So what are the risks of having illegal ROMs, anyway?

dankcushions

@mortalwombat it's quite possible to get a virus etc from some of the websites hosting unlicensed roms, depending on the OS/browser etc you use to download them.

i think the chief risk with unlicensed roms is legal action against the websites and projects related to them (however spuriously). retropie is not doing anything illegal (the emulators are legal, and it doesn't distribute unlicensed content), but were the association to become there (via links, open discussion in retropie circles about getting roms, etc), then large publishers may be encouraged to take legal action which would possibly have the desired effect whether they won or not.

Clyde

Regarding "only" downloads, it's vital to know that the software used won't share the already downloaded parts in return. Peer-to-peer file sharing programs like BitTorrent do that in their standard setting, and some of them don't even have an option to disable it, or may slow down the download rate of so-called Leechers to a crawl. Such automatic file sharing may actually put you into the crosshairs of law enforcement or copyright holders, whereby the latter's privat actions can result in very high damages even for only a few shared files, see Legal aspects of file sharing.

So, aside from thinking twice about breaking any laws of your country even if the risks seem to be low, never ever use file sharing tools doing it.

A Former User

@clyde It is very messed up that the P2P file sharing programs can potentially ruin someone's life even when they only wanted to download something that is copyrighted and not deliberately share it online.

Even worse is the legal system makes no considerations for cases like this and can still deal out the maximum fine or even a jail sentence with the fine against the individual who didn't even write the program to begin with.

I do sympathize with the companies losing a lot of money to piracy, but I do ask that they show mercy on the small time offenders who aren't even trying to host content illegally for millions of people to download.

Clyde

@agtrigormortis said in So what are the risks of having illegal ROMs, anyway?:

@clyde It is very messed up that the P2P file sharing programs can potentially ruin someone's life even when they only wanted to download something that is copyrighted and not deliberately share it online.

I get what you mean, but ultimately, they "only" knowingly want to download software illegally. So, it's a little bit like feeling pity for the trespasser who hurts himself on unfamiliar terrain that he was not allowed to tread.

That, and the general advice to make yourself familiar with any software you plan to use, aka RTFM.

A Former User

@clyde Except this is not a life or death situation, the individuals who infringe on copyright laws are not killing or injuring anyone in the process of infringing on copyright law, this is about private property and the copyright holders know it.

to put someone in insurmountable debt over this would be cruel. It's more comparable to an exploitative loan company increasing interest until the debt payer is no longer able to pay the debt down.

In fact this is one of the arguments that get brought up when people make criticisms against free market capitalism, if business people are given free reign to dehumanize other people for the pettiest of infractions, then we have a serious problem that has to be dealt with. I don't agree that people should have their lives ruined, just because they stole private property, especially if first offence. When you're talking about violent offenders then lengthy jail terms with or without fines, are justifiable.

A Former User

@mortalwombat The risks are other than the obvious fact they can get you sued

yes, you're absolutely correct that viruses (or malware as the modern term for malicious software is) is entirely possible to be downloaded to your device if you're not careful.

You should never trust software from unofficial sources or websites that don't actively filter out harmful software. All it takes is one time and something belonging to you can be taken, it may be something insignificant like ads which at the very worst would slow your PC down, but sometimes it can be something much more destructive like keyloggers or ransomware.

That said I've ran Ristar from my Sega Genesis collection library from Steam on my Pi4, and it worked without a hiccup, also definitely legal, since it is not an encrypted ROM or given to somebody else.

I wouldn't advise taking the chance on illegal ROM's for the reasons mentioned though, yes you're less likely to get into trouble if it is just downloading and not sold or hosting, but the chance still exists. If you download illegal ROM's, then the consequences are on you, no one else.

I would advise doing something that would at the very least fall into a grey area, such as dumping ROM's of cartridge games you already own, to use with your RetroPie system.

Crush

Legal answers are useless if no one cares to ask what country/legal jurisdiction you fall under.
For instance in my country it's not (yet) illlegal to download copyrighted media, cause technically you don't know if uploader is licensed to, but its illegal to upload.
But that's not what you're looking for anyways.
Technical, worst case scenario is that you have to reboot your pie, but it is the same with legal roms.

[Edit] sorry just notice this is a necro thread.

Clyde

@crush said in So what are the risks of having illegal ROMs, anyway?:

Technical, worst case scenario is that you have to reboot your pie

Or rather that a malware that you picked up on an illegal download site eats through your network and the computers connected to it.

I know this should be very unlikely with the common emulation romsets, but it is the worst case scenario that I can think of.

Crush

@clyde said in So what are the risks of having illegal ROMs, anyway?:

Well he did ask about roms, not dodgy sites, no downloaded file you try to run as a rom in retropie is capable of doing what you say.
I'm not going to comment on how to surf the web safely.

Clyde

@crush I wasn't sure if your answer was connected to @AGTRigorMortis' one directly above it. Thanks for the clarification.

