Sandbox your gaming rig?

Reading about the aledged Russian hacking of the Pyongyang Olympics, got me thinking about how safe it is to share your gaming PC with home and work functionality. I’m seriously thinking about a foundational rebuild of my gaming rig and not using it for anything else. Anyone else do this?

Very, very skillfully done. “Honey…due to the threat of Russian hacking…I’m going to need a 1080Ti to run all the algorithms necessary to counter the KGB…”

clap

7 Likes

No, seriously, I think that the days of downloading and installing software from all over the planet, a lot of which asks for elevated permissions, are over for me. At work I read threat reports and IPS logs on a regular basis. A lot of the software that flight simmers use come from countries frequently ID’d as having bad site origin. I should know better, but if my gaming rig gets owned, so does my life. In that respect I suppose that a gaming console is much safer. Notice that I didn’t say mobile platform.

It would be an inconvenience for sure, but I’ve got a work laptop that has a limited amount of software installed, such as Office 365 and Box, that would be a better place to carry out work and personal computing.

Not pointing any fingers, but if I were a intelligence service, what a better place to distribute a trojan, than a software company, one of which economic pressure or worse could be asserted?

One that has been discussed publicly, a certain widely used antivirus software, must have been the most ripest of low hanging fruit for a certain intelligence agency.

See how we can have a constructive conversation, without getting political :slight_smile:

2 Likes

I keep work stuff separate, although it is easier as I use a Macbook Pro for office’y stuff. They are really solid laptops.

For threats, if you have the choice of any sort of two-factor account set-up for online accounts (that requires a password and a device/mobile app giving you a one-time code) then always enable it. Google, Microsoft all have it now, and it’s probably the easiest thing to do to make you in the 1% of people that are now more trouble than you are worth in being a target.

For whoever would want your stuff, then it’s probably just as likely some malware/ransomware plain criminals than an actual intelligence service. The country thing only really gets relevant because the recipient servers are back in China/Russia - as those are places that don’t police their ISPs particularly hard (or rather they do, but they don’t care about you having ransomware hurting people in the West).

I also keep the work stuff separate as to be less of a distraction and/or interruptions. I often read on an iPad at night, and don’t have any sort of work accounts near that thing. Past 8pm I don’t want to see work slack/email/carrier pigeon unless it’s on my terms, otherwise it can wait till either a phone call (meaning a real urgent thing) or till the next morning.

2 Likes

I’m a 2FA and LastPass guy, but since my wife and I use a cloud share file provider, which has a replicated folder on my system, that really doesn’t help prevent access to that data. Our banking logins, PayPal, investments are all online behind 2FA. But some things, like tax returns, and all of the stuff requested when you do a mortgage app, like scanned drivers licenses, are in that folder. There’s probably a lot of stuff that wouldn’t be interesting, and things that I haven’t thought of.

I do like your thoughts on keeping work separate fearless. Maybe that’s a good place to start.

1 Like

I believe the most common scam is something that encrypts your ‘My Documents’ contents etc. and then some sort of ‘Unlock Service Fee’ ransom they then try to pull. The actual stealing of tax returns etc is too much individual effort compared to the automated/industrialization ransomware. The criminal outfits literally have staff in call centers…

If you have backup/cloud then at least you can report it, repave and move on. It’s hard for Western authorities to do much as the CN/RU authorities don’t really want to help.

1 Like

Yes, ransomware would be a pain, but recoverable. More worried about identity theft, and work related data loss. Definitely removing work related data.

1 Like

This reminds me of that “Meltdown” and “Spectre” thing … what ever happened to that?

I’ve often wondered about that Rikoooo site where I get a lot of my freeware add-ons. I have no idea how safe their installers are. I should probably smarten up before I get bit.

1 Like

Our Charlotte city servers were hit a few weeks back with Ransom-Ware. They elected not to pay the ransom, and went to a backup…but it took several days to restore, and there was limited government functions for all kinds of things for that week. It was a real nightmare.

2 Likes

Intel is still trying to fix it, while Linus keeps calling them idiots…

1 Like

Can confirm. I use my rig for siming only and I work on my laptop.

Mine is gaming and browsing. My wife has all the financial stuff on her PC. However she does like to click on dodgy e mails :fearful: I have spent more time ridding her PC of viruses than ever I have on my own PC :sunglasses:

1 Like
  1. Have a backup. Preferably, have two backups. Have all your friends backup.
  2. Practice restoring from backups.
  3. Don’t rely on cloud services for backups. Portable HDDs are cheap and plentiful. Internet is spotty and unavailable.
  4. Security mechanisms can and will be broken. There is no cryptographic mechanism that can’t be broken with enough time and processing power. See: Data Encryption Standard.
  5. No matter how many precautions with your PII and other critical information, all it takes is for one lazy IRS employee to improperly discard a confidential hard drive and for the right (or wrong?) person to dumpster dive for it all to be for naught. This is not an excuse not to properly secure and store your digital PII.
  6. If you can swing it, having separate work and gaming systems is a great idea. Depending on how much money you have, a cheap ~$500-700 laptop can serve most work functions. This has been my solution for the past 10 years.

Story time: while working for the DOD, an Army division G2 office discard secret marked hard drives into a dumpster (which, ironically enough, was marked “No metal, no wood”) near our civilian offices. I have no idea how that happened, but the hard drives still had classified information on them. No heads rolled over the incident and it was quietly swept under the rug after the drives were supposedly properly disposed of.

1 Like

Poor oversight. Jeez. They are easy enough to drill.

I use the 3-2-1 method. 3 backups, 2 different local devices, and 1 in the cloud.

My windoze rig is for gaming only with no access to the backup. Next to it is a Mac which is my primary PC and is wired to a harddrive backup. Having two desktops sorta happened as the Windows partition on the Mac began to struggle. Otherwise I would never bother with two machines.