• Announcements

    • khawk

      Download the Game Design and Indie Game Marketing Freebook   07/19/17

      GameDev.net and CRC Press have teamed up to bring a free ebook of content curated from top titles published by CRC Press. The freebook, Practices of Game Design & Indie Game Marketing, includes chapters from The Art of Game Design: A Book of Lenses, A Practical Guide to Indie Game Marketing, and An Architectural Approach to Level Design. The GameDev.net FreeBook is relevant to game designers, developers, and those interested in learning more about the challenges in game development. We know game development can be a tough discipline and business, so we picked several chapters from CRC Press titles that we thought would be of interest to you, the GameDev.net audience, in your journey to design, develop, and market your next game. The free ebook is available through CRC Press by clicking here. The Curated Books The Art of Game Design: A Book of Lenses, Second Edition, by Jesse Schell Presents 100+ sets of questions, or different lenses, for viewing a game’s design, encompassing diverse fields such as psychology, architecture, music, film, software engineering, theme park design, mathematics, anthropology, and more. Written by one of the world's top game designers, this book describes the deepest and most fundamental principles of game design, demonstrating how tactics used in board, card, and athletic games also work in video games. It provides practical instruction on creating world-class games that will be played again and again. View it here. A Practical Guide to Indie Game Marketing, by Joel Dreskin Marketing is an essential but too frequently overlooked or minimized component of the release plan for indie games. A Practical Guide to Indie Game Marketing provides you with the tools needed to build visibility and sell your indie games. With special focus on those developers with small budgets and limited staff and resources, this book is packed with tangible recommendations and techniques that you can put to use immediately. As a seasoned professional of the indie game arena, author Joel Dreskin gives you insight into practical, real-world experiences of marketing numerous successful games and also provides stories of the failures. View it here. An Architectural Approach to Level Design This is one of the first books to integrate architectural and spatial design theory with the field of level design. The book presents architectural techniques and theories for level designers to use in their own work. It connects architecture and level design in different ways that address the practical elements of how designers construct space and the experiential elements of how and why humans interact with this space. Throughout the text, readers learn skills for spatial layout, evoking emotion through gamespaces, and creating better levels through architectural theory. View it here. Learn more and download the ebook by clicking here. Did you know? GameDev.net and CRC Press also recently teamed up to bring GDNet+ Members up to a 20% discount on all CRC Press books. Learn more about this and other benefits here.
Sign in to follow this  
Followers 0
RalemProductions

Prevent Losing Entire Project To Malware

20 posts in this topic

So I was working on a game for several months and it got encrypted by some ransomware named Cryptoware. I have a separate computer I use for my game programming, so I thought my computer was safe, but that turned out to not be the case. Any advice on what I should do in the future to prevent such catastrophes? I am a solo game developer so I don't have much of a budget, but would like to know what the options are. 

0

Share this post


Link to post
Share on other sites

Do you have a good, name brand antivirus program?

 

Getting the subscription to this is worth the money. My Norton has alerted me to viruses before.

0

Share this post


Link to post
Share on other sites

For the future, as several people have stated, source code control is a must. And it'll help prevent all kinds of other issues, like accidentally breaking your game and forgetting which change introduced the bug.

 

The easiest way to get started, if you are on Windows, is to download SourceTree and set up a remote repository on GitHub or BitBucket. All of which are free. 

2

Share this post


Link to post
Share on other sites

sad. If it's a recent Cryptoware version, your resources are indeed forfeit.

 

Take a good firewall and learn how to use it  (comodo is free and has no glaring flaws I could bypass with 10 lines of code, contrary to Norton and too many)

Keep your OS up to date

Remove JAVA from your browser (and ideally flash)

Don't download crap over the internet and stop visiting weird websites

 

Anti virus are mostly useless against new / recent threats, even old ones when they went through some kind of encryption i wont bother to explain in details, let's just say it gets encrypted using genetic methods until it can't be detected by AV anymore (all of that perfectly automated in the delivery server).

 

Also, backups and remote repository as said by the others.

0

Share this post


Link to post
Share on other sites

Any advice on what I should do in the future to prevent such catastrophes?

 

Any idea how you got the virus in the first place? Would be good to know so I can avoid doing the same thing (assuming it wasn't some silly way that you should have know better of course smile.png)

 

Yes re backups. I would have thought HDD failure was a more likely occurrance than a serious virus assult on a modern OS and all the protection software in the world won't help you if your disk goes bye bye.

Edited by Aardvajk
0

Share this post


Link to post
Share on other sites

Run an up-to-date OS (Windows XP, Vista, 7 and 8.0 do not count). Make sure Window's Defender is active and updated. Make sure your firewall is active. Use Chrome or FireFox with AdBlock installed, and make sure plugins like Java and Flash are running on a whitelist model (i.e. approve manually for each site, rather than blacklisting specific sites).

