Ren'Py Is Renpy loader help with security ? [ANSWERED]

[Osider]

Hello,
Actually as a security researcher i know pretty well the risk of launching a script not checked before.
My question is pretty simple, is launching all game through the official launcher who can be found

You must be registered to see the links

mitigate the risk of these bad script ?

I ask because if not the VM or (Windows sandbox if i found a way to passthrough the Graphic card directly (to much lag if not), because a script is something that can easily steal silently credential or connexion data.

I ask without really knowing how work exactly renpy, i try to reduce the risque of malware infection to maximum.

Thanks

EDIT :
Solution read all the post for more info :

1. Best protection : VM
2. If you can't (or don't want) to run a VM : Sandboxie+ (correctly configured) can do the trick.

Thanks all for the answer.

 

[Sphere42]

RenPy can run standard python code with whatever permissions the executable is given. I haven't exactly tried but that probably includes third-party libraries (if you distribute them with your game) and whatever the regular modules can do.

Since all of this is defined in the user-provided script source code I sincerely doubt running the game through the launcher will help at all unless it has built-in restrictions. Which I doubt because implementing and testing those would be a huge amount of work which doesn't benefit the core audience of normie VN readers.

 

[anne O'nymous]

Actually as a security researcher i know pretty well the risk of launching a script not checked before.

I'm confused. I learned what to answer to your message in the first months of my formation as computer security admin. I would have assumed that someone working on the field at an higher level would know this even better than me.

Now, to answer the point you address in this part, the risk is higher when you launch compiled code, than when you launch a script. This precisely because the script can be easily checked and, since it depend of instructions that stand on an higher level, you don't really need an effective knowledge of the used language to note if it include some suspicious code.

My question is pretty simple, is launching all game through the official launcher who can be found

You must be registered to see the links

mitigate the risk of these bad script ?

Ren'py do it in the exact same way that Unity and Unreal, among the many engines (game dedicated or not) relying on compiled code, do it: It's not the role of the engine to secure your computer.

Anyway, trying to do it would be a lost cause, whatever the engine, since it's not possible to force the devs who will use it to pass through the secured instructions. Even if you edit the compiler/interpreter, for it to reject the instructions seen as sensible, or if you rewrite it, for it to compile/interpret the said instructions in a secured way, it wouldn't solve the issue. For a compiled language, it would just need the use of an external library, compiled without those restrictions, to bypass the security measures. As for an interpreted language, it would still be possible to dynamically extend the interpreter, and either restore the instructions, or add a non secured version for the ones that were rewrote.
The last limitation also imply that even an engine wrote with a compiled language, and that rely on its own homemade script language (Gamebryo by example) wouldn't be more safe. This simply because, here again, the instructions set can be extended to include instructions that would be totally, and voluntarily, unsafe.

But, once again, the risk is (relatively speaking) lower with Ren'py, since the source code of the game is available or, at worse, retrievable. Therefore, as I say above, anyone can look at it, and it's not this difficult for someone with at least some base in terms of computer security, to see is there's some suspicious code.

I ask because if not the VM or (Windows sandbox if i found a way to passthrough the Graphic card directly (to much lag if not), because a script is something that can easily steal silently credential or connexion data.

As easily than a software made with a compiled language. Therefore, like for any other software, all will depend of the permission it get or can gain.

I ask without really knowing how work exactly renpy,

It's an open source engine and, in addition to be available in github, the code of the core is distributed with both the SDK and any game made with it.

i try to reduce the risque of malware infection to maximum.

There's only one way to achieve this: Write your own software, never use data coming from a third party source, and never connect your computer to a network, whatever it can be.

Any other thing that you can do will not lower the risk, just the consequences.

 

[AgentWhackjob]

Create a VM running hardened linux OS with networking. This VM is used to download the software, virus/malware scan as you see fit.. and then re-package the software into an ISO. Transfer ISO to VM host.

On another hardened VM that runs the OS necessary for the software, snapshot the VM and then attach the ISO and run the software.

Bear in mind that you will have to properly harden each, as a security researcher you should know what that means.

(ISC)2 member.

 

[Osider]

Create a VM running hardened linux OS with networking. This VM is used to download the software, virus/malware scan as you see fit.. and then re-package the software into an ISO. Transfer ISO to VM host.

On another hardened VM that runs the OS necessary for the software, snapshot the VM and then attach the ISO and run the software.

Bear in mind that you will have to properly harden each, as a security researcher you should know what that means.

