Hi all.

Can you please advise me how I can prevent data about me from being sent to a developer?

Context:

While wandering around the net, I came across an expression about Foundry being ruthless to pirates. There were no specifics, so I simply typed in the search term “foundry piracy” and found the following:

… and I even found a form to report potential piracy on their official website (https://www.thefoundry.co.uk/licence-compliance/report-piracy/).

So I was wondering, how can I protect myself from something like this? How can I prevent any data about me from being sent to the developer? I don’t plan on pirating any software developed by Foundry, because I’m just disgusted with using tools created by the likes of… people? It’s just the first time I’ve seen something like this, and I’m curious.

After trying to search for something on this topic on the net, I only came across this thread (https://www.reddit.com/r/Piracy/comments/ot6xkq/isolating_pirated_software/).

My thoughts/questions:

  • It seems to me that just blocking internet access through a firewall isn’t going to help here
  • I would ask if using such software only when the VPN is enabled would help, but it seems to me that such software may run some background processes that will be active even after closing the program, and they will just send information about me / my hardware from time to time, including when I disable the VPN, since I won’t be using such software at the moment. And maybe these processes are trickier than normal processes that you can easily close via Task Manager.
  • Can a virtual machine help in such a case? How would it help in such a case? I’ve never dealt with virtual machines and I don’t know what they are, but aren’t they connected to the same network as my main computer, and can’t the developer get information about me if I use just another device, albeit a virtual one? Or is a virtual machine and how it works somehow different from a notional regular computer, as if it were virtual instead of real?
  • Why does the last-to-last link, in the comments, mention using a separate machine? How is that supposed to help? Wouldn’t that machine be connected to the same network as the main machine? Or, if not connected to the network, how would a machine that is used for everyday needs, but notionally never goes online, be different from a new machine that is not used for any everyday needs, and also never goes online?
  • I’ve heard of operating systems like Whonix, Tails, and Qubes. And about WineHQ, which allows you to run software written for Windows on Linux. I’ve only heard of them, and my understanding of them is no more than the word “anonymity”, so I also want to ask, if I use one of these operating systems, and use software like Nuke from Foundry through the use of WineHQ, could that somehow prevent Foundry from sending information about me? I mean using only the raw operating system, one of the ones listed, without using a VPN and a virtual machine along with it. If the answer is no, would a scenario of using an operating system bundled with a VPN and virtual machine help in this situation? Is it even possible to use software like Foundry’s Nuke on such operating systems? Or are they not designed for that, and they only support something more primitive like web browsers?

All I can think of right now is this:

  • We have 2 different computers, - one for everyday use, the other for interacting with all the unlicensed software.
  • On the computer for everyday use we use an operating system like Linux Mint or Zorin OS. On the computer for interacting with all unlicensed software, we also use the conventional Linux Mint or Zorin OS as the main operating system.
  • The computer for everyday use is connected to the Internet, the computer for interaction with all unlicensed software is never connected to the Internet and never goes online.
  • Using the computer for everyday use, download the required unlicensed software using a VPN.
  • The downloaded software is transferred to an external hard disk or flash drive that is not used for any other needs. From the external hard disk or flash drive, then transfer the downloaded software to the computer to use the unlicensed software.
  • Install the unlicensed software on the computer to use the unlicensed software, using a virtual machine with Whonix / Tails / Qubes as the operating system.
  • Using the installed software.

My questions are about the above scenario:

  • Would this scenario help in a similar situation?
  • Does it make sense in the fourth step to not just download using a VPN, but to use a virtual machine as well? Is this even possible? Should I use Whonix / Tails / Qubes operating systems in this virtual machine, or can I just go with the usual Linux Mint / Zorin OS?
  • Does it make sense to use a Whonix / Tails / Qubes virtual machine on the second computer if it never goes online? If it never goes online, can I get by with a virtual machine with a regular operating system like Linux Mint / Zorin OS? Or is that still a risk?
  • I’ve heard that WineHQ is a kind of “emulation layer” and that software is more unstable when “going through” this emulation layer, is this true in 2024? Can all software be used on Linux operating systems using WineHQ?
  • Similar to the question of whether it is possible to use such “heavy” software on operating systems like Whonix / Tails / Qubes, I also want to ask whether it is possible to use it inside a virtual machine? And wouldn’t it be too unstable if a virtual machine is used in addition to WineHQ?
  • Will all unlicensed software work without an internet connection?

I apologize if I’ve written some nonsense. I am weak in technical matters. And I also apologize for possible mistakes in the text, I’m using an online translator.

Thanks!

  • Joe
    link
    fedilink
    English
    arrow-up
    10
    ·
    9 months ago

    I run a particular online windows game in a modded offline mode under Linux in network isolation and with a restricted apparmor profile. So far so good. Logs show no attempts to break out, except for the smoke test I run to ensure the sandbox is working. This is as much because of the random mods I install as the original devs (who could ban my online account).

    On Windows, a VM would indeed be safer. GPU passthrough is possible … I guess easier with Windows using an onboard GPU, then passing a discrete GPU to the VM. You’ll lose some performance with a VM regardless, but it’s easy to disable networking, back up and restore from a known good state, and burn it to the ground when needed.

    • WalnutLum@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      ·
      9 months ago

      How do you end up doing this? I’ve been wanting to do the same thing and I’m curious how proton and apparmor interact

      • Joe
        link
        fedilink
        English
        arrow-up
        1
        ·
        9 months ago

        Apparmor profiles can be applied to an executable - the profile is then (if so configured) inherited by subprocesses. In my case I have a launch script to run lutris in a safe mode. It also changes the effective gid to be matched by some iptables rules (it was easier than creating a new network namespace, which is also possible). The script then checks that the Internet is inaccessible and that reading/writing to secured paths is denied before launching lutris.

        Similarly I have a “safe” script to wrap other commands with an apparmor profile that stops most writes to my homedir/reads from some secure locations, which I often use to run scripts/programs from the Internet.

        My sudo also requires a password (or a special keyboard combination, thanks to a custom pam configuration).

        All that said and done, I’m sure I’ll be caught off guard one day.