It is mostly a myth (and scare tactic invented by copyright trolls and encouraged by overzealous virus scanners) that pirated games are always riddled with viruses. They certainly can be, if you download them from untrustworthy sources, but if you're familiar with the actual piracy scene, you have to understand that trust is and always will be a huge part of it, ways to build trust are built into the community, that's why trust and reputation are valued higher than even the software itself. Those names embedded into the torrent names, the people and the release groups they come from, the sources where they're distributed, have meaning to the community, and this is why. Nobody's going to blow 20 years of reputation to try to sneak a virus into their keygen. All the virus scans that say "Virus detected! ALARM! ALARM!" on every keygen you download? If you look at the actual detection information about what it actually detected, and you dig deep enough through their obfuscated scary-severity-risks-wall-of-text, you'll find that in almost all cases, it's actually just a generic, non-specific detection of "tools associated with piracy or hacking" or something along those lines. They all have their own ways of spinning it, but in every case it's literally detecting the fact that it's a keygen, and saying "that's scary! you won't want pirated illegal software on your computer right?! Don't worry, I, your noble antivirus program will helpfully delete it for you!"

It's not as scary as you think, they just want you to think it is, because it helps drive people back to paying for their software. It's classic FUD tactics and they're all part of it. Antivirus companies are part of the same racket, they want you paying for their software too.

[–] Glide@lemmy.ca 44 points 1 year ago* (last edited 1 year ago) (1 children)

Downloaded a game which Windows Defender flagged as high-threat for containing "Cracked game content" the other day. Why yes, my cracked copy of this game IS cracked, thank you for noticing.

[–] lemmyingly@lemm.ee 8 points 1 year ago (1 children)

Unless you inspect every line of code and/or monitor your computer activity to a super human level then you'll never know.

Viruses don't behave like a neanderthal like they used to 20 years ago, so just because you don't notice a virus doesn't mean you don't have one. Let's be honest, viruses are still a thing and botnets have become a thing. These don't magically appear from nothing.

You shouldn't be blindly trusting anyone on the internet, especially those not abiding by the laws. People and entities can be impersonated. They can behave differently at any moment.

Personally i would do one of three things, run pirated content, in a VM, on a separate drive, or on a dedicated computer - because why take the risk when you don't have to.

[–] recarsion@discuss.tchncs.de 2 points 1 year ago (2 children)

You wouldn't download a virus

Piracy is THEFT

[–] Mango@lemmy.world 3 points 1 year ago

I think the joke might have been missed here. 😵

[–] jjlinux@lemmy.ml 2 points 1 year ago (1 children)

All those companies are stealing from their users. If I steal from a thief, is it really theft?

[–] recarsion@discuss.tchncs.de 2 points 1 year ago (1 children)

It was meant to be a joke... viruses are MEANT to be downloaded by their creators, but nobody would actually want to do that

[–] jjlinux@lemmy.ml 1 points 1 year ago

Sorry. I suffer from being too literal sole times (most of the time actually).

load more comments (1 replies)

[–] calzone_gigante@lemmy.eco.br 40 points 1 year ago (2 children)

To be fair, nowadays malware behavior is more likely to come from the companies than the cracks.

[–] z00s@lemmy.world 7 points 1 year ago

If I don't hear that sweet 8 bit techno house blaring out of the PC speaker, then I start to worry

load more comments (1 replies)

[–] Sabin10@lemmy.world 29 points 1 year ago (1 children)

Get scene releases from trusted sources (not public trackers) and ensure that the hash matches what is in the nfo on predb.

[–] Psythik@lemmy.world 2 points 1 year ago (1 children)

I've only ever downloaded from public trackers (cause it's impossible to maintain the required seed ratio on private trackers and Debrid services are better anyway); never had an issue ever over 20-some years of torrenting ever. I don't bother verifying checksums cause it's unnecessary paranoia. All the major public trackers have good moderation teams; the malicious garbage gets called out in the comments and removed rather quickly.

[–] Sabin10@lemmy.world 1 points 1 year ago (4 children)

All the private trackers I use have bonus systems so you can still build ratio. It's usually a slow start on a new tracker but once you get established it's very easy to keep a 1:1 or better ratio. I don't bother with debrid services because paying for piracy is where I draw the line.

As for checking hashes, I don't do it on any of the private trackers I use but OP seems overly paranoid so I figured it was solid advice for them. I always checked when I still used public trackers. Only twice did I ever find a mismatch, one was actually malicious and the other was just a random crc error.

load more comments (4 replies)

[–] henfredemars 27 points 1 year ago* (last edited 1 year ago) (1 children)

Safest possible way? Separate machine on a different network, like guest Wi-Fi.

