This is decidedly not what I’d expect to be discussed at Thotcon. That said, super interesting!
As an avid pirate, I’ll say these days even the Denuvo game which were going years without cracks now have “cracks”, although they rely on hypervisor fixes and disabling secure boot and giving the hypervisor cracks unfettered access to your system to intercept the Denuvo checks. [0] It’s a dangerous game we’re playing to keep these AAA games bottom lines fat.
It has their uses. If, for example, a company wants to issue fleet computers to workers or school to students, you want to have secure boot on those devices to prevent tampering. Secure boot makes it so that physical access is not the end all of security.
If you own the computer yourself, you "ought" to be able to turn off these measures in a way that is undetectable. Being unable to do so would be the red line imho - and looking at those hypervisor cracks available, it's not quite being crossed. The pessimistic, but realistic future prediction is that various media companies would want and lobby for machines to have unbreakable enclaves for which they can "trust" to DRM your machine, and it's just boiling the frog right now. Windows 11's new TPM requirement is testament to that.
Switch to linux asap - that's about the only thing a consumer is capable of doing.
Agreed. I’ve done trivial obfuscation for games. In my observation, if you make it trivial to hack your game, huge numbers will trivially hack it. If you make it even slightly non-trivial, the numbers decrease exponentially. The more you waste their time, put up hurdles, the lower the number of successful hackers goes.
The goal is not perfect security in all situations for all products. The goal is to make the effort required for your particular product excessive compared to the payoff.
ASLR (for example) is a pretty standard technique, I thought all commercial OSes enabled this generally. What's the purpose of picking at this portion?
the threat is people who cheat in games. obfuscation slows them down, but incurs a performance cost. this work is focused on reducing the performance cost.
Exactly. That and in game currencies. You like competing in games, or for game-bucks? Well you need some level of obfuscation and hardening to make that viable.
As an avid pirate, I’ll say these days even the Denuvo game which were going years without cracks now have “cracks”, although they rely on hypervisor fixes and disabling secure boot and giving the hypervisor cracks unfettered access to your system to intercept the Denuvo checks. [0] It’s a dangerous game we’re playing to keep these AAA games bottom lines fat.
[0] https://www.thefpsreview.com/2026/04/03/denuvo-has-been-brok...
...making it even more clear what "secure" boot actually secures: the control others have over your own computer.
If you own the computer yourself, you "ought" to be able to turn off these measures in a way that is undetectable. Being unable to do so would be the red line imho - and looking at those hypervisor cracks available, it's not quite being crossed. The pessimistic, but realistic future prediction is that various media companies would want and lobby for machines to have unbreakable enclaves for which they can "trust" to DRM your machine, and it's just boiling the frog right now. Windows 11's new TPM requirement is testament to that.
Switch to linux asap - that's about the only thing a consumer is capable of doing.
I don't think any competent security researcher has anything positive to say about "security through obscurity"
at best this is lawyer position
Obscurity is totally underrated. Attacker resources are limited.
Some people find cracking them interesting and fun.
The goal is not perfect security in all situations for all products. The goal is to make the effort required for your particular product excessive compared to the payoff.
Which provides way more information than the article
- from the slides
So, money, for supposed control. Which is not true of course