Proposed alternate title: Finding privacy in the various gaming ecosystems
Preface
Summary
Now that we have a Windows Guide in the works (thanks to beerisgood and @ikelatomig), I was wondering what should a dedicated Gaming device should look like? I think I have a spare desktop PC that is currently running Linux for a dedicated gaming device with but with a focus on single player experience. I have moved all the important and critical activities in my full disk encrypted Fedora Silverblue laptop, leaving me free do just a dedicated gaming desktop, which would enable the more nicer features of my hardware such as HDR, Variable Refresh Rate, which is currently absent in most Linux distro implementations. As well as software for adjusting the RGB and mouse DPI adjustments.
So it got me wondering, what does a reasonably secure and private Windows gaming PC would look like, particularly for a single player focused experience? Also, how will it change if I decided to play with other people online through online multiplayer competitive games?
This is not a guide for Windows VM and VFIO passthrough. We are aware of them and probably use them occasionally when we need Photoshop or some niche macro thing that MS Office does that does not translate well to LibreOffice or OnlyOffice.
This is also a guide request and while I think I could make one, I have really not looked into Github and how to do stuff with the whole git thing. I am not trained nor am I working in the tech industry after all. Also I dont think I have time to make one. I would appreciate if the community would do the proper convertion to the git supported format. I am making this under the Creative Commons license under the CC0 specifically.
Looking back at the anniversary of the release of the Steam Deck, it is viewed as an overwhelming success that strives on improving its gaming experience. For the first time since the inception of the Steam machines way back in 2015, Linux may have finally be viewed as an actual viable alternative to the Windows gaming platform. Indeed, the vast 70-80+ of the most played games in Steam is now playable through the improvements of proton and the Linux gaming community.
Use cases for Windows gaming
Despite the advances of gaming Linux, it still lags behind in some areas, notably HDR, VRR and other things like the lack of widespread support for adjusting the DPI and RGB of gaming mice. Anti-cheat software has been promised support for Linux and Valve has made it available as a one-click toggle but not all game publishers want Linux gamers. It seems that some gaming publishers want inclusivity in their gaming, but not those that identify as Linux gamers.
Not everyone wants to convert to Linux, sadly, despite the obvious benefits. Maybe the children want to play a game that is not supported in Linux with their school friends. Perhaps there is a spare Linux PC in the house that sits unused. Or there is a strong desire of internally justifying a newly purchased monitor and graphics card by using its features.
Windows gaming prerequisites
Before we dive into gaming, a quick review of the Windows Guide would have us prepare:
- An Enterprise/Education version of WIndows 11. If unavailable, the Pro is preferred over the Home version.
- Hardening related to BitLocker encryption should be considered especially for laptops, otherwise, a desktop
- A separate administrator account, only used for installing, uninstalling software and providing a means to do other software maintenance requiring elevated privileges.
- UAC must be set to the highest setting.
- All installs should be done via
winget
CLI as much as possible. - Avoid hardware driver adjacent software when you can and just rely on the OS’ ability to find drivers for you.
- A regular (non-admin) account where the actual games and their respective game storefront client will be installed.
PC Game storefronts
Ideally, the most private way to purchase a game is let someone else (because CCTVs), preferably someone you don’t know, go through the front door of the game developer/studio themselves and paying with cash then getting a CD/DVD copy of the game without any DRM of sorts.
Since the death of physical media and in-store purchases, most gamers have collectively decided to just go with online game storefronts for purchases and indeed benefit from the convenience and the various discounts and deals particularly around holidays season.
And these are the game storefronts that we have these days:
- Steam
- Epic Games Store
- GOG
- The Humble Store
- itch.io
- Origin (by EA)
- Ubisoft Connect
- Battle.net (by Activision-Blizzard)
- Windows Store (by Microsoft and all their recently acquired XBox exclusive partners).
- Riot Games
There are also online retailers that buy games in bulk from the above publishers and resell them like:
- Fanatical
- Green Man Gaming
- GamersGate
- IndieGala
- and other, shadier key resellers that is so bad, game devs are actually telling people to pirate their games instead
But which one to pick?
A quick cross reference to Terms of Service, Didn’t Read shows the worst offenders were the larger tech companies (with no surprise) being Apple, Google with their respective storefronts, and followed by Activision-Blizzard (they asked for an ID picture scan prior to account deletion).
Steam, unsurprisingly got a Grade D as they work with other banks and other gaming companies, they are eventually required by law to collect and share personal information because they take credit cards and other payment methods.
The rest of the game storefronts in list above is currently ungraded/unscored in TOSDR. Of particular note are the following:
- Riot Games, home of the much maligned Vanguard kernel-level anti-cheat, which funnily enough, also catches cheaters from other non-company related games (at least according to LTT’s WAN Show).