 

I have never, ever had a virus or malware problem on a personal computer (though to be fair, I spend more of my time on Mac or Linux than I do on Windows). It's mostly a matter of not taking silly risks, and BACKING UP *all* your data.

0

Share this post


Link to post
Share on other sites

I was wondering maybe next time you take a offline pc for programming ?, its not safe otherwise.

( Look i,m not so crazy after all !, saying with all the updates its save : thats crazy )

Edited by the incredible smoker
0

Share this post


Link to post
Share on other sites


saying with all the updates its save : thats crazy

Millions of people around the world use computers every day. If they were all that easily wiped out by malware, the whole system would have fallen apart years ago.

2

Share this post


Link to post
Share on other sites

I use several computers in a week, I do a lot of travelling too. I always have to expect that I'll drop/lose/break a laptop, or that a harddrive will fail. There's simply no way I can trust a single computer with all my stuff, it's not safe, nevermind impractical.

 

For code I use Github/Bitbucket, so all my computers can pull/push the latest and greatest version of the code. If I lost code on one computer it would be no big deal.

 

For 'active' files in recent use I use OneDrive as my main documents location which syncs with all my devices, very convenient. Dropbox and Google Drive would be just as good too.

 

For other less-used files I have a terabyte NAS at home which serves as a backup location and does reasonably well. Although I have recently entered a situation where there are files that exist solely on the NAS, so it is no longer a backup of those and I need to work something out. I am thinking that Amazon Glacier could be a good solution.

 

At the end of the day it all comes down to backups and keeping those organised (you don't want to have different versions of the same file on different devices). For code a VCS like Git makes that really easy.

Edited by dmatter
2

Share this post


Link to post
Share on other sites

I keep all of my important files on a dedicated fileserver which serves them up as SMB shares to my Windows boxes.  The fileserver is running a free variant of the Solaris OS with the ZFS filesystem and I'm using the free version of Napp-it to take ZFS-snapshots daily, weekly, monthly, and annually.  This lets me go back to earlier versions of my files from my Windows machines.  From the Windows machines, the snapshots are read-only, so a virus on Windows can't alter or erase them.  I keep the fileserver behind a hardware firewall which blocks (almost) all internet access to keep it safe from malware.

The fileserver uses disk mirroring to keep redundant copies of everything, and ZFS has block-level checksumming and auto-self healing to protect against hard drive errors or failure.  The fileserver also uses ECC RAM to protect against in-memory data corruption due to cosmic rays or whatever.

In addition, the fileserver is backed up to the cloud, so even if the fileserver and all of my computers were destroyed, I could still recover my data.

 

I've been using a setup like this for about 4 years now and haven't lost any files in that time.  I've found the snapshots useful on occasion, and the ZFS checksumming detected when one of my enterprise-grade drives started writing tons of errors after working perfectly for years.  Fortunately the other drive in the mirror still had a perfect copy of everything, so after replacing the drive and a few hours of resilvering everything was fine.

More info about ZFS/Napp-it here:

http://hardforum.com/showthread.php?t=1573272

 

Also, I don't recommend using Visual Studio to edit your source files directly on a network share.  It will slow down the UI thread to a crawl because of intellisense and the fact that Windows won't cache files on a network share.  It probably slows down compile times as well.  So I work on a local copy and I use a program called FreeFileSync to mirror my work to a location on the network share where it can get snapshotted and backed up remotely.

0

Share this post


Link to post
Share on other sites

Sorry for repeating, but this is important!

 

Don't trust any computer! They tend to die. I have never been subject of serious malware, though I don't take much precaution - keep windows updated and disable plugins by default in chrome. I have however had computers and external hard drives die on me, on several occasions. Even had a paid vps host provider delete my node!

 

If you care about a file you make sure to have a backup! and for software projects this is particularly easy! Subversion is super easy to get running, and for open source projects Google Code is perfect. Subversion is however not preferable for a team project, as it only have one branch. Git is my preferred choise. For individual projects it is as simple as subversion (tortoise both have a svn and git client). GitHub and Google Code both offers free git hosting for open source projects, and GitHub is very cheap for their low-tier private hosting.

 

But do keep in mind that most "backup" solutions states that they are not responsible for any loss of data. So make sure to have a local version of your data as well :)

 

Also relevant read: http://kotaku.com/5850245/burglary-delivers-huge-setback-to-indie-game-project-zomboid I love this game, but this was SO preventable!

0

Share this post


Link to post
Share on other sites


I'm sorry but 7 absolutely DOES count (assuming it is service packed).

