Debian (because $@%@ stability, I guess?) and towards Arch Linux. I still don’t know if they release security updates or not, but it was at this point where I just became completely disinterested in SteamOS. Even for amusement.



But the list of reasons why you shouldn’t use Steam OS isn’t just that Valve designs shitty software that doesn’t give a damn about your Freedom or your security, it’s that there’s a million ways to get things done and this is a classic example of “If you want something done right, do it yourself!”.



These days, it’s not particularly hard to install and configure a GNU/Linux system like Debian or Mageia or the others.



Even if you want to install Steam, it’s not like it’s a “SteamOS” exclusive. There is a Debian package, and a Flatpak.



But what I’ve recently taken a liking to is Lutris, it has concepts like “Runners” and makes installing video games from all kinds of sources (and classic consoles) a breeze.



It’s not _just_ Wine that Lutris makes dead simple to use, either, but my favorite feature is definitely that it can configure and manage games and other programs in Wine for you, without you having to worry about mucking up settings and trying to figure out DLL overrides to make things like DXVK or VKD3D work.



In my Debian 11, I’ve been having a lot of fun playing games when before it was more of a pain in the ass trying to set up Wine in order to do something the right way. In fact, the biggest trouble I’ve had out of a game lately, and I blogged about it, was Fallout New Vegas crashing all of the time, and the NVSE/New Vegas Anti Crash mods are something you’d need to screw around with on Windows as well.



While Steam is proprietary software under a proprietary license which brings in tons of crap and garbage and still often doesn’t work right, Lutris is licensed under the GNU GPLv3.



I’ve installed the latest version for Debian according to the Lutris instructions and paired it with the Wine Development Branch for my “System Wine”, which is currently sitting at 6.19 as of the time I’m writing this.



Every two weeks, WineHQ pushes the latest version into my copy of Debian and I get all of their latest improvements.



But how did SteamOS go so wrong?



Well, it’s not hard to imagine why, for me at least. Gabe Newell is a former Microsoft employee, and everyone there had nothing but Windows development experience when they ported Steam over, and that almost never ends well because they take an attitude of “Whatever gets it working now, just toss it in there.” that they learned from Windows, and well, gross.



Then they decided to do an entire GNU/Linux distribution.



Luckily, their Wine fork, Proton, ends up seeing most of the genuine improvements code reviewed and then merged back into Wine itself.



Years ago, we had a different problem. Wine had been licensed under the MIT X11 license, which is basically one of those “Do whatever the hell you want with it.” ones. A company called “Transgaming” came along and forked it and made “Cedega” for GNU/Linux, and “Cider” for the Apple Mac.



When the Wine project realized that they had made a huge mistake and that this hostile closed fork was competing with them, Wine changed its license to the LGPL v2.1 going forward. Then, Transgaming’s days were numbered. They no longer had any Wine code to swipe, so they did a “go it alone” version of Direct3D and some other things.



For a short while, it worked better than upstream Wine did, but eventually they couldn’t keep up and went out of business.



If Wine was still under the MIT license, Proton would have been another Cedega/Cider. But since it’s copyleft, we get to benefit from any improvements Valve makes. And like I’ve pointed out before, we don’t particularly need any Valve software on our computers.



There are other companies that have treated their customers better over the years, such as Gog.com, and they’re supported in Lutris.



In closing, if you like gaming on GNU/Linux and don’t want to tear your hair out, avoid Valve entirely if you can, or at least ignore “Steam(ing Pile)OS” and install a real GNU/Linux distribution, for crying out loud.



The security mess alone reminds me of Linspire, years ago (original company, under Michael Robertson) saying it logged everyone in as root because security would confuse Windows users, and Hans Reiser’s new file system would have ACLs that made UNIX permissions obsolete soon anyway.



I tried to reach out to Mr. Reiser to see how that’s coming along, but he’s still really really in prison in California for murdering his wife with a knife.

