Hacker News new | ask | show | jobs
by xenadu02 2335 days ago
Probably only because most hypervisors don't bother to hide themselves. There's no reason you couldn't prevent detection.

Not to mention some people are creating FPGA boards that use DMA to read memory, something no one is setup to prevent (would require an IOMMU and an OS that bothered to configure it properly; also very difficult to differentiate legit cards from cheating cards and an area game developers have zero experience with right now).
3 comments
TheAceOfHearts 2335 days ago
> some people are creating FPGA boards that use DMA to read memory

Do you have any links handy where one could read more about this? I'm really curious about the kinds of projects people are doing which requires this kind of hardware.

link
himinlomax 2334 days ago
It's pretty easy to detect an hypervisor. There was an article recently on using CPUID timing to that effect. It takes a few cycles on bare metal, but hundreds when virtualized.

There are ways to defeat the time measurement, but it gets complicated fast, and the counter-measure itself is trivial to detect.

link
sudosysgen 2334 days ago
You can just edit that code out from outside the hypervisor and no one will be any wiser.
link
blibble 2334 days ago
this would be the case if there wasn't an external entity with its own timesource (i.e. the game server) interrogating your machine while the game in underway

if there's a VMEXIT it will be measurable, and you have no ability to virtualise the server's clock

link
himinlomax 2334 days ago
That applies to any anti-cheating or copy protection code anyway, so I'm assuming this will be handled similarly.
link
blibble 2335 days ago
there's so many ways to detect a hypervisor, particurarly so if you want your VM to be of sufficiently high performance to play competitively

and then there's the statistical methods (measuring anything that causes a VMEXIT is a good candidate)

modern OSes already support the IOMMU (macOS enables it on by default apparently), however outside of that hardware support is patchy at best

ultimately if they're trying to guard the top of the ladder (say the top 0.05%), they could demand you use a certain set of hardware, and the hardcore would put up with it

link