Author: Manu
Published: 6 June 2018, 5:28 pm

How we keep GamesNostalgia safe from viruses and malware

Running a website with almost 800 downloadable games and more than 1500 files gives you much responsibility regarding the safety of the PCs and Macs that will download those files.

GamesNostalgia is known as an extremely well-curated website, that doesn't spam or fill the pages with aggressive advertising, and that provides only quality content. We want to keep this solid reputation, and the last thing we want is to hear that someone got a virus after downloading a file from our website. That's why we take all the necessary countermeasures.

We discussed this topic in our Discord chat recently, and we decided to post here all the info that we have posted in the conversation.

Server-side generated packages

First thing, most of the packages that you can find on GamesNostalgia are created remotely. It's the case, for example, of Amiga, MSX, and Commodore 64 packages.

The server runs Linux, which decreases the chance that the files got infected by a Windows or Mac virus.

A copy of the latest version of the required emulator (e.g., FS-UAE for Amiga games) was previously uploaded to the server. The emulator is transferred directly from the source website to our server, which means the emulator cannot get infected during the transfer.

Then, when we need to pack a new game, a server-side process takes the original game, creates the package and compress it into a 7zip archive. This is the archive that users will download.

A random screenshot of a Linux command line interface

Pay attention to the fact that the original games cannot get infected by "modern" viruses or trojans. If they contain a virus, it's an Amiga or C64 virus, and this malware cannot be transferred to your PC or Mac. The only thing that can get infected is the emulator, but as described before, this software is downloaded only once, from its source website to the Games Nostalgia server directly. Unless the creator of the emulator distributes an infected file (very unlikely), the packages are safe.

Additionally, after the archive is generated, we usually download it to our PC or Mac to test the game. This means there's also a client-side check, as described in the next paragraph.

Packages created on PC or Mac

Some packages are processed remotely, but other games require some work on a PC or a Mac. This is the case of old Windows titles (e.g., Hercules and Road Rash).

No need to say that the PC and the Mac that we use, are both of them well protected. On the PC we use Avira PRO, while on the Mac we have F-Secure. Once the packages are created, they are compressed and uploaded to the server. But the initial antivirus check is not the only one; there's another security level, described in the next point.

Avira is a very good antivirus. They also offer a free version

Server-side antivirus check

The Linux server where the files are stored has an antivirus system called ClamAV. A job scans all the packages every day. The virus DB is continuously refreshed, so that old games archives are checked for new viruses again and again. In three years of GamesNostalgia, it happened once only that a package was reported as infected by malware. We downloaded the game and scanned it, and it was clean. Anyway, the package was removed and replaced.

The ClamAV logo is quite scary

Worst case scenario

If you have reached this point, you should know that the games are clean on the server, so they are clean when you download them. But what happens if hackers break the server? Is that possible?

Of course, it is. We took all the standard security measures, but no server can be considered 100% secure. If Russian or Chinese hackers (apparently they are the best) decide to enter our server, with the required time and required resources, they would be able to do it. If they hacked Apple, Twitter, and all the top companies, how couldn't they be able to hack GamesNostalgia? If they enter, they might delete everything, or they could infect some games with Melissa or other viruses, who knows.

To be honest, I highly doubt they will spend money trying to enter, since we don't have anything valuable for them. Anyway, let's say that this happens. Luckily, there's no way this comes unnoticed: first, our server-side antivirus would start reporting anomalies; second, everybody has an antivirus right? We would immediately begin receiving a lot of messages if a game was infected. If we discovered our server was violated, we would shut down the website immediately. [I really hope this will never happen]

Why does Windows Defender report a trojan in our games?

This is a known problem. Windows Defender cannot read our maximum compression 7zip archives properly. Sometimes it finds a virus/trojan/malware in files downloaded from GamesNostalgia. These are false positives. Just deactivate Defender, download the archive and extract it. After that, you can rerun a virus scan on the game folder. You will see that the files are clean.

Windows Defender is a bit too overprotective

That's all for now. If you have suggestions, feel free to write us. The security of Games Nostalgia is a top priority for us. If we have updates, we will post them here. Enjoy!