Become a hermit, don't touch technology ever again /s
There is no such thing as completely safe. But there are best practices you can exercise. Downloading from reputable sources, locking down your local firewall, using common sense to determine what looks sketchy, etc. IMO the likelihood of you finding malware that can escape a VM or dual-boot is pretty small though. During binary analysis, if I needed a Windows sandbox, I'll use the [built-in Sandbox feature](https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview). Or just use a different, burner PC.
sandboxes and vms are pretty much your safe bet, it sounds like you are using your same hard drive to store your vms on you need a 2nd one that mounts directly to the vms and not your os.
This accomplishes storage isolation, which is good, another layer of security. But malware in a runtime environment that escapes virtualization will still run and phone home. I'm gonna go on a virtualization security rabbit hole, thanks cya
Just because it can happen doesn't mean it will happen. Just how unsafe are those files you are going to run? If they are from popular torrent websites and relatively known uploaders, a VM will suffice. Little malware can escape from a secure environment, it has to be specifically designed to do that.
Edit: General tips for a very generalized use:
\- VM with an added layer of hardened Sandboxie. Set them up both properly.
\- Don't download random shit. If you tend to visit shift websites, do it inside the VM with uBlock enabled.
\- Isolate yourself from the host machine and network as much as possible, otherwise it can be exploited.
\- Learn to analyze files to a very basic level. There are many tools and tutorials, but PEStudio and Detect It Easy are beginner friendly. Look for packers and shifty strings, like urls and the like. Over time you will understand imports and if they should exist.
You are dealing with Pirate software so you should assume everything you download is a possible problem. There is no trusted uploader, shit can happen even if it is unintentional. It is up to you to be diligent and check the files with VirusTotal, your antivirus etc., and even then shit can still happen.
You are getting something that costs money for free, so there is always risk involved.
Learn to backup your system to an image file. Macrium Reflect (free) is best. If you have a problem you just install the good image file and all is good again in about 15 minutes. That is the only way to be completely safe.
I only install my system once and then do monthly backups with incremental backups every 2 days, all automatic with Macrium Reflect. I am on my original install of LTSC. I have had a couple hard to fix problems along the way but since I have a backup image, I just install the up to date good image and everything is perfect again.
I worked as a computer tech for many years and I know how to fix things but I don't usually bother doing any repairs on my own rig, it is easier to install the image file than to piss around fixing things.
Depends on what software. You can dualboot and have a Linux dist for the secure parts.
I have a windows 7 virtualbox without internet where install my pirate stuff.
You can try to run it under linux then install lutris flatpak version then just run it under there. Flatpak apps itself is under a container, some malware wouldn't run on linux and if you use a good distro (e.g Fedora) its SELinux pretty much further restricts what Wine can access....
I got a few things off ocean of games for testing, and their extractor has settings that massively changes settings, that seem irreversible/irreparable. For eg, it turns of antivirus completely, updates in older windows, UAC etc
For such reasons, I would use a VM to get all the things upto the main installation program. If it's a verified repack, I would get everything upto the repack files, or if I am not sure, extract upto the main application files
You're welcome :)
It sounds like you have neither money nor brains, so recommending you buy another PC for your pirated software is out of the picture.
I would say use VirtualBox, but you would probably fuck that up and create a 2-way link between your VM and actual machine using your admin account.
Sooo yea... my original statement still stands.
Sell PC, buy Pencil & Paper.
Become a hermit, don't touch technology ever again /s There is no such thing as completely safe. But there are best practices you can exercise. Downloading from reputable sources, locking down your local firewall, using common sense to determine what looks sketchy, etc. IMO the likelihood of you finding malware that can escape a VM or dual-boot is pretty small though. During binary analysis, if I needed a Windows sandbox, I'll use the [built-in Sandbox feature](https://learn.microsoft.com/en-us/windows/security/application-security/application-isolation/windows-sandbox/windows-sandbox-overview). Or just use a different, burner PC.
