Microsoft has always had a strange relationship with piracy. They’d obviously prefer everyone pay for their software, and will crack down on stuff that seriously threatens this - but at the same time, their real power and profit comes from their monopoly (well, came from their monopoly; things are weird now due to their failure to win the browser wars and mobile device markets.)

If the alternative is you using a competitor’s software, they’d prefer that you pirate windows.

There is no way to be absolutely, 100% certain. Do not run pirated software on a machine that you absolutely could not afford to lose (ie. work machines). Back up important files.

That said, there’s a lot you can do to reduce your risk:

1. Only download from trusted sources; this is the real value of repackers. The megathread can help with this.

2. GOG games have their executables signed by GOG (and don’t need to be cracked, of course, because they’re DRM free.) As long as you make sure they’re legitimately signed they’re 100% safe. Note: You are almost certainly not bothering to do this.

3. If you’re even slightly unsure about a file, you can upload it to a site like virustotal: https://www.virustotal.com/ - these sites are not magic. They run it through a bunch of antivirus software, which often relies on AI that will have false positives, and of course they can only recognize stuff that either fits the patterns in their AIs or has been seen before, so some stuff could slip through. Still, it’s a good basic precaution. If only a few results come back positive, it could be a false positive; if a bunch of results do, or if any of the results are specific about what they think is wrong with it rather than vague machine learning results, then you probably shouldn’t run your file.

4. Sandboxes and virtual machines are the 99.99% safe way to run stuff if you’re unsure. Remember that a virus or trojan won’t necessarily be obvious when run, so to be really safe you’d have to run things there all the time. In truth, Sandboxie is lightweight enough that you could probably do it all the time without losing much beyond some mild annoyance.

5. Running things on the Steam deck might help a little bit because most viruses aren’t designed to operate on that environment and because, even if they are, there is less there for you to lose than on your desktop PC (except your Steam account, of course.) Proton, which it uses to run Windows games, is absolutely not designed for security or anything like that - it does give them access to your entire file system, not just the box it creates - but a normal windows virus designed without the Steam Deck or proton in mind would just fuck up the environment Proton created for it, accomplishing nothing. And, of course, as mentioned, you have the advantage that you have less important stuff on the Steam Deck to lose in the first place. So it is somewhat safer to run pirated windows games on the Steam Deck than it is elsewhere.

All of that said, if you’re really worried, another solution is to emulate console games instead. That is pretty much 100% safe (absent some weird exploit in the emulator, which AFAIK has never happened.) A game running in an emulator can only do what the emulator lets it do, inside the box the emulator creates for it. Most PC games have Switch versions and Switch emulation is very very good, even if Nintendo has forced them to halt development - we’ll see if that continues into the new Switch 2, but for now it’s a very good option that is basically 100% secure.

Honestly I disagree with the need for bittorrent and a VPN when downloading games, for several reasons:

1. Very few game companies pursue the MPAA / RIAA strategy of monitoring torrents and sending letters to ISPs. It’s not cost-efficient for most of them individually, and there isn’t a centralized organization with that level of reach and power. Those things are something you have to worry about if you’re downloading videos or music, less so games.

2. For software specifically, you generally want to download them from trusted sites, and those use file sharing sites anyway. You don’t need a VPN for them - the reason you need a VPN on BitTorrent is because anyone can slide into a torrent and see who’s downloading there (or their IP address, anyway); this isn’t true for a file sharing site. The effort it would take for an attacker to get information on who’s downloading from a file sharing site isn’t worth it, especially since most such sites would resist as much as possible (knowing that pirates are a big part of their audience and that becoming known for exposing them would destroy their reputation.)

3. While some of those sites offer torrents, those tend to be small and, again, not generally worth the time of the few videogame companies who do focus on them.

That said if you’re downloading really big-name AAA titles over bittorrent, your experience might be different.

But the main thing I would focus on in a guide is how to avoid viruses and trojans and the like. Those are the big risk for game piracy that isn’t present when downloading videos and music (unless you really screw it up and download and run MOVIE.AVI.EXE or something.)

Nintendo’s real intent is doubtless to try and ensure that nobody ever makes a functional emulator for the upcoming Switch 2.

Most likely this incident is an indirect result of that coup. After that, they had to rapidly replenish the mod team and didn’t have time to vet people, so they ended up with someone like this.

