![Subreddit Icon](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="256" height="256"><rect fill-opacity="0"/></svg>)
r/SteamDeckPolyMC WAS NOT compromised
What the fk are you talking about Jesse.
Can someone break this down and explain
Third party MC launcher (many recommended it for Deck) got compromised. Not "hacked" per se, but the main contributor on GitHub decided now was a great time to push his political perspective and started kicking out all other contributors. So it is concerning for anyone who wanted to use PolyMC.
"Modrinth thought the project was hacked, but it was just the main dev tired of ppl trying to enforce their beliefs into the project, so he enforced his. Your data is probably safe" OP saying he agrees with him without actually saying he agrees with him...
In merely saying your data is safe bc the project is open source and you can look at the code if you don't trust it + there are multiple meta servers you can use, only one of which is controlled by Lenny. Please don't be ignorant and say that i agree with him just because i believe that audited gpl-3 software is safe. Heck, i don't think Terry Davis was a great person but that doesn't mean i think TempleOS is malware. That's all im saying here.
I'm not on the polymc discord (First mistake) but after hearing about this i can't trust polymc after this stunt.
I just wanted to play minecraft man.
I joined the discord just to see what's going on, and they are currently doing a 10-hour stream of someone screaming "alah akbar" on repeat.
This is my fault. I finally decided to install PolyMC last night after putting it off for months out of laziness.
You can still keep using it for the time being if you take these steps to stay safe: https://gist.github.com/Earthcomputer/dc65391f84a2c19ebac6c33506fd7751
An attack doesn't have to come from the outside for something to be compromised.
If a dev unilaterally takes over the entire system and locks everyone else out, that's a compromise.
Compromised implies a hack or takeover by a malicious third party. This is the repo owner, he’s always had final say.
It doesn't imply malware or security concerns. The project is still open-source and auditable by the community, if malware was discovered, people would have proof by now.
I'll keep using it until PlaceholderMC launches in full, with flatpak available on Discover, with a full transfer guide. PolyMC is open-source, so if there's anything malicious added to it, someone will notice. But I'm on board with not supporting this "Lenny" guy.
While it hasn’t been “compromised” per se, it seems to have had a hostile takeover.
One of the devs (the Lenny guy) has kicked out the other devs and deleted the Code of Conduct to probably “OwN tHe LIbS” or some shit.
So nothing major yet but who knows what he’ll do next, which is why people are reacting the way they are.
EDIT: Looks like a placeholder GitHub organisation has been created by the other devs. Here’s some more info
Doesn't matter what side it is, politics seem to be a total cesspool currently and I hate seeing it leak into stuff like this.
So we're at a fork, right? No way Lenny holds on to a userbase here if the other devs decide to take off and run without him, which I assume they will.
The other devs didn’t really decide to take off…
Lenny kicked them. He basically self destructed his own project, because the other devs will fork PolyMC and create their own project. They have already created a new metadata server which you can use in PolyMC.
The original dev… will be left to have his project die… because frankly what he did was moronic even if you agreed with him politically. He kicked perfectly good developers off the team. Brought politics into a MINECRAFT LAUNCHER. Other devs leave for their own project. He now has to rebuild a team or maintain it on his own… which will not be too great for the users as the other devs will likely have all the new features. Unless Lenny steals them
Right wing nutjob dev decides to kick out all other devs after he's called out for being a rightwing nutjob (aka, racist and homophobic)
I am not taking sides on this issue; I just want to dispel the fearmongering going on.
I agree. Political affiliations aside, it doesn't seem like it's actually compromised
How do you know he won't decide to add in malware for funsies at this point? Guy's off the rails for sure
It's still open source and if there is malware added, people will be able to see it bc of that.
i suppose there will never be a "GOOD" launcher for the steam deck... and if there is? they seem to be short lived now a days.