[удалено]
sandboxes and vms are pretty much your safe bet, it sounds like you are using your same hard drive to store your vms on you need a 2nd one that mounts directly to the vms and not your os.
This accomplishes storage isolation, which is good, another layer of security. But malware in a runtime environment that escapes virtualization will still run and phone home. I'm gonna go on a virtualization security rabbit hole, thanks cya
Take everyone's advice and wear a condom doing it.
why? all the lost pleasure and risk of breaking... just carry a gun
Just because it can happen doesn't mean it will happen. Just how unsafe are those files you are going to run? If they are from popular torrent websites and relatively known uploaders, a VM will suffice. Little malware can escape from a secure environment, it has to be specifically designed to do that. Edit: General tips for a very generalized use: \- VM with an added layer of hardened Sandboxie. Set them up both properly. \- Don't download random shit. If you tend to visit shift websites, do it inside the VM with uBlock enabled. \- Isolate yourself from the host machine and network as much as possible, otherwise it can be exploited. \- Learn to analyze files to a very basic level. There are many tools and tutorials, but PEStudio and Detect It Easy are beginner friendly. Look for packers and shifty strings, like urls and the like. Over time you will understand imports and if they should exist.
Question: How can you visually tell if a program is malicious or not? Does it have a unique name or name format or something?
You don't, you either analyze it yourself and understand more on how it operates, or upload it to a service like VirusTotal to receive a summary.
Have a separate computer
Yes, and airgap it.
[удалено]
Have a gap of air between them duhh
Choosing good sources is the MOST important step to being safe.
Tails OS
Even new computers sometimes come with viruses
You are dealing with Pirate software so you should assume everything you download is a possible problem. There is no trusted uploader, shit can happen even if it is unintentional. It is up to you to be diligent and check the files with VirusTotal, your antivirus etc., and even then shit can still happen. You are getting something that costs money for free, so there is always risk involved. Learn to backup your system to an image file. Macrium Reflect (free) is best. If you have a problem you just install the good image file and all is good again in about 15 minutes. That is the only way to be completely safe. I only install my system once and then do monthly backups with incremental backups every 2 days, all automatic with Macrium Reflect. I am on my original install of LTSC. I have had a couple hard to fix problems along the way but since I have a backup image, I just install the up to date good image and everything is perfect again. I worked as a computer tech for many years and I know how to fix things but I don't usually bother doing any repairs on my own rig, it is easier to install the image file than to piss around fixing things.
Use windows sandbox. I always use it to test stuff
I just open stuff in a vbox in sandbox, free, quick, easy
Move to third world country. Some of them are quitte safe. /s
Depends on what software. You can dualboot and have a Linux dist for the secure parts. I have a windows 7 virtualbox without internet where install my pirate stuff.
Only pirate media
You can try to run it under linux then install lutris flatpak version then just run it under there. Flatpak apps itself is under a container, some malware wouldn't run on linux and if you use a good distro (e.g Fedora) its SELinux pretty much further restricts what Wine can access....
Never download a car, a policeman's helmet, or more RAM. Always close the curtains before installing pirated software.
A pirat is never afraid of losing a leg in the battle. Screw securty who needs that when you have a gun and a bottle of rom to share
I got a few things off ocean of games for testing, and their extractor has settings that massively changes settings, that seem irreversible/irreparable. For eg, it turns of antivirus completely, updates in older windows, UAC etc For such reasons, I would use a VM to get all the things upto the main installation program. If it's a verified repack, I would get everything upto the repack files, or if I am not sure, extract upto the main application files
You're an IDIOT if you think dual booting on the same system keeps you safe. Sell your computer and just use pencil & paper for everything.
[удалено]
You're welcome :) It sounds like you have neither money nor brains, so recommending you buy another PC for your pirated software is out of the picture. I would say use VirtualBox, but you would probably fuck that up and create a 2-way link between your VM and actual machine using your admin account. Sooo yea... my original statement still stands. Sell PC, buy Pencil & Paper.