What’s best practice to safely play pirated games on Linux? Looking to mitigate potentially malicious executables from wrecking havoc on my system.

  • cecilkorik@lemmy.ca
    link
    fedilink
    English
    arrow-up
    122
    arrow-down
    1
    ·
    9 months ago

    It is mostly a myth (and scare tactic invented by copyright trolls and encouraged by overzealous virus scanners) that pirated games are always riddled with viruses. They certainly can be, if you download them from untrustworthy sources, but if you’re familiar with the actual piracy scene, you have to understand that trust is and always will be a huge part of it, ways to build trust are built into the community, that’s why trust and reputation are valued higher than even the software itself. Those names embedded into the torrent names, the people and the release groups they come from, the sources where they’re distributed, have meaning to the community, and this is why. Nobody’s going to blow 20 years of reputation to try to sneak a virus into their keygen. All the virus scans that say “Virus detected! ALARM! ALARM!” on every keygen you download? If you look at the actual detection information about what it actually detected, and you dig deep enough through their obfuscated scary-severity-risks-wall-of-text, you’ll find that in almost all cases, it’s actually just a generic, non-specific detection of “tools associated with piracy or hacking” or something along those lines. They all have their own ways of spinning it, but in every case it’s literally detecting the fact that it’s a keygen, and saying “that’s scary! you won’t want pirated illegal software on your computer right?! Don’t worry, I, your noble antivirus program will helpfully delete it for you!”

    It’s not as scary as you think, they just want you to think it is, because it helps drive people back to paying for their software. It’s classic FUD tactics and they’re all part of it. Antivirus companies are part of the same racket, they want you paying for their software too.

    • Glide@lemmy.ca
      link
      fedilink
      English
      arrow-up
      47
      ·
      edit-2
      9 months ago

      Downloaded a game which Windows Defender flagged as high-threat for containing “Cracked game content” the other day. Why yes, my cracked copy of this game IS cracked, thank you for noticing.

    • lemmyingly@lemm.ee
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      4
      ·
      9 months ago

      Unless you inspect every line of code and/or monitor your computer activity to a super human level then you’ll never know.

      Viruses don’t behave like a neanderthal like they used to 20 years ago, so just because you don’t notice a virus doesn’t mean you don’t have one. Let’s be honest, viruses are still a thing and botnets have become a thing. These don’t magically appear from nothing.

      You shouldn’t be blindly trusting anyone on the internet, especially those not abiding by the laws. People and entities can be impersonated. They can behave differently at any moment.

      Personally i would do one of three things, run pirated content, in a VM, on a separate drive, or on a dedicated computer - because why take the risk when you don’t have to.

        • lemmyingly@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          2
          ·
          9 months ago

          I think corporations are doing quite well if your example is from 19 years ago.

          In the same era, we had things like LimeWire where files were frequently viruses, CP, or similar masquerading as innocent files like the latest song from your favorite artist.

          I’ve never tried closed trackers, so I can’t speak on that side of pirate life but I think it’s naive to trust pirates on public trackers.

      • ElderWendigo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        It’s kinda trivial to limit their ability to do anything in Linux though. It’s not as if virus authors are gonna waste their time trying to exploit a demographic that is both small and extremely fragmentary when they can just write for windows.

        • youmaynotknow@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Never mind the fact that almost all are Windows games. If there is any malware in there it’s directed at Windows.In all honesty, I find this to be a very silly concern.

    • stratosfear@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      2
      ·
      9 months ago

      Maybe times have changed but when I was in the warez scene 25+ years ago and essentially pirated every game I played, I saved all those games and the keygen.exe files and when they get scanned by modern AV they all come back infected. If anything it’s different because viruses are pointless now with the internet and there are much broader malware injection points nowadays than the minimal game pirating scene. But yeah I don’t know what I’m talking about, just my historical POV.

    • z00s@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      ·
      9 months ago

      If I don’t hear that sweet 8 bit techno house blaring out of the PC speaker, then I start to worry

    • Dyskolos@lemmy.zip
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      So true. I’m in the warez-scene for >3 decades now, never had a single issue. But nowadays legit software, especially AAA? Ugh…

  • Sabin10@lemmy.world
    link
    fedilink
    English
    arrow-up
    34
    arrow-down
    1
    ·
    9 months ago

    Get scene releases from trusted sources (not public trackers) and ensure that the hash matches what is in the nfo on predb.