(ISC)2 member.

Yes i had hoped that the launcher prevent not internal script (like an import os call in python) it’s why i had asked because running and maintaining a VM is (sur very sur if the malware is not have VM evading vulnerability built in) but maintains VM can be annoying on a personal computer.

nor much choice it seems

I'm confused. I learned what to answer to your message in the first months of my formation as computer security admin. I would have assumed that someone working on the field at an higher level would know this even better than me.

Now, to answer the point you address in this part, the risk is higher when you launch compiled code, than when you launch a script. This precisely because the script can be easily checked and, since it depend of instructions that stand on an higher level, you don't really need an effective knowledge of the used language to note if it include some suspicious code.




Ren'py do it in the exact same way that Unity and Unreal, among the many engines (game dedicated or not) relying on compiled code, do it: It's not the role of the engine to secure your computer.

Anyway, trying to do it would be a lost cause, whatever the engine, since it's not possible to force the devs who will use it to pass through the secured instructions. Even if you edit the compiler/interpreter, for it to reject the instructions seen as sensible, or if you rewrite it, for it to compile/interpret the said instructions in a secured way, it wouldn't solve the issue. For a compiled language, it would just need the use of an external library, compiled without those restrictions, to bypass the security measures. As for an interpreted language, it would still be possible to dynamically extend the interpreter, and either restore the instructions, or add a non secured version for the ones that were rewrote.
The last limitation also imply that even an engine wrote with a compiled language, and that rely on its own homemade script language (Gamebryo by example) wouldn't be more safe. This simply because, here again, the instructions set can be extended to include instructions that would be totally, and voluntarily, unsafe.

But, once again, the risk is (relatively speaking) lower with Ren'py, since the source code of the game is available or, at worse, retrievable. Therefore, as I say above, anyone can look at it, and it's not this difficult for someone with at least some base in terms of computer security, to see is there's some suspicious code.




As easily than a software made with a compiled language. Therefore, like for any other software, all will depend of the permission it get or can gain.




It's an open source engine and, in addition to be available in github, the code of the core is distributed with both the SDK and any game made with it.




There's only one way to achieve this: Write your own software, never use data coming from a third party source, and never connect your computer to a network, whatever it can be.

Any other thing that you can do will not lower the risk, just the consequences.

Responded VM hoped their launcher prevented these external script to run.

 

[AgentWhackjob]

I'm certain that Ren'Py doesn't have the money to spend much time on security. Even if they did more than just a nod to security, it wouldn't be enough (see Solarwinds for a great example).

There is no such thing as a free lunch, if you want proper protection against malware you will have to put in the effort and do it yourself.. that includes maintaining and updating whatever mitigations/controls you implement.

 

[anne O'nymous]

Yes i had hoped that the launcher prevent not internal script (like an import os call in python)

And why should it do this ? Not only it would be limiting the capabilities of the engine, but it would also prevent the engine to works, since itself need those modules.
But anyway, like I said, even if it was doing it, and wasn't wrote in Python but in a compiled language, that wouldn't prevent someone to still import the module if he really wanted to.

 

[Osider]

And why should it do this ? Not only it would be limiting the capabilities of the engine, but it would also prevent the engine to works, since itself need those modules.
But anyway, like I said, even if it was doing it, and wasn't wrote in Python but in a compiled language, that wouldn't prevent someone to still import the module if he really wanted to.

Innocent Hope actually i'm a mac / linux user (for important stuff), and here i play on windows (try to isolate them from steam account and load of python script who steal id of discord).

And i'm not really fan of Level 2 (OS) VM in Windows like VMWARE or VirtualBOX (i use to KVM with QEMU for hight perf VM on linux), i have read today about sandboxie+ (opensourced one), anyone have any feedback on this sandbox for isolate these game ?

Have tried Windows Sanbox but it's horrible in GPU performance (animation stutter heavily even with VGPU enabled).

Note : i know vm is the best but on windows the perfs of VM (even with a Ryzen 7 2700X + 32GB (16 only for the VM), and a GTX 2060 super) do not have the best performance (virtual box do not know (even with guest)) the perfs are average.

And free VMWARE don't let the same settings to harden the VM (but have some resolution issue).

 

[anne O'nymous]

Innocent Hope actually i'm a mac / linux user (for important stuff), and here i play on windows (try to isolate them from steam account and load of python script who steal id of discord).

