this post was submitted on 26 Jan 2024
136 points (94.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

64937 readers
26 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

🏴‍☠️ Other communities

FUCK ADOBE!

Torrenting/P2P:

Gaming:


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 2 years ago
MODERATORS
 

What's best practice to safely play pirated games on Linux? Looking to mitigate potentially malicious executables from wrecking havoc on my system.

top 50 comments
sorted by: hot top controversial new old
[–] cecilkorik@lemmy.ca 122 points 2 years ago (5 children)

It is mostly a myth (and scare tactic invented by copyright trolls and encouraged by overzealous virus scanners) that pirated games are always riddled with viruses. They certainly can be, if you download them from untrustworthy sources, but if you're familiar with the actual piracy scene, you have to understand that trust is and always will be a huge part of it, ways to build trust are built into the community, that's why trust and reputation are valued higher than even the software itself. Those names embedded into the torrent names, the people and the release groups they come from, the sources where they're distributed, have meaning to the community, and this is why. Nobody's going to blow 20 years of reputation to try to sneak a virus into their keygen. All the virus scans that say "Virus detected! ALARM! ALARM!" on every keygen you download? If you look at the actual detection information about what it actually detected, and you dig deep enough through their obfuscated scary-severity-risks-wall-of-text, you'll find that in almost all cases, it's actually just a generic, non-specific detection of "tools associated with piracy or hacking" or something along those lines. They all have their own ways of spinning it, but in every case it's literally detecting the fact that it's a keygen, and saying "that's scary! you won't want pirated illegal software on your computer right?! Don't worry, I, your noble antivirus program will helpfully delete it for you!"

It's not as scary as you think, they just want you to think it is, because it helps drive people back to paying for their software. It's classic FUD tactics and they're all part of it. Antivirus companies are part of the same racket, they want you paying for their software too.

[–] Glide@lemmy.ca 46 points 2 years ago* (last edited 2 years ago) (1 children)

Downloaded a game which Windows Defender flagged as high-threat for containing "Cracked game content" the other day. Why yes, my cracked copy of this game IS cracked, thank you for noticing.

[–] Gooey0210@sh.itjust.works 34 points 2 years ago

Somebody should create a piracy bible, and make this message part of it

[–] lemmyingly@lemm.ee 7 points 2 years ago (2 children)

Unless you inspect every line of code and/or monitor your computer activity to a super human level then you'll never know.

Viruses don't behave like a neanderthal like they used to 20 years ago, so just because you don't notice a virus doesn't mean you don't have one. Let's be honest, viruses are still a thing and botnets have become a thing. These don't magically appear from nothing.

You shouldn't be blindly trusting anyone on the internet, especially those not abiding by the laws. People and entities can be impersonated. They can behave differently at any moment.

Personally i would do one of three things, run pirated content, in a VM, on a separate drive, or on a dedicated computer - because why take the risk when you don't have to.

[–] SatansMaggotyCumFart@lemmy.world 17 points 2 years ago (3 children)

I trust the pirates more than the corporations.

Remember the Sony BMG copy protection rootkit scandal?

load more comments (3 replies)
[–] ElderWendigo@sh.itjust.works 3 points 2 years ago (1 children)

It's kinda trivial to limit their ability to do anything in Linux though. It's not as if virus authors are gonna waste their time trying to exploit a demographic that is both small and extremely fragmentary when they can just write for windows.

load more comments (1 replies)
[–] recarsion@discuss.tchncs.de 3 points 2 years ago (5 children)

You wouldn't download a virus

Piracy is THEFT

[–] Mango@lemmy.world 4 points 2 years ago

I think the joke might have been missed here. 😵

load more comments (4 replies)
load more comments (1 replies)
[–] calzone_gigante@lemmy.eco.br 43 points 2 years ago (2 children)

To be fair, nowadays malware behavior is more likely to come from the companies than the cracks.

