Company promises countermeasures against new DRM bypasses — zero-day game releases become norm as security concerns mount over hypervisor-based bypass
Good luck
Using the hypervisor bypass, even in its latest incarnation, requires users to disable:
- Virtualization-Based Security (VBS): a layer that separates the Windows operating system from the its security enforcement features that run at a higher privilege level.
- Credential Guard: a sub-feature of VBS that keeps login credentials in an container isolated from the rest of the operating system.
- Driver Signature Enforcement: verification that any drivers installed in the system must have a digital signature issued by Microsoft to an identifiable company or developer, in order to prevent installing random drivers at the system level.
- Core Isolation / Memory Integrity (HVCI): similar to the above, but prevents any kernel-level unsigned code entirely, as well as modifications to existing signed code so programs can’t attempt to mess with existing drivers.
- Installing a community-made hypervisor (HV) with Windows running on top of it. This HV fakes responses to the checks that Denuvo makes, and runs with higher permissions (ring level -1) than the operating system itself and has full, nearly untraceable access to hardware and software.
My gaming PC has no personally-identifiable information whatsoever and can be purged freely at a moment’s notice.
Checkmate.
It’s gonna be really funny if the meta becomes Windows users booting into Linux just to boot a Single-GPU passthru Windows VM to play triple A’s without getting pwned lol
I can’t help but wonder, shouldn’t this all be possible on Linux without needing to install a hacked hypervisor? At most you would need a kernel patch, but since Denuvo operates through Wine, maybe an entirely userland solution would be possible too.
Just curious, does the crack work on Linux? Presumably you wouldn’t have to do the same things, assuming it works at all.
There will inevitably be some YouTube video that explains how to do all of this, and it will be followed without question by thousands of 12 year olds who don’t understand the security implications. They just want to play the new shiny game, and their parents told them they’d only buy the game if they got all A’s on their report card. So now their computer is orders of magnitude less secure (and likely running some mining/botnet in the background) because they wanted the game for free. This is just going to be the current generation’s version of “accidentally nuked the family computer with LimeWire downloads.”
Thanks for reminding me about why I have been exclusively playing older games or games from my backlog. Seriously with the prices of video games it’s not worth it to buy them anymore let alone have the hardware to even play them. PC gaming sounds like a nightmare where you have to do all this crazy nonsense just to play some games at slightly better performance or if you are poor like me. I have long since stopped at pirating normal PC games though personally and have been pirating ROMs instead for emulators or buying from GOG. Much easier and you have like 4 decades worth of content just to play through. I say just let the modern gaming industry rot and toil. Play some Indie games instead like Deltarune or Silksong or I am your beast. Do anything but not support this dumb market of triple A games where they cost almost a hundred dollars now and require super computers hooked up to your actual computer to run.
First 4 are disabled on unsupported systems anyway (4 is also sometimes disabled to squeeze out gaming performance), but 5 is scary as hell.
Windows forcing users to have to pay extra for what should be default security features has always been an awful practice.
The only one of those that is locked behind a specific Windows edition is Credential Guard, which only works on Enterprise and Education because it has to do with auth tokens of the domain, not local windows login AFAIK
The rest are locked behind hardware features like TPM and UEFI settings like secure boot.
I hate Microslop as much as the next person, but they do actually try to push their security features on everyone because of the reputation they’ve had as the most insecure OS.
If Microsoft were honest they’d change the name from Windows to Backdoors.
No backdoors here!
But the windows are all wide open and on the ground floor.
If the Russian Mafia can do it, theoretically so can you.
I don’t see how this is much worse than running Denuvo malware to begin with. I treat my windows gaming partition as a disposable DMZ anyway.
This seems like a bad faith argument, the crack is basically installing a rootkit in your system. Its fair to assume a lot of casual users will be as ignorant as you are about the security issues and not re-enable the features.
If you truly can’t see why that might be worse then DRM installed in a game your a fool.
the crack is basically installing a rootkit
So is denuvo.
I trust the random cracker’s rootkit more than denuvo’s.
Potential evil is less risky than proven, official, completely intentional evil.
Still, I have no interest in playing games infected with this shit. Their developers have evidently no interest in making good or even playable games, or they wouldn’t infect them with this performance and usability killing malware, so to the blacklist they and their whole publisher go, cracked or not.
If it’s a question of installing a rootkit belonging to either the evil pirates who are closer to my kind of evil, or evil corporations who are literally destroying the internet, civilization, and the world in order to masturbate in their AI training gulags with my personal data? I’d choose to trust the pirates every time.
That said, if I have to install a rootkit from anyone to play a fucking game, I’m probably just not playing that fucking game.
That’s assuming they’re just pirates, not state actors or hackers taking advantage of it. Still though, Denuvo is possibly assisting state actors too, so 🤷. The ideal solutions is just don’t play games with Denuvo. It’s not that difficult.
Are you familiar with how denuvo works? It is also a literal root kit. Yes it doesn’t run on ring -1, but it is ring 0.
the crack is basically installing a rootkit in your system
As is denuvo.
…do you not use JavaScript?
Based if true
Ok, I’ll play the fool. Why is it worse? Is there some reason I should trust irdeto more than a guy in a hoodie?
There is a reason, if it’s just some guy in a hoodie. If it’s a known cracker with a reputation for good cracks, it’s probably fine. Some random person? I’d avoid it. I’d probably avoid it either way, but I agree there’s no reason to trust the company either. Just don’t trust either.
DRM, game launchers and generally 3/4 of modern software overall are a security threat anyway.
That said, the best solution for all this problems is to never buy, pirate or play any DRMed crap. Let them choke on their greedy tech.
100% this. If you find a nice, trusted source, you’ll play some really hard to get games.
But one mistake and your shit isn’t yours anymore.
WTH I’ve known HSMs easier to bypass. Just to prevent people from playing a game, it’s ridiculous.
Never tried, but what about nested vm’s ? It should be possible to have a normal secure vm, with a ‘compromised’ hp/vm running microslop running. In theory I guess…
hard hitting journalist Thomas Shardware
