|
|
|
|
|
|
by jstarfish
1069 days ago
|
|
|
> smells like a guy who either is completely incompetent and should not be writing security software, or a guy who wants to cheat, got his kernel driver approved by EAC and is mad about being found out. That's an interesting take. You think an anti-cheating tool might be being used for cheating? I hadn't considered that. On further thought, in having such a backdoor present that isn't being exploited/resold, it does give the "proctor" unfettered access to the target device to legitimately look for cheating tools running with higher privileges than the user. I'm guessing most cheating tools need to run with system permissions to intercept API hooks and stuff, so you'd need a similar degree of access to detect that? I don't think it's incompetence; the guy is clearly technically-minded enough to understand what the researcher is talking about and, rather than explain it, challenge him on it. I meet these types all the time-- he gets away with gaslighting kids all day, so when an adult who isn't placated by "you just don't understand"-type dismissals shows up and starts asking pointed questions, they get angry, hysterical and/or violent (the Phoenix Wright games capture this hilariously well). He's too defensive to not be hiding something; their collective response is too over the top. If he's not selling access, the functionality of the product itself may well depend on this exploit, which would also be a compelling reason to suppress attention and refuse to address it. |
|
|
The product need not depend on this exploit. There are common best-practices one may use to secure access to driver calls. He's implemented like 1 of them. I think he's just an asshat who doesn't like being called into question, but there's a very real possibility that he took advantage of his whitelisted driver and is now mad he lost that advantage. I genuinely believe he's not the one DDoSing though, that's more of a cheating forum thing.