    • weirdo_from_space@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      14
      ·
      9 months ago

      I disagree with the “not public trackers” part. Private trackers are better in a lot of ways but not everyone wants to bother with them. Stick to reputable release groups on public trackers and you’ll be fine.

      • Sabin10@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        9 months ago

        That’s fair. As long as the hash matches what is in the predb nfo, you should be good to go. I have encountered legit looking releases on public sites with edited nfo files though so definitely double check against a reliable source ce for that.

    • Psythik@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      9 months ago

      I’ve only ever downloaded from public trackers (cause it’s impossible to maintain the required seed ratio on private trackers and Debrid services are better anyway); never had an issue ever over 20-some years of torrenting ever. I don’t bother verifying checksums cause it’s unnecessary paranoia. All the major public trackers have good moderation teams; the malicious garbage gets called out in the comments and removed rather quickly.

      • Sabin10@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        All the private trackers I use have bonus systems so you can still build ratio. It’s usually a slow start on a new tracker but once you get established it’s very easy to keep a 1:1 or better ratio. I don’t bother with debrid services because paying for piracy is where I draw the line.

        As for checking hashes, I don’t do it on any of the private trackers I use but OP seems overly paranoid so I figured it was solid advice for them. I always checked when I still used public trackers. Only twice did I ever find a mismatch, one was actually malicious and the other was just a random crc error.

        • Psythik@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          9 months ago

          But again, why bother paying for a private tracker, when I can just pay for Real-Debrid instead and not worry about silly ratios, since every torrent is a direct download straight from their servers.

          • Sabin10@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            I’ve never paid for a private tracker but users can donate if they want. Like I said, I have a firm belief that piracy should be free. Never paid for it, never will. A good tracker with top site bots and well seeded torrents is good enough for me. Releases are on there within minutes, download speeds that max out my connection are good enough for me.

        • Christian@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          I’m considering getting back into pc gaming, it’s honestly been a couple decades so I’m ludicrously out of touch. On top of that I don’t know shit about wine, in my 10-15 years of running linux I think I’ve only run wine one time, right after making the switch. I quickly decided using native apps was easier and I’ve never really needed any software badly enough.

          Anyway, my assumption is that linux piracy is so scarce that I’d be better off just looking to run windows cracks through wine, is that accurate? Are there any decent private trackers for games with a reasonably low entry barrier (an interview process for example)?

          • Sabin10@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            My experience with Linux is very limited other than my steam deck. For cracked games, if there is no Linux version available, I usually install them on my windows pc first, copy the games folder to the deck then add it to the library as a non steam game. After that you just specify the proton version in the games steam properties and it runs.

            Ideally you would want native Linux versions. Those are few and far between but they do get released from time to time.

  • henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    29
    ·
    edit-2
    9 months ago

    Safest possible way? Separate machine on a different network, like guest Wi-Fi.

    Realistically? I use containers blocking Internet and most file access and only use sources I trust not Internet rando releases.

    • stratosfear@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      9 months ago

      Right, to elaborate run a packet capture and monitor the IPs your system connects to when installing and playing the game.

      Never use a web browser with email or any other access to online accounts, clear all cookies after each browsing session.

      I’d argue have a separate boot drive with absolutely nothing stored, nothing critical, no cookies, it’s single use of getting the games and hell, probably even run a VPN while playing the games so no tracing back to ISP public IP.

  • rtxn@lemmy.world
    link
    fedilink
    English
    arrow-up
    26
    ·
    edit-2
    9 months ago

    The official flatpak release of Bottles offers sandboxing. It comes from Flatpak itself, so other similar apps (like Heroic) might support it too.

    Another option is to chroot before running Wine (so Z: doesn’t point at the real system root), or su into another user (Wine inherits the user’s privileges). It’s also possible to run Wine inside a container, but GUI support is questionable.

    Ultimately, running an untrusted executable is always a risk, regardless of the OS. If you want near-absolute safety, you’ll want a different machine - either a VM or a heavily firewalled physical machine.