FWIW my recollection from looking over sunbothersco at the time was that they were a clout-seeker with no meaningful history on /r/piracy - they were repeatedly and aggressively asking to be made top mod of a wide variety of subs at the time, with no real connection between them. It sucks that reddit was forcing out top mods, but I wish they’d at least followed through on their threat to make it democracy, since there’s no way we would have ended up with someone like that if the system had been anything but “randomly hand the sub to whoever asks first and loudest.”

Although, as a practical matter it provides some protection in the sense that most malware is probably not designed to do that and will, at worst, fuck up the Windows environment created by Wine / Proton. It’s not something to rely on but it is a bit safer than running something directly on your home machine as a practical matter.

(Although I guess that depends what the malware does. If it searches every document on your system for credit card numbers and sends them to Albania, that would probably still work.)

tbh it’s not really necessary today because there are so many ways to share files. Additionally, the distributed network has major disadvantages:

1. No meaningful reputation. If you download software from a file-sharing service you’re taking a huge risk.

2. Ease of use. It’s a pain in the ass to new users, which means it doesn’t thrive the way it needs to.

And the advantages aren’t what they once were. There’s so many sites nowadays and it’s so easy to set one up that being resistant to takedowns isn’t worth the trade-off.

I mean, the alternative is Ryujinx, which Nintendo has for some reason ignored for now.

(Ryujinx’s devs are much more cautious about things like banning any references to piracy in their discord and avoiding anything that could look like getting money in exchange for access, both of which may have given them less legal exposure.)

As the article mentions, they’re releasing the Switch successor soon. I suspect the real reason for this push is to try and scare people off from developing an emulator for that one, at least during the lifetime of the console - it’s a bit late to try and kill Switch emulation given that nearly fully-functional emulators already exist.

Near (the creator of BSNES / Higan, as well as a fan-translator who worked on Mother 3 and Bahamut Lagoon) was driven to suicide. It’s a serious issue. And I suspect the sort of people who work on labors of love are often the most susceptible because they’re the sort of people who want to listen and who care if people say something is wrong with their work.

Doesn’t Retroarch just use the cores of other emulators? It’s more of a frontend. I think that for early Genesis stuff it uses Gens.

They do occasionally ask for money, but their messaging was always a bit weird.

While I agree their communications could be vague in some respects, I feel like the actual issue was that they were too specific in one way. They’ve been clear for a long time that further donations go to buying games from GOG so they can put them on the site (they were clear that they have enough recurring donations to cover the site itself.) The fact that they do this is why they update so much faster than everyone else, since other sites have to wait for games to appear elsewhere and few people bother to distribute updates outside of major ones.

But I think that this meant that there was a lack of urgency that deterred people from donating. If they just said “give us money if you want us to keep doing this” I suspect people would have donated more.

I wonder what happened, though? Something made them change course over just a few days - as recently as March 11th, they were posting updates on their Mastodon account.

Even weirder, the site now has a link to a changlog, listing games they’ve uploaded but which are not available to anyone except people who were invited.

I think that addition is mostly interesting because it shows the mindset of the site’s owners - they feel bitter and put-upon, like they’ve put a bunch of work into the site and gotten little or nothing back. Maintaining the site must be a lot of work. Not that surprising that they’d decide to go private, I guess.

My understanding is that Ryujinx has been a lot more cautious in general. When TotK was leaked, simply mentioning it in their discord instantly got you the pirate role (which means they won’t give you any sort of support), and continuing to mention it got you a ban. Similarly they crack down hard on even the slightest mention of title keys or the like. They’re very upfront that this is done solely for legal reasons, but they’re also extremely thorough about cracking down on any discussions that could expose them to legal vulnerabilities.

They’re more cautious in a few other ways, too. They have a patreon but you don’t get any newer versions or improved features through it, just cosmetic Discord roles, whereas Yuzu offers the latest releases to Discord subscribers first.

Both of these things (Yuzu devs and moderators openly discussing how to get title keys in its discord, and the fact that they profited off the TotK leak by locking versions updated to support it better behind donations) were specifically mentioned in Nintendo’s lawsuit, so it’s likely that Ryujinx being more cautious around potential legal vulnerabilities is what kept them off of Nintendo’s radar, at least for now.

(Of course, if Nintendo does well enough against Yuzu here they might move on to Ryujinx next - but it makes sense that they’d go after the easier target first.)