Recent Techrights' Posts

Fake News With Fake Numbers About Microsoft
"This is what happens when the world's economy is governed by sick old men"
Slopwatch: "Google News" is Fast Becoming a Mashup of Slopfarms, Linux Journal ("LJ") is a Dump of LLM Slop
Well done, Google News. Google itself can flourish as a slopfarm mashup.
Torturing Users Who Just Want to Run GNU/Linux on Their Own PC
"Linux does not want to install"
European Authorities, Already Bribed and Infiltrated by Microsoft, Won't Help You Find BigBlueButton, Jami, Ring, and Jitsi
Because they're paid by Microsoft and are Microsoft 'addicts' themselves
Moving From Content Management Systems (CMSs) to Static Site Generators (SSGs) Saves You Time, Makes You a Lot More Productive
try to reduce the cost (financial and computational) of running your site
Leak: European Patent Office (EPO) is Now Attacking Amicale Clubs
corruption has become the norm and scientists are robbed of any dignity
Oracle Fraud (or Defrauding Shareholders)
"the obvious [lie] is that watts are (wasted) electricity [and] and FLOPS are computing capacity"
Explaining (in Length and Depth) the Damage Matthew Garrett Did to Linux and to GNU/Linux Users
no matter how many threats we receive
 
Microsoft Inside Your Linux: "Security vulnerability that allowed an attacker to bypass UEFI Secure Boot."
2 hours ago
A New Low for "Linux Journal": Promoting MICROSOFT WINDOWS Using LLM Slop
They've just jumped the shark entirely
The Register MS Still Takes Money to Hype Up "AI" in Articles by Microsoft Resellers With the Term "AI" 30+ Times in Them
Notice how many times they mention "AI"
The Apache Logo News is VERY Old, Racists and 'Anti-Woke' Bigots Look for Something to Incite Other Bigots With
Nothing to see here, move along
Linux Mint 9/11: "4th One Today..." (in Reddit)
Remember that not everyone having an issue reports it to social control media like Reddit
Nepal Will Fall Without a Single Shot Fired, Thanks to Social Control Media
Or very few shots (by the authorities)
European Corruption in the European Patent Office (EPO) Targets Culture
"In reality, the project includes a new “legal instrument” shifting administrative burden and liability on EPO staff while creating new uncertainty and externalising Amicale activities."
UEFI Secure Boot Failing, as Expected for Nearly 15 Years Already (Techrights Said This Since 2012)
in the media
Debian 9/11
people report this issue
Gemini and Web Links 13/09/2025: MElon's Slop Grift and "Autonomous Trains"
Links for the day
Pursuing Peace Through Violence
You cannot "see" a person's mind, until the mouth opens
Can We Please Stop Celebrating Shooters?
"An important point to hammer on is that CoCs were never intended for uniform or symmetric application"
Geminispace is Growing Faster in 2025 Than It Did in 2024
What matters is that corporations haven't ruined it and LLM slop is extremely rare
Links 13/09/2025: China Punishes for 'Negative' Posts, US Police Unable to Find Shooter
Links for the day
Who's the Mystery Financier of SLAPP Against Techrights and Is That a Millionaire/Billionaire?
Whose idea was it to fund meritless lawsuits against my wife and I?
Slopwatch: Slow Slop Day
This distracts from or may take traffic away from the original articles, actually written by actual people
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 12, 2025
IRC logs for Friday, September 12, 2025
CoC Gone Wrong: Celebrating Murder OK, Complaining About the Celebration Gets You Banned
Hopefully the NixOS Foundation will have a word with (maybe replace) the moderator/s
Gemini Links 12/09/2025: Familiarity and Secondary Dominants
Links for the day
Links 12/09/2025: "Bad Reviews" as Extortion Weapon, "Free Speech At Risk in America’s Schools" According to ACLU
Links for the day
Only One Speaker Does Not Do Sharecropping for MElon (in X.com)
The man who puts principles before PR/optics
The Mind of the 'Hulk Hogan of UEFI'
in a nutshell
A Day After "UEFI 9/11": UEFI Secure Boot Bypass
In the news today (right now), as published in the past few hours
Links 12/09/2025: Slop Code as Liability, Microsoft Outlook Down for Many
Links for the day
It's Still Not to Late to Turn Off "Secure Boot"
If people reboot their PC or server today, and it relies on "Secure Boot" on Sept. 12 or later, then depending on the firmware there may be trouble ahead