Well, why not playing Ren'py games on Linux ? You would already reduce the risk. Dedicate a user for them if really you want.

i have read today about sandboxie+ (opensourced one), anyone have any feedback on this sandbox for isolate these game ?

Sandboxie is a good tool ; even payed for the lifetime registration fees when it was still under Ronen Tzur control. There have been some issues during the period where it was owned by Sophos, but it was mostly due to the fact that they didn't had an iinterest in the addition of a general public sandbox to their catalog ; the software came when they acquired Invincea, but it's not what interested them. Anyway they weren't security issues, it was more a question of stability with software that rely on volatile multi-process, like modern browsers by example, and almost all have been fixed since the project became Open Source.

It obviously don't provide the same level of isolation, and therefore security, than a VM, but in the same time it's enough in regard of the benefit/risk ratio represented by the use of a Ren'py Game. As I said, you take more risk by playing a game made with Unity or Unreal, than by playing one made with Ren'Py. And this not only because the source of the game are available, but also because a compiled language permit way more things than a script language.
The first one let you the possibility to add a way to attach part of your code to another application (typically a browser), and therefore trick your IP filter. This will it's not possible with an interpreted language, unless you develop, with a compiled language, the module for that ; and if you know both how to attach your code to another process, and to effectively build a compiled module for Python, you don't waste your time with an engine where your attempt can be found because there's something really tricky in the script code.
I run all my browsers on it since near to 10 years, and never had a problem, even with the web malwares that lock your system ; and I encountered some. At worse you have to kill the process from the GUI, but most of the time you don't even lost the control of the browser, so you can just close it.

As for the performances, time to time I play oldies (90's/00's games) on sandboxie when the source isn't really reliable. There's sometimes an issue with the graphics (wrong color palette or lower resolution), but never on the speed. Since Ren'py ask less to the GPU and, above all, isn't so deeply linked to it than a "regular" game can be, this shouldn't be a problem. As for the speed, anyway Ren'py don't goes further than 20Hz, therefore even if it was effectively an issue with Sandboxie, it wouldn't have an impact.

Have tried Windows Sanbox but it's horrible in GPU performance (animation stutter heavily even with VGPU enabled).

Well, just tried a movie with VLC through sandboxie, and it was as smooth as if VLC wasn't sandboxed.

 

[Osider]

Well, why not playing Ren'py games on Linux ? You would already reduce the risk. Dedicate a user for them if really you want.




Sandboxie is a good tool ; even payed for the lifetime registration fees when it was still under Ronen Tzur control. There have been some issues during the period where it was owned by Sophos, but it was mostly due to the fact that they didn't had an iinterest in the addition of a general public sandbox to their catalog ; the software came when they acquired Invincea, but it's not what interested them. Anyway they weren't security issues, it was more a question of stability with software that rely on volatile multi-process, like modern browsers by example, and almost all have been fixed since the project became Open Source.

It obviously don't provide the same level of isolation, and therefore security, than a VM, but in the same time it's enough in regard of the benefit/risk ratio represented by the use of a Ren'py Game. As I said, you take more risk by playing a game made with Unity or Unreal, than by playing one made with Ren'Py. And this not only because the source of the game are available, but also because a compiled language permit way more things than a script language.
The first one let you the possibility to add a way to attach part of your code to another application (typically a browser), and therefore trick your IP filter. This will it's not possible with an interpreted language, unless you develop, with a compiled language, the module for that ; and if you know both how to attach your code to another process, and to effectively build a compiled module for Python, you don't waste your time with an engine where your attempt can be found because there's something really tricky in the script code.
I run all my browsers on it since near to 10 years, and never had a problem, even with the web malwares that lock your system ; and I encountered some. At worse you have to kill the process from the GUI, but most of the time you don't even lost the control of the browser, so you can just close it.

As for the performances, time to time I play oldies (90's/00's games) on sandboxie when the source isn't really reliable. There's sometimes an issue with the graphics (wrong color palette or lower resolution), but never on the speed. Since Ren'py ask less to the GPU and, above all, isn't so deeply linked to it than a "regular" game can be, this shouldn't be a problem. As for the speed, anyway Ren'py don't goes further than 20Hz, therefore even if it was effectively an issue with Sandboxie, it wouldn't have an impact.



Well, just tried a movie with VLC through sandboxie, and it was as smooth as if VLC wasn't sandboxed.

I don't use linux because my linux computer have a very powerful cpu, but a very weak GPU, and i prefer separate, MAC for bank and very important stuff, my pc with linux for personal dev and other things, and my windows computer for game).