Realistically? I use containers blocking Internet and most file access and only use sources I trust not Internet rando releases.

load more comments (1 replies)

[–] rtxn@lemmy.world 23 points 1 year ago* (last edited 1 year ago) (1 children)

The official flatpak release of Bottles offers sandboxing. It comes from Flatpak itself, so other similar apps (like Heroic) might support it too.

Another option is to chroot before running Wine (so Z: doesn't point at the real system root), or su into another user (Wine inherits the user's privileges). It's also possible to run Wine inside a container, but GUI support is questionable.

Ultimately, running an untrusted executable is always a risk, regardless of the OS. If you want near-absolute safety, you'll want a different machine - either a VM or a heavily firewalled physical machine.

[–] Kaldo@kbin.social 1 points 1 year ago (1 children)

Got any good guides for bottles? I've tried it recently and then got stuck on literally step one: installing the gog launcher just throw errors, I tried the 2nd gog installer and that one just leads to a black screen when I run it. I'm not sure what to tinker with, whether I try a different bottle or where to even start

[–] rtxn@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

I don't personally use bottles, it hates running inside Hyprland.

If you want games straight from GOG, try the Heroic launcher on Flathub. It has direct GOG integration and Flatpak's permission system. You can then use Flatseal (also from Flathub) to adjust its security - particularly if you want to install games outside $HOME, which needs an extra permission.

You can also download the offline installer from GOG and just run Wine from the terminal.

[–] Kaldo@kbin.social 2 points 1 year ago (1 children)

That's what I tried first but also had a lot of confusing experiences with its file hierarchy, prefixes, lutris/wine/proton and all of these. I was hoping bottles lives up to its promise of "one click installation with community install scripts" instead. This is my first real attempt at linux, I didn't even know what flatpak is until a week ago, I used the appimage for heroic which was also very confusing for a time. Starting to think I might be just too dumb/inpatient for it tbh, it's just one issue after another - even simple stuff like games ran from steam with proton have lots of issues that aren't reported on protondb.

[–] rtxn@lemmy.world 1 points 1 year ago* (last edited 1 year ago) (1 children)

I didn't realize you were new, it sounded like an issue anyone could have. Gaming on Linux is definitely not a perfect experience. Please don't be afraid to ask around in the various linux_gaming communities, there are always people who are willing to help.

What's your computer like? What brand and model is your GPU? What distribution? If the GPU is Nvidia, do you know if you have the open-source Nouveau or the proprietary Nvidia driver?

A bit of a glossary:

Wine: a compatibility layer that allows Windows executables to run on Linux systems by translating Windows system calls to Linux calls.
Proton: a derivative of Wine maintained by Valve, optimized for gaming on Steam.
Wineprefix or prefix: a mock-up of a Windows filesystem. The application running inside Wine sees this as the C: drive. The default wineprefix is located in ~/.wine. The system's root directory is mounted as the Z: drive.
Lutris, Bottles, Heroic: graphical front-ends to manage many aspects of your Wine applications.

[–] Kaldo@kbin.social 1 points 1 year ago (1 children)

It's a Dell laptop with an Nvidia GPU. I tried Linux Mint but I'm having constant OS-breaking freezes after gaming for a while and it's happening on 2 different games so far (completely unresponsive, and it's with steam games so no custom tinkering in lutris/wine). Thinking I'll just try a fresh install but with PopOS when I have time.

Thanks for the summary, it all does make a bit more sense to me now but first time I had to spend half an hour just to find BG3 saves in Heroic due to the seemingly duplicates of folder structures all over the place lol

[–] rtxn@lemmy.world 1 points 1 year ago (1 children)

Nvidia is unfortunately kind of a dick about Linux support. The open-source Nouveau driver is making great strides, but I don't think it'll be ready for general adoption for several years. The proprietary driver (the nvidia-dkms package) is far more usable, but there are always some issues.

If you want to focus on gaming, you should consider Nobara or Garuda Linux.

Garuda is based on Arch, and its main selling point is that whatever you need for gaming (Wine, Steam, DXVK, VKD3D) is either installed out of the box, or installed and configured in one click. Since Arch, and by extension, Garuda, is a rolling release, it gets very frequent updates that are always cutting edge, but it might require some maintenance at times.

Nobara is maintained by Glorious Eggroll, who also maintains custom Wine and Proton releases and has made massive contributions to Linux gaming. It's based on Fedora, which is a point-release distribution - it receives security updates continuously, and feature updates every few years, so it should require little maintenance.

[–] PipedLinkBot@feddit.rocks 1 points 1 year ago

Here is an alternative Piped link(s):

kind of a dick

Piped is a privacy-respecting open-source alternative frontend to YouTube.