[–] z00s@lemmy.world 8 points 2 years ago

If I don't hear that sweet 8 bit techno house blaring out of the PC speaker, then I start to worry

load more comments (1 replies)
[–] Sabin10@lemmy.world 34 points 2 years ago (2 children)

Get scene releases from trusted sources (not public trackers) and ensure that the hash matches what is in the nfo on predb.

[–] weirdo_from_space@sh.itjust.works 15 points 2 years ago (1 children)

I disagree with the "not public trackers" part. Private trackers are better in a lot of ways but not everyone wants to bother with them. Stick to reputable release groups on public trackers and you'll be fine.

[–] Sabin10@lemmy.world 5 points 2 years ago

That's fair. As long as the hash matches what is in the predb nfo, you should be good to go. I have encountered legit looking releases on public sites with edited nfo files though so definitely double check against a reliable source ce for that.

[–] Psythik@lemmy.world 2 points 2 years ago (5 children)

I've only ever downloaded from public trackers (cause it's impossible to maintain the required seed ratio on private trackers and Debrid services are better anyway); never had an issue ever over 20-some years of torrenting ever. I don't bother verifying checksums cause it's unnecessary paranoia. All the major public trackers have good moderation teams; the malicious garbage gets called out in the comments and removed rather quickly.

load more comments (5 replies)
[–] henfredemars@infosec.pub 29 points 2 years ago* (last edited 2 years ago) (1 children)

Safest possible way? Separate machine on a different network, like guest Wi-Fi.

Realistically? I use containers blocking Internet and most file access and only use sources I trust not Internet rando releases.

load more comments (1 replies)
[–] rtxn@lemmy.world 26 points 2 years ago* (last edited 2 years ago) (7 children)

The official flatpak release of Bottles offers sandboxing. It comes from Flatpak itself, so other similar apps (like Heroic) might support it too.

Another option is to chroot before running Wine (so Z: doesn't point at the real system root), or su into another user (Wine inherits the user's privileges). It's also possible to run Wine inside a container, but GUI support is questionable.

Ultimately, running an untrusted executable is always a risk, regardless of the OS. If you want near-absolute safety, you'll want a different machine - either a VM or a heavily firewalled physical machine.

load more comments (7 replies)
[–] XCraftMC@sh.itjust.works 20 points 2 years ago (2 children)

Virtual machines. Disable drag-and-drop and shared folders/clipboard. It’s still not impossible to escape the vm but it’s very difficult and most malware isnt capable of doing that.

[–] XCraftMC@sh.itjust.works 24 points 2 years ago (3 children)

Don’t use VirtualBox. It’s great for most things but it’s not powerful enough for games. Use VMware Player or Workstation and use the max amount of vram it’ll let you.

[–] Zeon@lemmy.world 8 points 2 years ago* (last edited 2 years ago) (1 children)

Why not use KVM? It's FOSS, and it's pretty simple to use, at least in my opinion. All I know is that I wouldn't want any company spying on me if I was doing something illegal.

[–] XCraftMC@sh.itjust.works 3 points 2 years ago (2 children)

KVM requires a second gpu to utilize gpu-acceleration. Unlike VMware, which can just steal vram from your one card and use it for the vm.

[–] Zeon@lemmy.world 2 points 2 years ago* (last edited 2 years ago) (1 children)

Actually, KVM doesn't necessarily require a second GPU for acceleration. If you have a CPU with integrated graphics, you can use that for the host system and pass through a dedicated GPU to the VM.

[–] itsnotits@lemmy.world 3 points 2 years ago (4 children)

The CPU with "integrated graphics" is a second GPU.

load more comments (4 replies)
load more comments (1 replies)
[–] rtxn@lemmy.world 6 points 2 years ago (1 children)

I can't speak for VMware's technology, but the company just got bought by Broadcom, so treat them with Red Hat-like suspicion.