Like that even if the security fail (or an advanced malware who have sandbox evasion feature) and all the computer is compromised it only harm the "Game" PC, my bank facture, etc and my dev/linux stuff are safe since physically on another computer (who don't even share the same network (ISOLATED VLAN)).

So thanks for the feedback i will use it (only add a restriction on the data folder of my browser (just to be sure), and do the same (move the browser on it), sandboxie don't seem to slow down my computer.

 

[moskyx]

Please don't get me wrong, but for a non-initiated sometimes is hard to tell apart a security expert from a paranoid. All I know is that the very few Ren'Py games that had some shaddy scripts on them (mostly to track users' playtime and choices or allow automatic updates, according to devs) are quickly flagged and frowned upon by the community. A quick look at the game's thread should suffice to know if the game could mean some potential threat to your privacy/security. And of course, with the game being made on Ren'Py and you being a security expert, I'm sure you can easily check the scripts for any odd-looking piece of code after downloading the game and before running it

 

[shark_inna_hat]

I don't get it where this notion of python being more or less secure than a compiled language is coming from. Both can read and write to disk, connect to the internet, manipulate processes and memory. If there's some malicious python code it's probably very obfuscated so good luck figuring out what code like this is actually doing if you're not at least proficient at python:

a, b, c, d, e, f, g = 3**4^5*13,  b'', bytes, enumerate, hex, int, exec
for l in payload.splitlines():
    k=k[1:]+k[0]
    n=f(k.encode().hex(), a)
    h=e(f(str(l), a)//n)[2:]
    b+= c([q^r for q,r in d(c([f(j, a) for j in [h[i*2:i*2+2] for i,_ in d(h[::2])]]))])+b'\n'
g(b)

 

[anne O'nymous]

If there's some malicious python code it's probably very obfuscated so good luck figuring out what code like this is actually doing if you're not at least proficient at python:

Firstly, you don't need to be proficient at Python to understand that there's something shady behind this code, nor to know that it try to execute something with a direct call to the system.
Secondly it's not obfuscated since you just need to replace the g(b) by print( b ) to know precisely what this code try to execute. It's a myth to think that you can obfuscate script code, you can just delay by one or two minutes the time needed to exactly know what you are trying to do.

Anyone with even just basic notion of coding can see that there's something fishy. And it don't need really more to figure the second point. Perhaps that they'll not understand exactly what the line they got do, but as moskyx implied they'll just ask and someone will know the answer. All is need here is a text editor and a brain ; possibly also unren, it depend.

This being opposed to compiled code, that will, at best and if you've the tools for that, looks like a bunch of ASM instructions.
Half points for Unity that can have the code of the game effectively decompiled, but can still rely on external libraries.



By the way, if you really want to "obfuscate" your code, you should rely on PyRun_SimpleString instead of explicitly assigning exec to a variable. What anyway wouldn't works so far ; Ren'Py still rely on Python 2.x, where exec is an instruction, and therefore can't be assigned since it don't have a value.
But, as I said above, this would just make your code even more suspicious.

 

[shark_inna_hat]

You can hide 'exec' quite deep, as deep as you want really

vars(__builtins__)[bytes((101, 120, 101, 99)).decode()]

You can hide code in plain view, sneaking in one line at a time in various legit functions, and while you could check every line in every source code file - I simply don't believe anyone would actually do it.
You can replace a standard library module with one of your own, you can replace the interpreter with your own, after all you're not running your own interpreter but the embedded one that comes with the game.

I know quite a lot about python and I'm not a very smart person, but I am smart enough to know I won't be able to tell if a program running embedded python is safe just by looking at the python source files.

I mean look at this (pun not intended)

