What’s best practice to safely play pirated games on Linux? Looking to mitigate potentially malicious executables from wrecking havoc on my system.
It is mostly a myth (and scare tactic invented by copyright trolls and encouraged by overzealous virus scanners) that pirated games are always riddled with viruses. They certainly can be, if you download them from untrustworthy sources, but if you’re familiar with the actual piracy scene, you have to understand that trust is and always will be a huge part of it, ways to build trust are built into the community, that’s why trust and reputation are valued higher than even the software itself. Those names embedded into the torrent names, the people and the release groups they come from, the sources where they’re distributed, have meaning to the community, and this is why. Nobody’s going to blow 20 years of reputation to try to sneak a virus into their keygen. All the virus scans that say “Virus detected! ALARM! ALARM!” on every keygen you download? If you look at the actual detection information about what it actually detected, and you dig deep enough through their obfuscated scary-severity-risks-wall-of-text, you’ll find that in almost all cases, it’s actually just a generic, non-specific detection of “tools associated with piracy or hacking” or something along those lines. They all have their own ways of spinning it, but in every case it’s literally detecting the fact that it’s a keygen, and saying “that’s scary! you won’t want pirated illegal software on your computer right?! Don’t worry, I, your noble antivirus program will helpfully delete it for you!”
It’s not as scary as you think, they just want you to think it is, because it helps drive people back to paying for their software. It’s classic FUD tactics and they’re all part of it. Antivirus companies are part of the same racket, they want you paying for their software too.
Downloaded a game which Windows Defender flagged as high-threat for containing “Cracked game content” the other day. Why yes, my cracked copy of this game IS cracked, thank you for noticing.
Unless you inspect every line of code and/or monitor your computer activity to a super human level then you’ll never know.
Viruses don’t behave like a neanderthal like they used to 20 years ago, so just because you don’t notice a virus doesn’t mean you don’t have one. Let’s be honest, viruses are still a thing and botnets have become a thing. These don’t magically appear from nothing.
You shouldn’t be blindly trusting anyone on the internet, especially those not abiding by the laws. People and entities can be impersonated. They can behave differently at any moment.
Personally i would do one of three things, run pirated content, in a VM, on a separate drive, or on a dedicated computer - because why take the risk when you don’t have to.
I trust the pirates more than the corporations.
Remember the Sony BMG copy protection rootkit scandal?
Somebody should create a piracy bible, and make this message part of it
Maybe times have changed but when I was in the warez scene 25+ years ago and essentially pirated every game I played, I saved all those games and the keygen.exe files and when they get scanned by modern AV they all come back infected. If anything it’s different because viruses are pointless now with the internet and there are much broader malware injection points nowadays than the minimal game pirating scene. But yeah I don’t know what I’m talking about, just my historical POV.
You wouldn’t download a virus
Piracy is THEFT
I think the joke might have been missed here. 😵
All those companies are stealing from their users. If I steal from a thief, is it really theft?
It was meant to be a joke… viruses are MEANT to be downloaded by their creators, but nobody would actually want to do that
To be fair, nowadays malware behavior is more likely to come from the companies than the cracks.
If I don’t hear that sweet 8 bit techno house blaring out of the PC speaker, then I start to worry
So true. I’m in the warez-scene for >3 decades now, never had a single issue. But nowadays legit software, especially AAA? Ugh…
Safest possible way? Separate machine on a different network, like guest Wi-Fi.
Realistically? I use containers blocking Internet and most file access and only use sources I trust not Internet rando releases.
Right, to elaborate run a packet capture and monitor the IPs your system connects to when installing and playing the game.
Never use a web browser with email or any other access to online accounts, clear all cookies after each browsing session.
I’d argue have a separate boot drive with absolutely nothing stored, nothing critical, no cookies, it’s single use of getting the games and hell, probably even run a VPN while playing the games so no tracing back to ISP public IP.
Bottles maybe? It’s a flatpak so it’s containerized.
You shouldn’t worry that much anyway, if a pirated game has a virus it’s most likely designed for Windows.
Wine might translate the windows calls to Linux depending on what the malware does
And that would achieve what exactly? The exploits won’t be the same. The permission structure shouldn’t allow it to do anything that would compromise the system. Maybe it can phone home, but to what effect?
Does it necessarily need exploits? I might be wrong, but I believe games running in wine can access any file your user can. It should still be able to delete, edit or encrypt them. Wine just translates calls, it doesn’t create a locked down container or anything iirc
Proper permissions would not give the game access to anything it didn’t actually need to run. It should be running either as it’s own user or wine. You don’t need a container. How did you think containers get locked down anyway? They run as a user with very limited access.
If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)
I’m not too sure bottle’s default security cause I use flatseal so aggressively, but even allowing access to a directory where your games are stored could be a security issue (just for simple malicious things like filling up your drive)
If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)
That would be poorly configured permissions. There’s very little reason you should let any game run under a users own permissions, especially if you got it from a less than reputable source. Proper permissions would give it only enough access to run, nothing more.
I dont think the workflow is yet streamlined enough to assume a regular user would create a per game-user, that being said I just checked bottle’s default permissions and its not horrible, no filesystem access other than the app’s.
That being said it still is gonna be vulnerable to x11 keyloggers like most linux software is rn
It’s not impossible, but it is HIGHLY unlikely that malware directed at windows (which must be 99.99999% of cracked games, as they are for Windows) can affect anything in Linux. Sure, it could be that your Wine/Proton suffers. What happens then? Easy. Remove, reinstall, move on.
Having said that,I’ll if I were you, I’d just install whatever I want.
I play Sins of a Solar Empire regularly, and it’s pirated. All the Command & Conquer games, StarCraft (1 and 2), Warcraft (1 and 2) and many more, all cracked.
And as someone else mentioned, I’m more concerned about malware and/or spyware from the publishers than from the cracked games uploaders.
Have a machine dedicated to gaming, no Internet access, with a swappable SSD. Make a clean OS install. Clone it to an external backup drive, then disconnect the backup. Install and play. If you want to play another game, format the drive, clone the OS from the external backup, install and play. If you want to play multiple games, have them on different SSD drives.
It’s hardware sandboxing.
Very good solution. However, what benefit does the user get by formatting the drive every time a new game is to be installed? I mean, the thing already doesn’t have internet access and no important data is on the drive anyway. Am I missing something?
If you’re this concerned you might as well be running Windows in a VM with gpu passthrough.