I am looking for help on how to run closed source / pirated games on linux within a virtual machine. I would like to start by saying if I could walk into a shop and buy with cash, a game on a CD like in the old days I would. I have recently become very privacy conscious and until I figure out a way to anonymously and privately purchase things like this I am going to stick with pirating. Also, it is helping me to archive content as everything seems to be moving online and I want to stick with offline applications / media etc in my control.
Now, I am familiar with virtualbox but of course, it is no good for gaming. I have read about other applications that offer much better performance with support for GPU passthrough or similar (but how does this affect the security side of things when running pirated games). Forgive me, this is all quite new to me.
What I want is a virtual machine capable of gaming so that I can more safely run pirated games on linux. Also, I am very new to linux and some help in how I should actually go about running games on linux in the first place. I do not want to just install steam because it has closed source elements and being more privacy conscious now, I’m not sure I want to. Though I am aware I can use the proton layer to enable gaming support which I believe is fully open source. For my purposes lutris sounds like it may be the route to go. Thoughts on this welcome.
As a side note, I am thinking of signing up to GOG as they, to me, seem like a better alternative to steam where I can actually own a DRM free copy of a game that I buy. On a pirating note I thought locating signed, hash checked GOG installers to be a good option for security for dipping my toe into pirating games on linux. I am much, much more comfortable with detecting and removing malware in a windows ecosystem. Linux, completely foreign. So I am trying to be careful.
Once I get fully set up I plan to buy the games I enjoy on GOG, I think that will be the path I can be most comfortable with. At the end of the day I will own a DRM free copy of the game itself. That is the best I can do where I cannot get it on physical media I think. I already do this for CD’s and DVD’s etc.
Any help would be appreciated, thank you.


You shouldn’t need a full VM running Proton. I’d rather use sonething more lightweight, i.e. sandboxing.
Most likely Windows games which are malicious don’t have a way to break out of Linux containment, so if you run all games as a different user with no access to your other files or inside a sandbox, there should be a negligible risk.
The chance of a Windows malware using Linux sandbox exploits is very very very small.
Firejail is definitely something I’ll be looking into on the sandboxing front as it may be the better solution from the sounds of it. How does a sandbox compare to running in a VM? Technically speaking, is the VM safer? Though I appreciate the difference in this scenario may be very small.
The VM is definitely safer by an order of magnitude, because you can use hardware CPU features to guard address areas and have separate Kernels for your games and other OS. However, look at this recent security hole: https://lemmy.zip/post/67733533
Security is never absolute, it’s always relative. It’s also never done, as with time any system can become hacked. Security is both a process and a consideration.
Your threat model is that you download malware which is either written for Windows or has some nasty Linux exploits baked in (as Steam Decks are popular now aswell). I doubt if most people run games without sandboxes that they try to get out of a user namespace with a privilege escalation. Sandboxing in Linux is done with Kernel level separation, and very secure.
Hackers who want to get your data who use a 0day sandbox breaking exploit really deserve your data. If they can do this they’re basically the elite of hackers. Most stuff will be simple crypto trojans and credential stealers, focused at Windows, which are both stopped dead in their tracks by sandboxing.
Let’s say you get 99.9% safety against your specific threat model with sandboxing. If you have 1000 exploits, one might be able to break it, good luck finding 1000 exploits in pirated games even if you try to collect them. And with VMs you might have 99.99% safety but so much less performance and so much more hassle it’s not worth it.
There are lower hanging fruits to hack you at that point. In reality there might be an even lower likelyhood of Windows games breaking out of a sandbox or VM on Linux. I have never even read about something like that happening once.