Well, the majority still seems to be unhappy. I think it is mainly because I chose Linux as an example and it reads like I think that Linux is not secure software which is not at all what I intended to say and also (obviously?) not what I think is true.

Could we please stop associating open source with security? Don't get me wrong, I love open source software and it is easier to trust open source software than proprietary, because it is highly unlikely, that they hide stuff like trackers in there. It is also most of the time highly configurable and sometimes even hackable and as a software developer you are able to look into the mechanisms behind the APIs which is sometimes really helpful.

But events like the lzma incident last year and predictable openssl RNG in Debian some time ago (https://lists.debian.org/debian-security-announce/2008/msg00152.html) should tell us, that open source doesn't mean secure software. And the argument, that there are many people looking at the code is not really true. E.g. many maintainers of the linux kernel only look at specific parts/drivers in it and maybe into some other things they need for that. There are probably only a few people if any (apart from governments), that have read, understood and analyzed the linux kernel in its entirety with all the (open source) drivers built into it and all the possible combinations of configurations. And I don't want to know how many have done all that for less popular projects. And even if that is done at some point for an upstream project, you would have to check the patches from your distro and if there are any do it all for yourself again. And when the next release arrives you would have to do all that in its entirety again (although with some head start) if a new version arrives (that has, say, at least a thousand lines of code changed, removed or added). And now think about how many big releases come with some software per year. And don't forget to also include all the dependencies you have to check including the compiler and standard library of the language(s) used.

Of course it is easier to do all that for OSS as an outside party because you don't have to decompile it, but it is still increadibly hard. And only to be easier to analyze for security risks doesn't mean to be more secure just like packaging being recyclable doesn't mean that it will be recycled.

Yeah, it really is more like google play store or shopping websites and similiar apps/websites (although there are some that have a better design I guess). I'm not really a fan of it either, but I guess people being used to those (which is probably the majority of the userbase of flatpak) feel more comfortable with it.

My guess with the difference between "trending" and "popular" is that the former means lots of recent downloads and the latter a lot of downloads in a longer timespan (e.g. a year or so)

They do not state that. In 5. : https://store.steampowered.com/privacy_agreement/

Ok so this will be the last comment on this thread, I just want to make one final thing clear and I suggest that we get out of our way afterwards.

I totally understand, that selling data to third parties is a bad thing, but even your cited site doesn't claim, that valve sells one's private data to third parties and their privacy policy also doesn't state it (at least the german version I have read through), even more they explicitly state in 5. that they don't sell data to third parties. They only state that they give it to third parties where they more or less have to.

Now one has to decide if they trust valve to hold on their own PP but that is always the case for every platform, even open source ones,because again, no one can easily verify, that they don't do shady business with your data, because they won't give you ssh access for obvious reasons.

Don't get me wrong, I am pretty paranoid as well: I don't use any Microsoft products anymore (except minecraft), I stay away from Meta and Google as well by using e.g. signal and matrix for communication and have lineage on my phone, I use noscript because I don't trust every website's JavaScript and host my own instances for gaming servers, git and other stuff on my netcup server.

But I step out at some point where convenience wins over more privacy and security. I don't package and compile everything myself, have verified the souce code before myself, because I trust the maintainers. I don't have a completely open hardware PC, where I have built and verified everything myself, because I trust chosen manufacturers that they haven't tampered with it (and don't have the time or even money to do that).

Ok so first of all, "everyone" is restricted to you and stappern. Now what's the difference between you two? Stappern made actual good and valid points and got me convinced a bit more to stay away from steam as much as it is possible for me in my situation without even insulting me once. If you really think you could get others convinced of your opinion by just insulting them, then I think it would be cool for you to call you stupid.

And that the comparison between doing something that reduces your lifetime and overall quality of live vs. giving others the data they need to stay in compliance with the various legal systems and get you the things you bought WITH money (because you seem to also understand downloading foss software as buying), is so farfetched that it's even crazy to come up with, should be clear.

Huh, didn't know that there are workarounds for some games to get rid of DRM. Good to know.

Yeah ok, I understand that.

Yes, sorry, wasn't well written.

The criticism itself is not. Throwing assumptions like "you are an addict if you continue to use this platform no matter what your reason is" (which is what I read out of this person's comment) around is also not preventing anyone from enjoying things. I just thought that specifically this assumption was overshot and it read like a straight up insult. I do get it now at least a bit although especially because they just insulted me without any arguments, I still guess that they just insulted people and not gave them a diagnosis of an addiction.

Sure, I get that, but as I said, if you already "own" quite some amount of games on steam I think it's reasonable to not have your money completely wasted by refusing to use steam at all. Social bindings are an "issue" as well. If the multiplayer game you want to play with your friends is for some reason bound to steam, then many will choose their friends over their privacy. And I think we all know how hard it is to get others away from their comfort zone. Same with the debate to get rid of Discord.

I have installed Ubuntu in I think at the beginning of 2020 at the end of my first semester as dual boot, because I wanted to learn it a bit while studying engineering informatics. Later I have installed it as my only distro on my Laptop to have more reasons to learn it since I use my PC mostly for gaming. After some time I was so confident with it that I wanted to try something new and installed Garuda on my PC and learned about proton. Then I learned about how many games I can actually play with it and used it as my daily driver for about half a year. Then I was distro hopping frequently, trying pure Arch, Gentoo and Void, wiped Windows completely at the beginning of 2022 because I didn't use it anyways if I remember correctly and sticked with Void since about mid 2022 until today for my Laptop, PC and Server.