Cybersecurity Project: Virtual Machines Aren't Always The Solution

Updated on
Photo by Rivage on Unsplash

Progress on this project has been slower than I'd like, mostly because of delays in obtaining latest gen hardware to make this project more likely to succeed.

However, the delays were worth the trouble, because I'm going to be executing the practical elements of this project on the following system:

  • Ryzen 7 7800X3D
  • Radeon RX 7900 XTX
  • PCI-E 5.0x2 NVMe SSD
  • 32GB DDR5 RAM

This might seem excessive, given the following requirements for running Unreal Engine 4:

  • Operating System: Windows 10 64-bit
  • Processor: Quad-core Intel or AMD, 2.5 GHz or faster
  • Memory: 8 GB RAM
  • Video Card/DirectX Version: DirectX 11 or DirectX 12 compatible graphics card

It should be easy to run a virtual machine in Virtual Box that meets all these requirements, right?

Problem 1: Windows Virtual Machine Setup

The first step, after installing Virtual Box, was creating the Windows VM to host Unreal Engine 4.27. This was not as easy it should've been.

My initial approach was to install the latest version of Windows 11, which I had installed as the operating system of this new PC, using a tool called Ventoy. Ventoy allows you to host multiple ISOs on a single flash drive for the purpose of installing an operating system.

The normal Windows 11 install process involves either creating or signing into a Microsoft account, which is fine for a personal rig, but is not great for a VM that might be leaking data. Since the whole point of the project is seeing what data Epic Games Store might be leaking without compromising security and privacy, this was a no-go.

The result was that I had to use a custom Windows 10 ISO from ReviOS/RevisionOS, which is a gaming/stability focused version of Windows 10. It focuses on debloating Windows and changing settings to prevent unwanted Windows configuration changes caused by updates, which is a frequent problem. In fact, I use ReviOS's Windows 11 distribution on my primary laptop.

However, this ISO was from late last year, because ReviOS switched to a new distribution method that didn't require the creation of an ISO. So it lacked numerous security patches... which meant the VM was a vulnerability. But given all the protections I already have on my network and PC, this was acceptable.

One problem down, more to come.

Problem 2: VM IP Address Woes

The plan for the project was to isolate Epic Games Store onto a VM, put that VM on the same Device Isolation network an old PC I own, and remotely access the VM from that PC.

This fell apart for several reasons:

  • The TP-Link router software, which I have very little ability to configure, seems to detect devices based on MAC addresses.
  • Virtual Box and its documentation are very thorough, but aren't great for troubleshooting very specific problems.
  • Bing Copilot's response quality has been... inconsistent lately, so I couldn't rely on it to help me out of the problem.
  • Static assigned IP addresses don't work Device Isolation, because that's another process handled by the router software I have limited control over.

The best I could do is to place the entire PC on the isolated devices list while running the VM, which I was considering... up until I encountered the next, most showstopping problem.

Problem 3: Virtual Box Cannot Simulate DX11 GPUs

Virtual Box's virtual GPU is best described as "anemic", bordering on completely unusable for anything besides generating visual output.

Thankfully, I didn't need it to do anything more than that, but it was annoying not being able to harness more of the RX 7900 XTX's power.

However, after going through the trouble of installing Epic Games Store and Unreal Engine 4.27, I discovered a critical issue.

Unreal Engine 4.27 requires DirectX (DX) 11 to function, and Virtual Box can only do up to DX9.

This means that the VM is utterly useless, aside from capturing the traffic generated by Epic Games Store. Which I could do, but couldn't export from the VM due to some sort of Virtual Box issue I don't understand.

This would be the end of the road, right?

Project Pivot: Sandbox Epic Games Store

After realizing that about 5 hours of work was for nothing, I did other things instead.

Having cleared my head, I considered other options.

The first, most obvious option was a containerized deployment of EGS. However, while I could find information about containerized versions of Unreal Engine 4, I didn't find anything about EGS, which is the primary data privacy threat.

Then I thought about a sandbox, particularly a free open source solution. Was there a program that had a strong feature set in active development?

The answer is Sandboxie-Plus.

This will be the environment I will operate Epic Games Store out of, once I learn how to properly configure the sandbox to prevent any data harvesting of the host system.

Related posts