I'm open-source; check me out at GitHub.

[–] BlanK0@lemmy.ml 15 points 1 year ago

If you are on Linux you could simply run a firejailed wine on the executable and not worry about much, if the firejailling stops something from working then the executable is kinda fishy since firajailed games should work (I tried it and it works)

[–] CleanDefinition@lemmy.world 13 points 1 year ago (1 children)

Bottles maybe? It's a flatpak so it's containerized.

You shouldn't worry that much anyway, if a pirated game has a virus it's most likely designed for Windows.

[–] brakenium@lemm.ee 6 points 1 year ago

Wine might translate the windows calls to Linux depending on what the malware does

[–] lemmefixdat4u@lemmy.world 10 points 1 year ago (2 children)

Have a machine dedicated to gaming, no Internet access, with a swappable SSD. Make a clean OS install. Clone it to an external backup drive, then disconnect the backup. Install and play. If you want to play another game, format the drive, clone the OS from the external backup, install and play. If you want to play multiple games, have them on different SSD drives.

It's hardware sandboxing.

[–] Toribor@corndog.social 5 points 1 year ago* (last edited 1 year ago)

If you're this concerned you might as well be running Windows in a VM with gpu passthrough.

[–] hackris@lemmy.ml 4 points 1 year ago (1 children)

Very good solution. However, what benefit does the user get by formatting the drive every time a new game is to be installed? I mean, the thing already doesn't have internet access and no important data is on the drive anyway. Am I missing something?

[–] ridethisbike@lemmy.world 3 points 1 year ago (1 children)

Well you have to get the install files moved over to the sandboxed PC somehow. If it is infected and you plug in the USB drive or whatever that goes back and forth, you could spread the virus through it.

[–] hackris@lemmy.ml 1 points 1 year ago

Didn't think about that. Thanks for pointing it out!

[–] jjlinux@lemmy.ml 8 points 1 year ago* (last edited 1 year ago)

It's not impossible, but it is HIGHLY unlikely that malware directed at windows (which must be 99.99999% of cracked games, as they are for Windows) can affect anything in Linux. Sure, it could be that your Wine/Proton suffers. What happens then? Easy. Remove, reinstall, move on.

Having said that,I'll if I were you, I'd just install whatever I want.

I play Sins of a Solar Empire regularly, and it's pirated. All the Command & Conquer games, StarCraft (1 and 2), Warcraft (1 and 2) and many more, all cracked.

And as someone else mentioned, I'm more concerned about malware and/or spyware from the publishers than from the cracked games uploaders.

[–] Mereo@lemmy.ca 7 points 1 year ago

Run them in Bottle, then disable internet access for the games.

[–] Harbinger01173430@lemmy.world 6 points 1 year ago

What if I told you that using Linux ended my times of downloading fit girl and other repacks and I just decided to buy from steam? XD

[–] Carol@lemmy.world 5 points 1 year ago (1 children)

I use Lutris

[–] xia@lemmy.sdf.org 3 points 1 year ago (2 children)

It would be nice if Lutris had a "no internet" option, but i did not see such an option

[–] LonelyNematocyst@lemmy.world 2 points 1 year ago (1 children)

Lutris doesn't, but you can do firejail --net=none lutris

load more comments (1 replies)

[–] Kajika@lemmy.ml 1 points 1 year ago (1 children)

Yes indeed. For now you can just use wine registry option (from the up arrow next to the wine glass) to open the windows registry.

The you go in CURRENT_USER (don't remember the full name, on my phone right now) and something like software/windows/current_version/internet_settings . There you should have a "ProxyEnable" you can switch the value from 0 to 1 (just double click). Then right click to add a "string value" and name it "ProxyServer". Once created double click on it to change its value to something wrong like "http://bla.local:80".

You can check internet by running exe from the wine environment (up arrow next to play) and start internet explorer from c_drive/Program Data

[–] alphafalcon@feddit.de 5 points 1 year ago (1 children)

That's the equivalent of leaving the door open and hanging a sign "Internet over there" pointing at a wall.

Programs don't need to respect those registry keys. If you're worried about internet access, set up a firewall.

Also, if you're worried about malware, the damage is probably done before anything connects to the internet.

[–] Kajika@lemmy.ml 1 points 1 year ago

Yes for the pointing to a wall.

You can go with your firewall I don't mind. I don't get why you think this had anything to do with security. This is just to get any software to go offline by default.

[–] bruhduh@lemmy.world 5 points 1 year ago

Flatpak bottles app

[–] baduhai@sopuli.xyz 1 points 1 year ago

If you're really paranoid, you could run the game inside bubblewrap, inside a container.

load more comments