Links 12/09/2025: Shira Perlmutter is Back, “Software Per Se” Patent Rejections in In re McFadden
Links for the day
Slopwatch: Linux Plagiarism, Slopfarms Still Infesting Google News, Many Images Are Fake
Google is promoting plagiarism
"This Morning Might Turn Out to be an Interesting One for System Admins Who Haven't Updated Their Devices' Secure Boot Certificate" (If They Reboot)
Who asked for this anyway?
Gemini Links 12/09/2025: Metric System, Dumping Windows, and Software Architecture is Dead
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 11, 2025
IRC logs for Thursday, September 11, 2025
Microsoft Admits the Workers Have Lost Trust (Endless Layoffs, 12-13 Rounds of Layoffs This Year), So Now It's Trotting out Its Peter Bright-Like Media Prop Jordan Novet
What they don't want people to pay attention to right now
Links 11/09/2025: Windows TCO and Russian Drones Invading Poland (EU/NATO)
Links for the day
Gemini Links 11/09/2025: xkcd, misfin, and Alhena 5.3.2
Links for the day
Repetition of Last Summer (Microsoft Breaking Dual-Boot Systems)
UEFI 9/11 is about to kick in
UEFI 'Secure Boot' Boiling Frogs (Cannot Turn Off 'Secure Boot')
"MSI laptop is locked on Secure Boot and doesn't allow me to turn it off"
UEFI 9/11 Aftermath - Part IV: The 'Hulk Hogan of UEFI' and His 'Hideout' Holiday (Retreat From Reality)
Let's keep an eye on what matters
UEFI 9/11 Aftermath - Part III: Mr. 'Secure Boot' (Shim) and His Fake 'Holiday' (Sending My Wife and I Threatening E-mails on 9/11)
despite being on holiday, according to him, he finds time to instruct lawyers to contact my wife
UEFI 9/11 Aftermath - Part II: "The SecureBoot Thing Got Out of Hand."
The next few weeks might be... interesting
UEFI 9/11 Aftermath - Part I: "I Believe This Affects Thousands of Devices... Because Multiple Devices I Checked, Whether Client or Server [...] Affected."
Most people aren't even aware that this is happening or about to happen
The UEFI 9/11 - Part X - An Outline of the Series About Microsoft Sabotaging GNU/Linux (With Ramifications to Unfold Online in Coming Weeks as People Reboot)
Today is UEFI 9/11 (9/11/2025)
Ron Wyden: Microsoft Should be Held Accountable for Security Breaches (He Has Said This for Years Already, It Never Happens)
Negative media coverage isn't a fine and it does nothing to compensate Microsoft's billions of victims
Culture of silence: Ubisoft harassment convictions, Mozilla, Sylvestre Ledru & Debian make no comment
Reprinted with permission from Daniel Pocock
Disable 'Secure Boot' (If It Lets You)
it doesn't put you in control
Links 11/09/2025: "Hey Hi" Ponzi Schemes at Oracle (Unpaid Contracts) and Cindy Cohn is Leaving the EFF
Links for the day
Longtime Red Hat Staff: Maybe Just Disable 'Secure Boot'
A refreshing take from Adam Williamson
Gemini Links 11/09/2025: Playdate Console, Dichotomy between the Real and the Digital
Links for the day
A Dozen Observations About "UEFI 9/11" Deflections
What we are expected to see, tentatively
The Microsoft AstroTurfing and Microsoft-Led Blame-Shifting Tactics Are Ahead of Us
Of course it has nothing to do with security, it's about control, i.e. them controlling everything
Celebrating Assassination is Bad Because It Legitimises Assassination of the People You Like, Too
Condoning or even celebrating political assassinations is bad optics (and taste)
The World's Richest Ponzi Scheme (Faking Value Using Net Waste)
The higher they go the harder they fall
We Could Dual-Boot Back in the 1990s, Why Has This Become So Difficult?
And prone to breakage
Being Conditioned to Accept Unreliable Computer Systems That Fail With Black Screen of Death (BSoD)
Welcome to 2025
Slopwatch: Google News is Still Promoting Many Fake Articles About "Linux", in Effect Rewarding Misinformation and Plagiarism
things continue to deteriorate
New Series: The Coup Against GNU/Linux Has Begun
today, this year in particular, we shall also focus on Secure Boot, which is sold based on a lie and tortures many computer user
New Paper on "BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses."
One might say digital "security theatre"
Links 11/09/2025: Oracle Layoffs, Drunk Pilots in Japan Airlines, US-Korea Tensions Grow
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, September 10, 2025
IRC logs for Wednesday, September 10, 2025