How to ensure security on a gaming system with constant (un)installs of games needing admin rights

Discussion in 'other security issues & news' started by tetsuo55, May 3, 2015.

  1. tetsuo55

    tetsuo55 Registered Member

    Joined:
    Aug 12, 2008
    Posts:
    126
    Hello All,

    I have been reading a lot of the posts on security setup's but i dont think my specific situation is covered.

    My system is primarily used for gaming, what this means is that i am constantly running installs and uninstalls of games, these mostly require admin rights and the files are generally too big to scan with services like virustotal.

    I need a setup where i wont be bogged down too much by having to allow exceptions to all the security several times a day so i can install\uninstall the games.

    The second problem i am facing is that most of those games need admin rights for one reason or another, so it would seem to defeat the purpose of an elaborate lua setup.

    Any ideas on how i can get my PC secure and private while still being able to do the above?
     
  2. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Constant backups and updates are necessary for one thing. Also, elaborate network filtering, behavioural analysis, and anti-exploit may be needed.
     
  3. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Why do you suspect those files, where do you get your games?
     
  4. tetsuo55

    tetsuo55 Registered Member

    Joined:
    Aug 12, 2008
    Posts:
    126
    Hi Joxx,

    I suspect the files mostly because because a lot of companies have a bad history of adding rootkit-like DRM protection schemes and adware to their games.
    Sometimes older games no longer work properly on a newer Os and you need to use some kind of fix to bypass such protection schemes.
    Finally the games can contain regular malware by accident or on purpose for none of the reasons above.

    I get most of my games from steam, origin, uplay, gog, humblebundle and the rest often through manufacturer sites, often these are chinese developers that barely translated their site to english.

    I should probably refrase my question to: "How to secure a system where all the apps require admin rights"
     
  5. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Once a friend had about the same issue; what I had him do was to install two OSs (both Windows 7) on different disks. The gaming OS was installed on a SSD with a 2TB HDD for the games, the all purpose OS (another SSD) had a 1TB HDD for data.
    When installing the OSs take care to disconnect all other disks except the one where you're installing (so Windows doesn't write on the other disks).

    So, to answer the question:
    create two systems.
     
  6. tetsuo55

    tetsuo55 Registered Member

    Joined:
    Aug 12, 2008
    Posts:
    126
    Ok that seems to make sense, I'm considering putting the 2nd os in a vm instead of booting between the 2
     
  7. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Can't believe I forgot sandboxing/virtualization, that is definitely a way to go.
     
  8. MisterB

    MisterB Registered Member

    Joined:
    May 31, 2013
    Posts:
    1,103
    Location:
    Southern Rocky Mountains USA
    Due to the performance demands of gaming, virtualization might not work out. I would go for dual booting or just dedicate one machine to gaming and use another for anything that needs more security. If you set up a secure guest VM in an unsecure host, that would be problematical and you would take a real performance hit if you used a VM for gaming.
     
    Last edited: May 5, 2015
  9. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Sandboxie has a very little performance impact for me. Plus you can harden it as you like.
     
  10. tetsuo55

    tetsuo55 Registered Member

    Joined:
    Aug 12, 2008
    Posts:
    126
    So i could do the gaming in sandboxie? and take a minor hit and keeping the host safe?
     
  11. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,126
    Sandboxie will only isolate a particular app at a particular moment; also the game would still have to have access to critical parts of the OS and to the net: a keylogger would still be able to do its job. You want total isolation.
    If you decide on a VM, virtualise the non-gaming OS. But remember to keep inside the virtual disk all the data related to that OS.

    I would still go with a two disk dual boot.
     
  12. tetsuo55

    tetsuo55 Registered Member

    Joined:
    Aug 12, 2008
    Posts:
    126
    So my working/playing style would make rebooting between os's extremely difficult.
    And putting the games in the guest vm seems to be pointless.

    Is there any way i can improve upon sandboxie to protect the host and vm better?
     
  13. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Harden it with access restriction policies.
     
  14. tetsuo55

    tetsuo55 Registered Member

    Joined:
    Aug 12, 2008
    Posts:
    126
    I let this all sink in and realise that seperate os''s on seperate disks in the only proper way.

    Thanks for all the advice.
     
Loading...