Wolfram|Alpha: Systematic knowledge, immediately computable.

Wednesday, April 28, 2010

Swimming in the Septic Tank with my Gaming Buddies.

C'mon in, water's warm! And there's flotation devices all over the place!

Seriously, you wouldn't go swimming at your local water treatment facility, so why on earth would a serious gamer try to run their games in an environment that is even more unhygienic?

I helped a few posters recently with a puzzling 'lag' issue. They would enter the game, but each spawn was met with a many seconds delay, and in some cases, the same puzzling delay would happen when accessing the game menus.

Turned out to be their anti-virus software getting in the way, and either disabling it, or adding all the game directories to the exceptions list, fixed the issue. I see this all the time, where some software turd causes a problem with a game, slowing things down or otherwise interfering with the game. Anti-virus, anti-malware, peer-protection, printer drivers, iTunes, Quicktime, peripheral drivers, etc., the list of cesspool floaters is endless.

Which got me thinking about something I ponder about periodically: Why on earth would a serious gamer have anything but the leanest, meanest OS environment for playing their games? What on earth is the reason to have an anti-virus running with a game that is from a trusted source (if you're stealing games, that's another story)?

I myself have always had separate Windows installations, one hardened for day-to-day activity and any uncontrolled network access, the others having only the drivers and software needed to play my games. Gives me the protection I want for regular activities and maximum performance, minimum hassle for gaming.

Many use things like Hardware Profiles (unfortunately deprecated in Vista and beyond) to 'minimize' unnecessary system load, but that can be cumbersome. Others use snake oil programs that purport to improve game performance by shutting down system processes and optimizing memory. I'll not argue the myth of messing with MS system processes, and what effect (none) it has on game performance. This is just another messy and questionable 'tweak'.

It is trivially simple to start with a clean Windows install and clone it to a separate partition to provide a multi-boot environment where one copy is hardened, the other is for gaming. The web is full of helpful tutorials that can guide even the most novice of users through the process. Users with the Enterprise and Ultimate versions of Windows 7 that allow native booting from VHD, can get equivalent functionality without the need to partition the hard disk at all.

That is the environment I use: Multiple VHD, each with exactly the environment needed for the games they contain, tuned and optimized (some games 'prefer' certain drivers, etc.), and only running things absolutely needed for those games. No A/V, no firewall, no junkware. Nothing that could affect the performance or otherwise interfere with my games. Another VHD contains a fully hardened Windows installation, with a combination of anti-malware/firewall/security that ensures safe passage when navigating the sewer we call the Internet.

A side benefit is that by using Differencing VHDs, all of this is done with very minimal space requirements: I don't have to duplicate the space required for each Windows installation, saving hundreds of gigabytes of storage. With Windows 7 Ultimate/Enterprise, I can boot 'natively' (that is, to the bare metal: a normal boot running at the full speed and capabilities of the hardware) or boot using a virtual machine to any of these VHD installations.

I can even 'boot' into the hardened environment using a virtual machine while already booted into one of my gaming environments should I need to download or otherwise access the web, without needing to reboot the machine. I can grab something from the Internet, have it completely scanned in the virtual environment, then drag-and-drop it into my gaming environment.

Maximal security combined with maximal speed. Another benefit to the use of a virtual machine in this case is the ability to snapshot the virtual hardened Windows, so if I do get exposed to some nasties, I can rollback time with the click of the mouse. Cool! Should some really extreme corner case of attack or malware successfully corrupt or infect one of my 'game' environments, it stays isolated to that environment, and I can restore it from backup ludicrously quickly (another Differencing VHD benefit).

I go ahead and run everything in the 'game' environments under a 'real' administrative account, since even in 2010, there are developers that seem to still be incapable of writing a properly behaving userspace/usermode game (see Pings? We Don't Need No Stinking Pings! for an example.)

If you're interested in trying out this kind of setup, there is one caveat: You must be disciplined. No network activity in the naked 'game' environments other than the game and game related functions. No installing or running anything not from trusted sources. Use the hardened environment, either natively or in a virtual machine for everything else. Otherwise, you're swimming in the septic tank. Surrounded by hepatitis infected needles. Naked. Do note, if you choose to run 'naked' like this, you'll still want some kind of isolation from the baddies on the WAN. If directly connected to the WAN (i.e., your PC IP is public), running the windows firewall should be part of the setup - even with hygienic use of the naked setup, this will minimize external attacks. Even better (since the windows firewall can be problematic with some games), keep it off, and use a proper router with NAT (and its own firewall enabled if you wish). NAT done correctly will keep the outside world at bay, and can be easily configured if needed (seldom) for specific games. Router firewalls can be more robust than the built-in windows system, and reduce load on the CPU for firewall tasks. The overhead of going through a router, firewall enabled or not, is negligible, and the protection provided warrants their use, in my opinion, even if your PC is the only device on your LAN.

The benefits of this kind of setup seem so overwhelming to me (absolute security combined with the leanest, meanest yet perfectly 'tuned for games' environment, with a significant reduction in the inevitable conflicts between different installed software that can be arduous to troubleshoot), I can't imagine why every serious gamer wouldn't want the same. No firewall, no A/V, no anything to get in the way of the game. It's better than running on a nude beach while sipping a Cialis spiked cocktail! Minimal encumbrance, maximum performance! Try it, you'll never look back.


  1. LOL! You are one of the funniest bloggers I've ever read. You should write for tech magazines. I check the blog a couple of times a week. Funny and VERY informative, thanks for the blog.

  2. I remember a post back in the BF2 days about this kind of thing, by you. Did it, love it.
    Great blog - it's like an IQ test.

    WillWorkForAmmo (BF2)