As for dodgy sites, apart from maybe archive.org, I'd call every site that you can download illegal software from dodgy and potentially dangerous. And although it doesn't seem to have been heard of (I called it very unlikely after all), I wouldn't be so sure that a capabably hacker couldn't come up with a modified rom that exploits some security flaw in an emulator, just like malicious image files can infect your system by simply viewing them. Ultimately, roms are just code executed by other code.

It may be very hypothetical at this point, but I would never say that it couldn't happen principally. Especially since emulators are a niche software that isn't audited for security issues regularly like many mainstream applications are, and which are found insecure on a quite regular basis. Thus, I expect emulators to have undiscovered security flaws almost certainly.

A Former User

@clyde It's also hard to know if segaretroorg doesn't have malware, Steve Snake hasn't updated Kega Fusion in a very long time to my knowledge and the site that originally hosted it (Eidolons Inn) is no longer available. Plus there's the whole requirement for BIOS files in Sega CD emulation on Kega Fusion, which is another security problem and illegal.

Crush

@clyde Ok i will comment on surfing the web more safely lol.
Just because this has made my life on the world wide web so much better for years.
In Chrome under privacy and security settings block javascript.
Now no site can use javascript without your permission.
Get this addon to simply give or revoke javascript permission with the press of a button. https://chrome.google.com/webstore/detail/quick-javascript-switcher/geddoclleiomckbhadiaipdggiiccfje

You'll find many site's wont need javascript to function.

YFZdude

@crush
Yes JavaScript is a problem these days.
I prefer browser extensions that default to blocking but give you the option to selectively enable the scripts one at a time until the website starts working properly.

It turns out that almost every website I visit regularly has necessary scripts (1 or 2) and also they usually have something google related that is completely unnecessary. So I leave those blocked. Sometimes it can be quite the adventure figuring out which 4 or 5 scripts need to function out of the total 17 or so in order to submit forms or login properly on some website out there.

A Former User

@yfzdude Another heavily flawed extension is Flash, which is now disabled by default these days but back when it was relevant and commonly used, it apparently was one of the most exploitable software out there. For security reasons it's best to have it disabled. And while some software can't run without Adobe Flash, most can, and Youtube uses HTML5 I believe, so this made Flash Player obsolete. The only thing Flash was good for is free online games but the security risks just aren't worth it imo.

Crush

I think the biggest risk from within retropie is Kodi when used with unofficial repository, an overwhelming number of them does exactly that, there was a piece on it a while back on tv where they they researched Kodi and its security, you're golden with the official repository, but the majority of the ones that enabled illegal downloads of shows and movies also caused compromised networks.

Where as with emulated roms they're mostly contained in an emulated workspace on an emulated machine, especially when it comes to the console games, the profit vs effort ratio needed to breech that for malicious purposes is not very attractive, when there's easier and much more popular things like Kodi out there.

A Former User

@crush May as well consider it phishing, it's the same end result if it means more people get hacked. If it's just advertisements then I would say who cares, sure they're annoying but generally are not harmful and there's often workarounds for stuff like that, but from what you're suggesting it seems a lot more serious than that.

Clyde

@crush said in So what are the risks of having illegal ROMs, anyway?:

In Chrome under privacy and security settings block javascript.
Now no site can use javascript without your permission.
Get this addon to simply give or revoke javascript permission with the press of a button. https://chrome.google.com/webstore/detail/quick-javascript-switcher/geddoclleiomckbhadiaipdggiiccfje

I'm using Firefox with uBlock Origin against ads and uMatrix against scripts and other active content in webpages. Both are also available for Chrome/ium.

@yfzdude said in So what are the risks of having illegal ROMs, anyway?:

I prefer browser extensions that default to blocking but give you the option to selectively enable the scripts one at a time until the website starts working properly.

Me too, and as a neat but also sometimes horrifying bonus you'll see how many external scripts and content providers many websites are loading nowadays – with at least your IP shared among all of them if your browser is allowed to contact them.

@A Former User said in So what are the risks of having illegal ROMs, anyway?:

If it's just advertisements then I would say who cares, sure they're annoying but generally are not harmful

With some exceptions like Malware Hidden In Banner Ads Served Up To Millions already being reality.

MortalWombat

@clyde and to the rest of youse talking about privacy issues related to your browsers, you can also try checking out the Brave browser, which apparently blocks ads and website trackers (and no, I don't work for Brave or am I getting anything for mentioning it, just heard it mentioned in a computer course I was in...).

Clyde

@mortalwombat I know Brave, and a good friend of mine is a big fan of it. I just prefer Firefox for the time being, because I'm used to it, it isn't based on Chromium (I don't like Google), and it doesn't have a somewhat controversial business model like Brave does.

That said, I wouldn't discourage people from using Chromium (with the proper privacy addons) or Brave, since those are still preferable to even more controversial browsers like Google Chrome or Microsoft Edge.

As for addons, I forgot to mention Privacy Badger from the Electronic Frontier Foundation (EFF). It's available for Firefox, Chrome/ium, Edge, and Opera.

retropi19

@clyde for sure this guy is a heaven in copyright
[site removed]