- Epic Games has also been graciously giving away free copies of proper Triple-A games almost weekly at a more or less regular intervals since its inception with the hope of winning the long term battle of having people with a large amount of free games staying within their ecosystem (and avoiding avoid getting a proper stockpile of Steam games). Unfortunately Epic is doing shenanigans with snooping around your PC and looking at your steam profile surreptitiously.
- itch has probably the least amount of issues, despite its ungraded state. Unfortunately, itch focuses on indie games and pretty much none of the triple-A games are available there.
- GOG does not have DRM software, something that could be a potential source for privacy and security issues. This is probably the better balance between game selection and privacy/security with a more bias towards gaming than actual privacy or security. To make things worse they seem to be Linux averse, but thankfully, games could be run without their client and instead use Wine and/or Lutris - but this is a separate unrelated issue.
But I want all of them on my Windows machine!
The easiest way to do it is to put it all on one user login. Unfortunately with companies like Epic Games that were caught snooping around or with invasive anti-cheat like Vanguard running during startup with the added opaqueness of the Windows, I think it could be best to just separate each storefronts installed as different users to avoid them snooping at each other.
I want my Discord as well!
Discord is particularly creepy because it listens and reads through your messages but it needs an account and a cellular number that would take effort to anonymize. And it is sort of useless because your friends who don’t really care about privacy will say your real name in voice chat or type your name to address you anyway. It is weird to tell them to call you a different name and even then, they will likely not comply.
If you have to run Discord, you can run it as web client if you absolutely have to but you will not get the cool features it has such as automatically detecting the current game playing and also lose the ability to share screen with friends, should they ever need it. There is likely no benefit in running it in a dedicated phone, de-Googled or not.
Alternatively there is Mumble and TeamSpeak, both also ungraded in the TOSDR site. Both also requires knowledge in deploying server software. Keeping it running securely and with up to date patches is another issue altogether. Pushing players to run either of them will go against the network effect that Discord also has, increasing the friction of adoption. You could do Matrix bridges if you want it in your Element chat client but that also takes work and does not include voice comms. You could run with less technical know how by paying them to host your bridge but it also takes time, effort and technical know-how to do so.
Another alternative is you could stick to Steam for voice chats. But I am unsure if the chat is monitored and recorded. Without proof, it feels like it likely is doing the same as Discord because the HQ lives in a Five Eyes country.
While we are at it, you could use Signal for group voice calls but the latency will probably be terrible. The same could be used for text messages as well as any other secure communications software in the Recommendations page.
And that is it! The TLDR is probably:
- Avoid piracy of any sort to avoid malware.
- Use same hardening as the windows guide.
- Buy from GOG if you have to, to avoid intrusive DRM and avoid the rest, if you can.
- Older console emulation is also viable. Sourcing the games ROMs are a potential ethical issue, especially if you do not own them.
- Prefer to install game storefront clients in separate user logins if using multiple game storefronts.
- Use voice and chat comms as seen in the Recommendations. Yes, the experience will probably be terrible if you can even get people to use it.
Emulation and that other shady alternative
Summary
Yet also…
There is another… way to game.
Emulation is sort of a dirty word, and while a lot of the nuance is lost in the vast online discussion out there, more than I could ever put in the effort to understand it. Suffice to say that it is a tool, something we can use in the name of privacy. Another requirement is that you need to have the firmware/BIOS of the console you are emulating and getting them might actually break some laws.
At any rate, I think the best in class of general gaming emulation is RetroArch. I haven’t really had a good dig at it because of the sheer amount of games in my Steam Library. I’ve really stopped pirating games because Steam made it cheaper and easy to access.
Speaking of piracy, needless to say, as with sourcing your Windows OS, piracy is a big no no and has always been a vector of PC malware infection. If you have to, at least borrow someone’s account that has a GOG game you want. Don’t torrent GOG games too, for the same reason.
Consoles:
Summary
will move these in its own different section
Mobile
Summary
- Google Playstore (and its alternative front Aurora store
- Apple AppStore
- F-Droid
- apk from the developers themselves
Interestingly, some games like Valve’s Dota Autochess clone - Dota Underlords, could be availed on Aurora Store without requiring GSF and it could also be downloaded as a separate APK from its official site with offerings for a 32 bit ARM and 64-bit ARM. I haven’t really truly explored what other privacy respecting games could be out there in the Google Playstore but the general pervasiveness of malware makes it a bad place for discovering good games you can enjoy on the go. I want to add F-droid as well, but let’s face it, games in there isn’t as good as we want it to be
Mohamad20ZX
In this guide I well help you to play Android games without losing all of your privacy it’s wip currently but you can support me later this year the full guide well be done by 4 weeks 1st of all use good dns provider like nextdns quad9 mullvad etc or a vpn service like proton vpn ivpn mullvad is a great option and windscribe 2nd limit is much promission as possible only use the must have ones 3rd use an email masking service like simple logins or anon addy 4th use a voip phone number for games using it and for now 5th use a good password manager like KeePass ex bitwarden or 1password
these as well