1203
you are viewing a single comment's thread
view the rest of the comments
[-] 520@kbin.social 46 points 1 year ago

Won't work if you're using their test software. That shit is more invasive than anticheat

[-] Overtheveloper@lemmy.world 29 points 1 year ago
[-] 520@kbin.social 15 points 1 year ago

They can detect that too - at least, they can detect the common software. You might be able to do it with a custom QEMU setup but good luck guaranteeing that for your exam.

[-] vettnerk@lemmy.ml 30 points 1 year ago* (last edited 1 year ago)

I used to be a reseller of this highly specialized navigation software. The licensing was handled via hardware fingerprinting of the harddrive. I'm not 100% sure on how it worked, but it grabbed some raw data off of the boot device, and from that generated a fingerprint. This fingerprint was then sent to the guys who made the software, and they would then send us a license key and a hefty bill. The license key only worked with syatems running off of that particular harddrive. If a customer had a harddrive failure, we had to send them the actual harddrive for them to verify, so they would issue a free key to whichever replacement drive was used.

I did a lot of experimenting with that software. It was linux based and very tweakable, but the licensing part of it was a bit of a mystery. I managed to crack it through some surprisingly simple out-of-the-box thinking, but one limitation I could never figure out how to circumvent was its refusal to generate a fingerprint from virtual drives.

For starters, it only worked with drives registering as /dev/hdX or /dev/sdX. Anything outside of that and it wouldn't generate a fingerprint.

This was especially frustrating when a well-paying customer offered a nice bonus if we could install it on a macbook for him. After a few days of tweaking I managed to install and run it, only to discover that fingerprinting the drive couldn't be done due to the device node being/dev/nvmeSomething. And after avfew more days of hacking I managed to fake that too, and they outright refused to issue a license due to them not wanting to support our unofficial hacks.

Where was I going with this? Oh, right, vmware.. i never managed to get it to run in vmware. We had this other well paying customer who wanted the ability to alt-tab between the software and Windows. Unfortunately, any fingerprinting done from within vmware, regardless how I set up the storage, resulted in a fingerprint file with no data.

Fun fact: the software ui was written in raw xlib. I got to know the owner and lead dev fairly well, and he hinted that the codebase was a complete mess to the point where something as simple as an input dialog for a config option I recommended was A LOT of work.

[-] wheeldawg@sh.itjust.works 3 points 1 year ago

I would love to know how that's possible.

[-] 520@kbin.social 10 points 1 year ago

The easy way involves looking at the devices and drivers you have installed. Things like a VirtualBox display or a SPICE guest driver are dead giveaways. next, they might look at your processor and see if it has as many cores as it should, but that's more involved.

[-] wheeldawg@sh.itjust.works 1 points 1 year ago

Holy shit why is it even getting anywhere near that nosy? I didn't know it was anything like that. And I even worked for them for a little while.

[-] 520@kbin.social 0 points 1 year ago* (last edited 1 year ago)

Holy shit why is it even getting anywhere near that nosy?

Because it also serves as an anti-cheat...in the most literal sense. It is trying to make sure students can't cheat by having other things open like answer pages or Google.

[-] wheeldawg@sh.itjust.works 1 points 1 year ago

Oh, duh. That seems a little obvious in retrospect. But damn, they go pretty harsh then.

[-] 520@kbin.social 1 points 1 year ago* (last edited 1 year ago)

The qualifications industry is heavily reputation based. If they get a reputation for letting cheaters slide, their reputation tanks among employers and therefore no one will want that qualification.

And these qualifications are expensive as hell too.

[-] Da_Boom@iusearchlinux.fyi -2 points 1 year ago

Unfortunately they probably have detection methods for that, so have fun trying to work around that.

[-] MonkderZweite@feddit.ch 1 points 1 year ago

Meaning it doesn't run in wine?

[-] 520@kbin.social 5 points 1 year ago

Yep. This is by design - it's trying to detect container software that stops it from seeing what else is running.

[-] MonkderZweite@feddit.ch 7 points 1 year ago

But wine is no container software.

[-] 520@kbin.social 4 points 1 year ago* (last edited 1 year ago)

Technically true, but programs loaded via WINE can be made to act somewhat containerised, and can provide incomplete information as to what else is running. Maybe containerisation is the wrong word though, maybe 'sandbox' instead?

Good luck detecting Linux native programs from WINE-loaded Windows executables.

this post was submitted on 12 Sep 2023
1203 points (97.9% liked)

linuxmemes

21281 readers
10 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.
  •  

    Please report posts and comments that break these rules!


    Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't fork-bomb your computer.

    founded 1 year ago
    MODERATORS