    • Kaldo@kbin.social
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      Got any good guides for bottles? I’ve tried it recently and then got stuck on literally step one: installing the gog launcher just throw errors, I tried the 2nd gog installer and that one just leads to a black screen when I run it. I’m not sure what to tinker with, whether I try a different bottle or where to even start

      • rtxn@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        9 months ago

        I don’t personally use bottles, it hates running inside Hyprland.

        If you want games straight from GOG, try the Heroic launcher on Flathub. It has direct GOG integration and Flatpak’s permission system. You can then use Flatseal (also from Flathub) to adjust its security - particularly if you want to install games outside $HOME, which needs an extra permission.

        You can also download the offline installer from GOG and just run Wine from the terminal.

        • Kaldo@kbin.social
          link
          fedilink
          arrow-up
          2
          ·
          9 months ago

          That’s what I tried first but also had a lot of confusing experiences with its file hierarchy, prefixes, lutris/wine/proton and all of these. I was hoping bottles lives up to its promise of “one click installation with community install scripts” instead. This is my first real attempt at linux, I didn’t even know what flatpak is until a week ago, I used the appimage for heroic which was also very confusing for a time. Starting to think I might be just too dumb/inpatient for it tbh, it’s just one issue after another - even simple stuff like games ran from steam with proton have lots of issues that aren’t reported on protondb.

          • rtxn@lemmy.world
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            9 months ago

            I didn’t realize you were new, it sounded like an issue anyone could have. Gaming on Linux is definitely not a perfect experience. Please don’t be afraid to ask around in the various linux_gaming communities, there are always people who are willing to help.

            What’s your computer like? What brand and model is your GPU? What distribution? If the GPU is Nvidia, do you know if you have the open-source Nouveau or the proprietary Nvidia driver?

            A bit of a glossary:

            • Wine: a compatibility layer that allows Windows executables to run on Linux systems by translating Windows system calls to Linux calls.
            • Proton: a derivative of Wine maintained by Valve, optimized for gaming on Steam.
            • Wineprefix or prefix: a mock-up of a Windows filesystem. The application running inside Wine sees this as the C: drive. The default wineprefix is located in ~/.wine. The system’s root directory is mounted as the Z: drive.
            • Lutris, Bottles, Heroic: graphical front-ends to manage many aspects of your Wine applications.
            • Kaldo@kbin.social
              link
              fedilink
              arrow-up
              1
              ·
              9 months ago

              It’s a Dell laptop with an Nvidia GPU. I tried Linux Mint but I’m having constant OS-breaking freezes after gaming for a while and it’s happening on 2 different games so far (completely unresponsive, and it’s with steam games so no custom tinkering in lutris/wine). Thinking I’ll just try a fresh install but with PopOS when I have time.

              Thanks for the summary, it all does make a bit more sense to me now but first time I had to spend half an hour just to find BG3 saves in Heroic due to the seemingly duplicates of folder structures all over the place lol

              • rtxn@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                9 months ago

                Nvidia is unfortunately kind of a dick about Linux support. The open-source Nouveau driver is making great strides, but I don’t think it’ll be ready for general adoption for several years. The proprietary driver (the nvidia-dkms package) is far more usable, but there are always some issues.

                If you want to focus on gaming, you should consider Nobara or Garuda Linux.

                Garuda is based on Arch, and its main selling point is that whatever you need for gaming (Wine, Steam, DXVK, VKD3D) is either installed out of the box, or installed and configured in one click. Since Arch, and by extension, Garuda, is a rolling release, it gets very frequent updates that are always cutting edge, but it might require some maintenance at times.

                Nobara is maintained by Glorious Eggroll, who also maintains custom Wine and Proton releases and has made massive contributions to Linux gaming. It’s based on Fedora, which is a point-release distribution - it receives security updates continuously, and feature updates every few years, so it should require little maintenance.

  • EP51L0N@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    1
    ·
    9 months ago

    Virtual machines. Disable drag-and-drop and shared folders/clipboard. It’s still not impossible to escape the vm but it’s very difficult and most malware isnt capable of doing that.

    • EP51L0N@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      1
      ·
      9 months ago

      Don’t use VirtualBox. It’s great for most things but it’s not powerful enough for games. Use VMware Player or Workstation and use the max amount of vram it’ll let you.