s = """Gur Mra bs Clguba, ol Gvz Crgref

Ornhgvshy vf orggre guna htyl.
Rkcyvpvg vf orggre guna vzcyvpvg.
Fvzcyr vf orggre guna pbzcyrk.
Pbzcyrk vf orggre guna pbzcyvpngrq.
Syng vf orggre guna arfgrq.
Fcnefr vf orggre guna qrafr.
Ernqnovyvgl pbhagf.
Fcrpvny pnfrf nera'g fcrpvny rabhtu gb oernx gur ehyrf.
Nygubhtu cenpgvpnyvgl orngf chevgl.
Reebef fubhyq arire cnff fvyragyl.
Hayrff rkcyvpvgyl fvyraprq.
Va gur snpr bs nzovthvgl, ershfr gur grzcgngvba gb thrff.
Gurer fubhyq or bar-- naq cersrenoyl bayl bar --boivbhf jnl gb qb vg.
Nygubhtu gung jnl znl abg or boivbhf ng svefg hayrff lbh'er Qhgpu.
Abj vf orggre guna arire.
Nygubhtu arire vf bsgra orggre guna *evtug* abj.
Vs gur vzcyrzragngvba vf uneq gb rkcynva, vg'f n onq vqrn.
Vs gur vzcyrzragngvba vf rnfl gb rkcynva, vg znl or n tbbq vqrn.
Anzrfcnprf ner bar ubaxvat terng vqrn -- yrg'f qb zber bs gubfr!"""

d = {}
for c in (65, 97):
    for i in range(26):
        d[chr(i+c)] = chr((i+13) % 26 + c)

print "".join([d.get(c, c) for c in s])

Looks sus? Yes
Is malicious? No
Part of python? Yes

I can agree that it might be easier to find malicious code in an open source or source available program, but until someone actually checks each and every line I would consider a c/c++ program as safe as a python program. And someone needs to check the person doing the check and the person checking the person... and, well it's turtles all the way down.

Just to be clear - I play lots of games posted here and I don't worry much, but like I said - I'm not very smart.

 

[anne O'nymous]

You can hide 'exec' quite deep, as deep as you want really

vars(__builtins__)[bytes((101, 120, 101, 99)).decode()]

As I said, so far Ren'py rely on Python 2.x where exec is an instruction, not a built-in function. Therefore, this will not works until Ren'Py hit the version 8.x
Plus this way is still totally obvious. If you're trying to access a built-in function, you've no reason to do it through __builtins__. Coupled to the fact that the name of the index you try to access is obfuscated, this is a big warning and would immediately lead to a close investigation of the code.

I know quite a lot about python and I'm not a very smart person, but I am smart enough to know I won't be able to tell if a program running embedded python is safe just by looking at the python source files.

Well, I past near to 20 years doing this, half of it professionally, and I can assure you that, it's not too difficult to know when there's something suspicious in a Python script. And once you've found it, it's just a matter of minutes before you know if it's malicious or not.

But, apparently, you don't understand the problem ; what isn't a criticism. You're saying that you wouldn't be able to tell if the code is safe, but it's not what people are searching. You aren't checking in the code is secured, but if it is malicious. This mean that you don't need to looks at all the lines, nor to understand what the code do.
If you want, put the problem outside of its context. Take a lake of small size by example. If you look at it, you'll not be able to tell how many boats are sailing on it. But if there's a car or a plane, you'll not miss it.
The principle is exactly the same. What you're looking for in the code is everything that stand out. And the more you know the language, the easier it is ; especially with a language as rigid than Python.

I mean look at this (pun not intended)

s = """Gur Mra bs Clguba, ol Gvz Crgref

First warning: Four consecutive consonants ; and too often in the whole text in regard of the number of words.
Second warning: This clearly isn't a human language.

        d[chr(i+c)] = chr((i+13) % 26 + c)

Third warning: Obvious obfuscation attempt.

print "".join([d.get(c, c) for c in s])

Fourth warning: Another obvious obfuscation attempt.
Fifth warning [that come once you trace back d: It's an obfuscation of an obfuscation.
And what you'll use in place of print would probably be the sixth warning.

Even if you split this and put it here and there, inside legit functions by example, like you said yourself, it would change nothing. Those lines stand out, they deserve that you pass some times looking more closely ; firstly at the function where they are, secondly at the whole code if it didn't lowered your attention.

Side note: Python being ZEN is the reason why it's easier to spot the issues than with more TAO languages, like Perl by example.

And someone needs to check the person doing the check and the person checking the person... and, well it's turtles all the way down.

Do you trust the Open Source software you use ? Do you think that there's a guy that check the code, one that check this guy, and so on ? Of course not, yet I'm sure that you believe that the code is secured enough to be used.
And it's the same here. There's in the community peoples who know what they do, and who will see it if something is odd. There's no need to check those guys, because there isn't "a guy". It's someone, rarely the same, who caught is the first to caught the issue ; and once it caught it, the others just don't check. This while, if there's nothing to caught, then a thousand of people would have checked the code, just to see that there's nothing.

Take the guys who try to be smart and alter the way RPYC/RPA files are generated, to prevent their reversion. Not only it don't prevent the reversion, but so far all of them have been caught less than 10 hours after the release of the game/update. It's obviously easier, since you don't need knowledge to catch them, but the principle is the same: Just trust the community.

