this post was submitted on 03 Jun 2024
38 points (95.2% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54577 readers
247 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others



Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):


💰 Please help cover server costs.

Ko-Fi Liberapay
Ko-fi Liberapay

founded 1 year ago
MODERATORS
 

I was looking for a pretty niche indie game, but I wanted to try it out before purchasing... The only link that still works is made by a user who made their account 4 years ago and about 700 posts, but also 1 warning.

How do I know whether or not I should trust this link?

top 21 comments
sorted by: hot top controversial new old
[–] viking@infosec.pub 20 points 5 months ago (2 children)

Is the game older, that no active links remain? In that case any up to date antivirus should find whichever malware might be embedded in the game easily.

[–] bobs_monkey@lemm.ee 14 points 5 months ago (1 children)

Better yet, launch it in a VM with an antivirus

[–] WallEx@feddit.de 14 points 5 months ago (1 children)

If you want to be very sure: no Internet connection. There are some ways to escape a VM, but its not very likely.

[–] Appoxo@lemmy.dbzer0.com 3 points 5 months ago (2 children)

I'd believe that such a malware with those zero days would target higher value targets than gamers looking for 60€ entertainment.

[–] aStonedSanta@lemm.ee 3 points 5 months ago (1 children)

Depends. Smart people have children who do stupid shit lol.

[–] Appoxo@lemmy.dbzer0.com 2 points 5 months ago
[–] WallEx@feddit.de 3 points 5 months ago

Yep, was just meant as a "I want it 100% secure" way. Not saying its likely.

It's not that old, just a bit niche.

[–] SimpleBro@lemy.lol 5 points 5 months ago

700 posts is usually fine. I tend to trust repacks less though.

[–] Diurnambule@jlai.lu -5 points 5 months ago* (last edited 5 months ago) (5 children)

~~Or run it in Linux with proton. Same as VM~~

So it seem I was mistaken to feel safe using proton/wine. I stand corrected.

[–] WeLoveCastingSpellz@lemmy.dbzer0.com 24 points 5 months ago (1 children)

Wine is not an emulator. Windows malware works on wine/proton

[–] Diurnambule@jlai.lu 9 points 5 months ago (1 children)
[–] ultratiem@lemmy.ca 3 points 5 months ago

Most don’t actually because Wine Is Not an Emulator. It’s a stripped down windows environment that likely doesn’t have the necessary DLLs installed or the file structure to run it. Moreover, WINE doesn’t really do things by itself. If anything did run under it, you’d see a wine-server process spin up.

It’s definitely not 100% safe, but it’s also not a gaping hole either.

[–] vfosnar@beehaw.org 21 points 5 months ago (1 children)

It really isn't, malware still can easily break out as wine nor proton were never designed for isolation in the first place. Easy example is the Z drive giving program access to the whole Linux filesystem.

[–] Diurnambule@jlai.lu 8 points 5 months ago

Ho I see, I stand corrected. Thanks

[–] dracs@programming.dev 10 points 5 months ago (1 children)

Proton is not the same as a VM. It has direct access to your filesystem. It could delete your entire home directory if it wanted to.

[–] Yglorba@lemmy.dbzer0.com 4 points 5 months ago

Although, as a practical matter it provides some protection in the sense that most malware is probably not designed to do that and will, at worst, fuck up the Windows environment created by Wine / Proton. It's not something to rely on but it is a bit safer than running something directly on your home machine as a practical matter.

(Although I guess that depends what the malware does. If it searches every document on your system for credit card numbers and sends them to Albania, that would probably still work.)

[–] Berny23@lemmy.sdf.org 6 points 5 months ago* (last edited 5 months ago)

Here is a comment I made in another thread:

For pirated games, I recommend Bottles installed as a flatpak. That's because it has a per-game toggle for sandboxing the app, not giving it access to your complete home folder and optionally no network access or audio output.

Even when using trusted sources, you can never be safe enough. Bottles with sandboxing will at least protect your files from crypto trojans and prevent you from becoming part of a botnet. It should not have any impact on performance.

Remember to put all installer files anywhere inside the prefix folder, otherwise sandboxing denies access to them. After creating an empty game entry in Bottles, check the 3 dots menu for the option to open it in your file explorer.

[–] veniasilente@lemm.ee 2 points 5 months ago (2 children)

As an extra layer of security, always run wine / proton as a separate user, for example via sudo, or even better via schroot, which won't let the "Z:/" drive see your entire filesystem.

[–] JackGreenEarth@lemm.ee 3 points 5 months ago

I find Z drive seeing my filesystem a useful feature, for mods for example.

[–] Diurnambule@jlai.lu 1 points 5 months ago* (last edited 5 months ago)

Never player with Chroot need to look into it.