My point was that is a big assumption. Many of the Windows 7 boxes floating around out there seem to be in some sort of limbo with respect to patches, and if you aren't the kind of person who applies regular OS upgrades, forgive me for doubting you are the kind of person to apply regular security patches.

0

Share this post


Link to post
Share on other sites

Sorry for your loss! sad.png

 

I also have a NAS, and also back up my project via BitBucket.

 

Unfortunately, I think Cryptoware writes to networked drives as well, so a NAS in that circumstance wouldn't help much. The virus doesn't need to be able to infect the linux NAS machine, it just uses NFS to overwrite the files. The fact that the NAS is mirrored in RAID 1 wouldn't help - the overwritten files would also get mirrored. The fact that the backup software I use is incremental and keeps multiple versions going back for several weeks wouldn't help - the old backups are also just files that would get overwritten by the virus.

 

A harddrive that is unplugged from the computer, and only plugged in when making the occasional backup, or online backup services that keep previous backups, would offer protection from this type of attack. But the harddrive can fail (or you can forget to regularily backup), and the online backup service can have problems or make mistakes. A multi-pronged approach is necessary.

 

Completely file protection seems to be an illusion, and one I was worrying about a few months ago. The question for me was, what precautions can I take, within my budget, that provides reasonable protection, and gives me enough peace of mind.

 

Online backup costs $80-$120 a year. I tried [Mozy] and [CrashPlan]. While liking CrashPlan slightly better, I ended up cancelling that subscription too. Partly because I'm often in rural areas (moving back and forth between Kansas City and rural Missouri for many months out of the year) and my internet UP speed is very poor, but also because neither service really gave me peace of mind because I had no real guarantees or confirmation that my backed up files would actually be retrievable in the event of a disaster.

 

My NAS cost me <$300  ($150 for the box, $120 for x2 1TB WD Red Drives)  (and will probably last me 5+ years). But it's vulnerable to other kinds of disasters, like the virus you got and house fires or direct lightning strikes overpowering the power lines despite the surge protectors (surge protectors protect from surges, not close lightning strikes).

 

For security, which is still susceptible to human error by clicking on the wrong link, I use SpyBot Search and Destroy (free) and Microsoft Security Essentials (free), and use Google Chrome (free) instead of the default Internet Explorer.

Edited by Servant of the Lord
0

Share this post


Link to post
Share on other sites

Sorry for your loss! sad.png

 

I also have a NAS, and also back up my project via BitBucket.

 

Unfortunately, I think Cryptoware writes to networked drives as well, so a NAS in that circumstance wouldn't help much. The virus doesn't need to be able to infect the linux NAS machine, it just uses NFS to overwrite the files. The fact that the NAS is mirrored in RAID 1 wouldn't help - the overwritten files would also get mirrored. The fact that the backup software I use is incremental and keeps multiple versions going back for several weeks wouldn't help - the old backups are also just files that would get overwritten by the virus.

 

A harddrive that is unplugged from the computer, and only plugged in when making the occasional backup, or online backup services that keep previous backups, would offer protection from this type of attack.

 

Actually, a ZFS-based NAS *could* protect against such a virus.  ZFS snapshots are a filesystem feature, not files--you can delete every file and folder on the filesystem but the snapshots are still there.  The snapshots are basically read-only from Windows.

0

Share this post


Link to post
Share on other sites

Actually, a ZFS-based NAS *could* protect against such a virus.  ZFS snapshots are a filesystem feature, not files--you can delete every file and folder on the filesystem but the snapshots are still there.  The snapshots are basically read-only from Windows.

 

Interesting, I didn't know that was available as a feature. I'll have to check if my NAS has that currently enabled, though I don't recall seeing that as an option. Currently my incremental backups were done by software from Windows (I use Cobian Backup for that), which saves the incremental changes as files and would be affected by that type of virus. As far as those backed up files go, I definitely can write, read, and delete them from Windows as a networked drive - whether or not the NFS filesystem duplicates are being created that are inaccessible or read-only to Windows, I'm not sure.

 

Thanks for the heads up, I'll need to check that out!

Edited by Servant of the Lord
0

Share this post


Link to post
Share on other sites
I use a Linux based distro for my work (mainly because I can't work without a terminal+vim). It's based on C++ and SDL so it's very easy to compile/port it on Windows. For backup (besides using git and having it on an external server which is sourceforge in this case) I made myself a little shellscript with rdiff-backup where I simply have to plug in my backup-hdd, run this script and the "incremental" backup is automatically done.

So if you're seriously concerned about security and your project allows it then using Linux/OSX (slightly less because closed source but still...) for your work might be a reasonable option.
0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0