 

[shark_inna_hat]

I trust open source software as much as I trust google, microsoft and apple (not very much). In projects on github 17% of vulnerabilities are explicitly malicious and vulnerabilities go undetected for 4 years before being identified (source:

You must be registered to see the links

).

The code I posted is from the zen of python (import this), it is legitimate, harmless code - an Easter egg for sure, but nothing more, it's in every official python distribution

You must be registered to see the links

Saying that something is safe and secure because someone somewhere might have had a look at the code and didn't find anything sus is like saying noone will ever be hit by a car because cars have breaks.

Anyways, I don't want to be That Guy who starts a flame war. With a bit of luck I'll post a open sourced game of mine here in a week or so, and you check if you can find all the malware I put in it (spoiler: it runs in the browser, so it can't do anything harmful).

 

[anne O'nymous]

In projects on github 17% of vulnerabilities are explicitly malicious and vulnerabilities go undetected for 4 years before being identified (source:

You must be registered to see the links

).

What else do you expect from a repository opened to everyone ? As they say in the report (available from the same link), "In addition, many teams may lack the expertise—or simply the time—to find vulnerabilities in their code, focusing on developing core functionality instead."

It's a shame, but computer security have never been an effective part of teaching. Either you're taught how to code, or you're taught how to secure, but rarely both. In the US, only 20% of the new developers have had some teaching regarding secure coding ; don't remember well the report, but from memory less that 7% had an effective teaching, the other 13% have had some lecturing saying that they should be careful to "this and that". It's more than it was by the past, but with 35% of the entities (societies/organizations/whatever) that don't care to ensure that all their coders have been at least trained once in secure coding, it's just a first step ; when you know that the survey include cybersec entities, imagine how high would be the percent if you removed them. [source:

You must be registered to see the links

,

You must be registered to see the links

,

You must be registered to see the links

- three views of the same report, to my knowledge not available for free]
In those condition, what do you expect from projects on GitHub ? More than half of them are conducted by peoples who don't have a coder formation, and therefore even less a secure coding one.
What is more significant is to looks at more professional projects ; whatever Apache, Linux, FreeBSD, Firefox, and so on. Where most of the coders know at least the base regarding secure coding, mostly because they had their fingers hit by the seniors who had to commit some code after them. With those projects, the average delay between the discovery of a vulnerability is around 6 months.

As for the 17% of voluntary malicious code, once again what did you expected from GitHub ? It's not different from the early 00's, where largely the same percent of freeware where hiding malicious code. Some guys found an opportunity and used it, really nothing surprising.

Be noted that I have nothing against GitHub, that is a good and helpful initiative. But people should stop to look at it as if it was a gift from gods ; breaking news, it isn't. It's nothing more than a trade fair where anyone can goes and sell you their products. You'll see serious guys that are legit, amateurs that are trying, amateurs that don't care, and scammers that want to benefit from your naivety.
It's your responsibility to be cautious. The world isn't full of carebears, there's also angry grizzlies out there ; and GitHub isn't an exception.

Saying that something is safe and secure because someone somewhere might have had a look at the code and didn't find anything sus is like saying noone will ever be hit by a car because cars have breaks.

Good thing then, that I said the exact opposite.

(spoiler: it runs in the browser, so it can't do anything harmful).

Funny how you are near to be paranoid when it come to Python, and decide to totally ignore the tons of security issues (sandbox escape, rights escalation, and all) that come with web browsers.
Since a browser have a legit access through your IP filter, one should be even more cautious when playing such game. You've no guardrail, if the game steal information, nothing will stop it, unlike with a Ren'Py/RPG Maker game, where the player don't have a reason to pass through the said IP filter, and so would be stopped before the information are leaked.

 

[cooperdk]

Forget Ren'Py and use something else, devs.
A pretty piece of shit is still a piece of shit (written by a former renpy user in 2012). And it usually isn't even pretty.

 

[anne O'nymous]

A pretty piece of shit is still a piece of shit (written by a former renpy user in 2012).

So, someone using the version 6.14 at most, near to ten years ago. What mean prior to movies, layered images, shaders, integration of the Live2D API, model based rendering (still limited since it's still a months old addition), among many other things. And, obviously, it's not because you don't know how to use it, that it's shit.

And it usually isn't even pretty.

As for this, it totally depend of who use it.