      • Zeon@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        edit-2
        9 months ago

        Why not use KVM? It’s FOSS, and it’s pretty simple to use, at least in my opinion. All I know is that I wouldn’t want any company spying on me if I was doing something illegal.

        • EP51L0N@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          3
          ·
          9 months ago

          KVM requires a second gpu to utilize gpu-acceleration. Unlike VMware, which can just steal vram from your one card and use it for the vm.

          • Zeon@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            9 months ago

            Actually, KVM doesn’t necessarily require a second GPU for acceleration. If you have a CPU with integrated graphics, you can use that for the host system and pass through a dedicated GPU to the VM.

              • Zeon@lemmy.world
                link
                fedilink
                English
                arrow-up
                2
                arrow-down
                1
                ·
                edit-2
                9 months ago

                Referring to integrated graphics as a ‘second GPU’ is somewhat misleading. They do provide additional graphics processing, but they’re part of the CPU and not a separate, dedicated graphics card.

                • Sethayy@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  9 months ago

                  But it still processes GPU code, telling anyone you can run vulkan on your ‘fancy CPU’ they’ll probably look at you like youre crazy

                  Also then for a device without a dedicated, would you consider not to have a gpu?

          • Sethayy@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            9 months ago

            You could do a setup with a laptop/other pc and use a vnc server. Requires not too much setup with systemd and x11vnc, and provides all inputs + greater host/guest isolation (ie the jellyfish exploits)1

            edit: want to add onto this that no one would probably ever spend the time to implement an exploit like that in just a cracked game, but hey its still worth mentioning

      • rtxn@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        9 months ago

        I can’t speak for VMware’s technology, but the company just got bought by Broadcom, so treat them with Red Hat-like suspicion.

        • EP51L0N@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          4
          ·
          9 months ago

          oh yeah no the company is sketchy af. The product is better for this specific use case though so that’s why i’m recommending it

      • Sethayy@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        I wonder how VMware does this, cause in the case of nvidia the gpu is usually pretty locked down and requires some girhub-arguably legal code to work on kvm

  • BlanK0@lemmy.ml
    link
    fedilink
    English
    arrow-up
    18
    ·
    9 months ago

    If you are on Linux you could simply run a firejailed wine on the executable and not worry about much, if the firejailling stops something from working then the executable is kinda fishy since firajailed games should work (I tried it and it works)

  • CleanDefinition@lemmy.world
    link
    fedilink
    arrow-up
    18
    arrow-down
    3
    ·
    9 months ago

    Bottles maybe? It’s a flatpak so it’s containerized.

    You shouldn’t worry that much anyway, if a pirated game has a virus it’s most likely designed for Windows.

    • brakenium@lemm.ee
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      9 months ago

      Wine might translate the windows calls to Linux depending on what the malware does

      • ElderWendigo@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        9 months ago

        And that would achieve what exactly? The exploits won’t be the same. The permission structure shouldn’t allow it to do anything that would compromise the system. Maybe it can phone home, but to what effect?

        • Sethayy@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          9 months ago

          If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)

          I’m not too sure bottle’s default security cause I use flatseal so aggressively, but even allowing access to a directory where your games are stored could be a security issue (just for simple malicious things like filling up your drive)

          • ElderWendigo@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            If youre running it under your current user, theoretically anything your user can do (which usually means all your personal files)

            That would be poorly configured permissions. There’s very little reason you should let any game run under a users own permissions, especially if you got it from a less than reputable source. Proper permissions would give it only enough access to run, nothing more.

            • Sethayy@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              2
              ·
              9 months ago

              I dont think the workflow is yet streamlined enough to assume a regular user would create a per game-user, that being said I just checked bottle’s default permissions and its not horrible, no filesystem access other than the app’s.

              That being said it still is gonna be vulnerable to x11 keyloggers like most linux software is rn

        • brakenium@lemm.ee
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Does it necessarily need exploits? I might be wrong, but I believe games running in wine can access any file your user can. It should still be able to delete, edit or encrypt them. Wine just translates calls, it doesn’t create a locked down container or anything iirc

          • ElderWendigo@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            2
            ·
            9 months ago

            Proper permissions would not give the game access to anything it didn’t actually need to run. It should be running either as it’s own user or wine. You don’t need a container. How did you think containers get locked down anyway? They run as a user with very limited access.