The worst part is that the official Microsoft launcher for Minecraft is no compatible with the steam deck, because of missing dependencies, so people go to alternative launchers so they do not have to log into their Microsoft account (including the 2 step code) every time they play the game
As long as you don't update to whatever versions are released from this point onward, you probably should be fine. Seems this rogue developer changed the MicroSoft Account client ID, which might be used maliciously in future versions, so avoid any updates. I don't know whether the metadata server for PolyMC is compromised, so that could also be cause for concern. It's pretty clear that the rogue developer cannot be trusted.
Follow-up: You can still stay perfectly safe on PolyMC for the time being by disabling auto-updates and setting the MSA Client ID as per these steps: https://gist.github.com/Earthcomputer/dc65391f84a2c19ebac6c33506fd7751
If you want to trust a developer who kicked out all the other developers without warning over a political disagreement, yeah. Personally I wouldn't trust such a person like that, because they might decide to burn everything to the ground before they go out, either for spite or profit.
so how do i uninstall polymc and what should i replace it with?.
Click uninstall in discover and try AT launcher, GD launcher or the official launcher
It is auditable gpl-3 code, you can inspect it yourself if you don't trust it.
imagine trying to use 'wOkE lIbS' to excuse a dev going apeshit and potentially compromising a whole ass launcher. This person is evidently unpredictable, so it does count as being compromised
even if it is open source, the guy can still fuck around however he likes. It was a hostile takeover of the project
It's less about his presence and more about his actions and ideas for the project
I'm old and have no idea what any of this is or means as it relates to the steam deck.
I'm old too. I think that the devs for a launcher for minecraft of the deck got into a political argument and the guy that runs it is alt-right and started kicking all the alt left devs from the project.
People are now worried that alt right guy might sabotage the project and steal personal info from anyone that uses it.
I think that sums it up. It's just a summery. I don't know if any of it is actually true, technology or politics. Just another old guys perspective.
Th official Minecraft launcher has major issues on the Steam deck, so people install alternative launchers, this launcher is a common alternative people end up on
· 3 days agoLockedYour comment has been removed as this subreddit is for discussion about the Steam Deck, not politics.
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
TLDR: Crazy alt-right dev decides to kick out left leaning people from his github and discord; people that disagree with him then ignorantly call his project malware even though it's literally open source and no malicious code has been found. 99.9999% sure app is completely safe, also 99.9999% sure that the dev and his discord are toxic af.
· 2 days agoLockedYour comment has been removed as this subreddit is for discussion about the Steam Deck, not politics.
I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.
I was always on the edge about if I should download it on the steam deck, I’m usually very cautious when it comes to downloading stuff like this…way too cautious, cautious enough that I end up breaking stuff by mistake. This teaches that you should always just trust you’re senses. Might as well just download the official launcher and get that set up, yea…it’s a bit harder to use, though it’s better than your data being compromised.
About Community
Members
Online
Similar to this post
r/linux_gamingPolyMC 1.1.0 is released! Major update with heaps of new...98%49Mar 13
r/feedthebeastPolyMC download really slow?86%10Sep 10
r/GoldenAgeMinecraftPolyMC vs Betacraft, which one's better?100%6Aug 23- r/synologyPlex poor performance since changing file system to BTRFS67%51Apr 26
r/djangoCSRF verification failed - django nginx docker100%3Jan 17- r/SteamDeck
Help!! I've set my boot video to Shrek and now I can't...94%8816d - r/SteamDeck
he's a madlad98%1196d - r/SteamDeck
When you buy $400 machine to run games that you can run...94%5872d - r/SteamDeck
On the other end of PC gaming hardware spectrum, things...96%4161d - r/SteamDeck
Bought my wife a SD because I knew she’d end up stealing...95%5211d - r/SteamDeck
I know now, but also know I would forget in the fateful...97%3254d - r/SteamDeck
UNCHARTED: Legacy of Thieves Collection verified on...98%3476d - r/SteamDeck
£459 to play a game released 20 years ago..... why not96%3191d - r/SteamDeck
EmuDeck 2 Update98%4614d - r/SteamDeck
Gotta love the modding community, I've been saying that...98%3293d