[–] XCraftMC@sh.itjust.works 4 points 2 years ago

oh yeah no the company is sketchy af. The product is better for this specific use case though so that’s why i’m recommending it

load more comments (1 replies)
[–] PlasterAnalyst@kbin.social 5 points 2 years ago

I had one that intentionally detected a VM and just gave a message that said "Hello :)" and wouldn't load.

[–] BlanK0@lemmy.ml 18 points 2 years ago

If you are on Linux you could simply run a firejailed wine on the executable and not worry about much, if the firejailling stops something from working then the executable is kinda fishy since firajailed games should work (I tried it and it works)

[–] CleanDefinition@lemmy.world 15 points 2 years ago (1 children)

Bottles maybe? It's a flatpak so it's containerized.

You shouldn't worry that much anyway, if a pirated game has a virus it's most likely designed for Windows.

[–] brakenium@lemm.ee 7 points 2 years ago (1 children)

Wine might translate the windows calls to Linux depending on what the malware does

[–] ElderWendigo@sh.itjust.works 2 points 2 years ago (5 children)

And that would achieve what exactly? The exploits won't be the same. The permission structure shouldn't allow it to do anything that would compromise the system. Maybe it can phone home, but to what effect?

load more comments (5 replies)
[–] lemmefixdat4u@lemmy.world 11 points 2 years ago (2 children)

Have a machine dedicated to gaming, no Internet access, with a swappable SSD. Make a clean OS install. Clone it to an external backup drive, then disconnect the backup. Install and play. If you want to play another game, format the drive, clone the OS from the external backup, install and play. If you want to play multiple games, have them on different SSD drives.

It's hardware sandboxing.

[–] Toribor@corndog.social 5 points 2 years ago* (last edited 2 years ago)

If you're this concerned you might as well be running Windows in a VM with gpu passthrough.

[–] hackris@lemmy.ml 4 points 2 years ago (1 children)

Very good solution. However, what benefit does the user get by formatting the drive every time a new game is to be installed? I mean, the thing already doesn't have internet access and no important data is on the drive anyway. Am I missing something?

[–] ridethisbike@lemmy.world 3 points 2 years ago (1 children)

Well you have to get the install files moved over to the sandboxed PC somehow. If it is infected and you plug in the USB drive or whatever that goes back and forth, you could spread the virus through it.

load more comments (1 replies)
[–] jjlinux@lemmy.ml 9 points 2 years ago* (last edited 2 years ago)

It's not impossible, but it is HIGHLY unlikely that malware directed at windows (which must be 99.99999% of cracked games, as they are for Windows) can affect anything in Linux. Sure, it could be that your Wine/Proton suffers. What happens then? Easy. Remove, reinstall, move on.

Having said that,I'll if I were you, I'd just install whatever I want.

I play Sins of a Solar Empire regularly, and it's pirated. All the Command & Conquer games, StarCraft (1 and 2), Warcraft (1 and 2) and many more, all cracked.

And as someone else mentioned, I'm more concerned about malware and/or spyware from the publishers than from the cracked games uploaders.

[–] Mereo@lemmy.ca 8 points 2 years ago

Run them in Bottle, then disable internet access for the games.

[–] Harbinger01173430@lemmy.world 6 points 2 years ago

What if I told you that using Linux ended my times of downloading fit girl and other repacks and I just decided to buy from steam? XD

[–] bruhduh@lemmy.world 5 points 2 years ago

Flatpak bottles app

[–] Carol@lemmy.world 5 points 2 years ago (1 children)
[–] xia@lemmy.sdf.org 4 points 2 years ago (5 children)

It would be nice if Lutris had a "no internet" option, but i did not see such an option

[–] LonelyNematocyst@lemmy.world 2 points 2 years ago (1 children)

Lutris doesn't, but you can do firejail --net=none lutris

load more comments (1 replies)
load more comments (4 replies)

if you are 100% sure it's safe, get the Linux download if it has one.

load more comments
view more: next ›