  • lemmefixdat4u@lemmy.world
    link
    fedilink
    arrow-up
    12
    arrow-down
    1
    ·
    9 months ago

    Have a machine dedicated to gaming, no Internet access, with a swappable SSD. Make a clean OS install. Clone it to an external backup drive, then disconnect the backup. Install and play. If you want to play another game, format the drive, clone the OS from the external backup, install and play. If you want to play multiple games, have them on different SSD drives.

    It’s hardware sandboxing.

    • Toribor@corndog.social
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      9 months ago

      If you’re this concerned you might as well be running Windows in a VM with gpu passthrough.

    • hackris@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      9 months ago

      Very good solution. However, what benefit does the user get by formatting the drive every time a new game is to be installed? I mean, the thing already doesn’t have internet access and no important data is on the drive anyway. Am I missing something?

      • ridethisbike@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        9 months ago

        Well you have to get the install files moved over to the sandboxed PC somehow. If it is infected and you plug in the USB drive or whatever that goes back and forth, you could spread the virus through it.

  • youmaynotknow@lemmy.ml
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    9 months ago

    It’s not impossible, but it is HIGHLY unlikely that malware directed at windows (which must be 99.99999% of cracked games, as they are for Windows) can affect anything in Linux. Sure, it could be that your Wine/Proton suffers. What happens then? Easy. Remove, reinstall, move on.

    Having said that,I’ll if I were you, I’d just install whatever I want.

    I play Sins of a Solar Empire regularly, and it’s pirated. All the Command & Conquer games, StarCraft (1 and 2), Warcraft (1 and 2) and many more, all cracked.

    And as someone else mentioned, I’m more concerned about malware and/or spyware from the publishers than from the cracked games uploaders.

  • Mereo@lemmy.ca
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    9 months ago

    Run them in Bottle, then disable internet access for the games.

  • Harbinger01173430@lemmy.world
    link
    fedilink
    English
    arrow-up
    7
    arrow-down
    1
    ·
    9 months ago

    What if I told you that using Linux ended my times of downloading fit girl and other repacks and I just decided to buy from steam? XD

    • xia@lemmy.sdf.org
      link
      fedilink
      English
      arrow-up
      4
      ·
      9 months ago

      It would be nice if Lutris had a “no internet” option, but i did not see such an option

        • xia@lemmy.sdf.org
          link
          fedilink
          English
          arrow-up
          1
          ·
          9 months ago

          Strange… I’m pretty sure this was the second or third thing I tried, and I remember it not working (as in it caused it to crash with an obscure error message reminiscent of nested virtualization). Perhaps I’ll try it again.

      • Kajika@lemmy.ml
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Yes indeed. For now you can just use wine registry option (from the up arrow next to the wine glass) to open the windows registry.

        The you go in CURRENT_USER (don’t remember the full name, on my phone right now) and something like software/windows/current_version/internet_settings . There you should have a “ProxyEnable” you can switch the value from 0 to 1 (just double click). Then right click to add a “string value” and name it “ProxyServer”. Once created double click on it to change its value to something wrong like “http://bla.local:80”.

        You can check internet by running exe from the wine environment (up arrow next to play) and start internet explorer from c_drive/Program Data

        • alphafalcon@feddit.de
          link
          fedilink
          English
          arrow-up
          5
          ·
          9 months ago

          That’s the equivalent of leaving the door open and hanging a sign “Internet over there” pointing at a wall.

          Programs don’t need to respect those registry keys. If you’re worried about internet access, set up a firewall.

          Also, if you’re worried about malware, the damage is probably done before anything connects to the internet.

          • Kajika@lemmy.ml
            link
            fedilink
            English
            arrow-up
            1
            ·
            9 months ago

            Yes for the pointing to a wall.

            You can go with your firewall I don’t mind. I don’t get why you think this had anything to do with security. This is just to get any software to go offline by default.

      • Sethayy@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        If the bottles version is stable enough you could use flatseal

        (I’m not much of a lutris user so I don’t know the state of it itself)