You'd be surprised to know that this strategy works quite well! Pixel bots require a hardware fake display when faced with kernel anti-cheat. They also depend on color/pattern recognition, as AI is not yet capable of…
Aimbot is actually very solvable! 1) When DMA is fully blocked, Aimbot resorts to being a pixel bot. 2) Once you're relying on a pixel bot, all the anti-cheat has to do is "bait" the bot. After you click the bait a few…
> "How come replay analysis doesn’t catch more cheaters?" 1) There's too many players. 2) Closet cheaters are extremely subjective: automated & manual moderation would be full of false positives. In these cases,…
I feel someone doesn't need to play competitive games to be able to give an honest assessment of the privacy & security risks. I'm sad I'm not seeing that honesty elsewhere in this thread.
At least in Valorant, DMA is becoming impossible due to IOMMU / Memory Integrity enforcement. The only option is becoming pixel bots. As for faking the input device: I'm sure it's possible, but I'm also sure that…
In my opinion, the debate about kernel anti-cheat on Windows is fear-mongering. I'm confused why Hacker News of all places misrepresents the technical details. You can already completely compromise the average user's…
That's a different type of game entirely. Private/community servers cannot be competitive at the scale of modern competitive games.
This isn't possible in Valorant. Their kernel module is extremely particular about input devices: 1) only allows a single mouse input device at a time 2) completely ignores virtual mouse input 3) flags…
I don't disagree. Clarifying, I personally don't think this exploit is a backdoor, but rather that the negligence is enough to appear malicious. Just for fun (not saying I believe this!): Did you ever consider that a…
If the device does not have BitLocker, WinRE already by default provides full Administrator access to the unencrypted disk via Command Prompt. > I think that level of pushback against the claims is a valid (and small)…
If the device doesn't have BitLocker, this exploit is pointless because you can already boot any OS USB and immediately have full access to the unencrypted disk. This exploit is only ever relevant with BitLocker enabled…
1) Except that the entire premise behind BitLocker TPM's security relies on the login screen as a hard security boundary, and thus any attack on the login screen is an attack on BitLocker. It is semantics to dispute…
Considering the researcher had already reported these to Microsoft, and delayed releasing them publicly until Microsoft "pulled every childish game possible" (quote) instead of patching them, it's not unreasonable for…
What's with all the replies on these threads downplaying this? Why is it mainly brand new accounts? What's going on here? I've seen every variant of: 1) "this is an authentication/privilege escalation bug, not a…
That’s quite a stretch, to say the least.
But it doesn't. Full authentication bypass exploits are extremely rare and unheard of among tech giants. Maybe account takeover/recovery, sure, but full bypass? It just never happens. Microsoft goes beyond that: they've…
I knew there was another incident that I was forgetting, insanity... I don't understand how Microsoft keeps getting away with this and everyone just forgets.
Microsoft has never been good at security, and that is why their centralization to cloud is absolutely terrifying. I'm reminded of Storm-0558 [1] where a stolen signing key was able to forge authentication tokens for…
I'd use WireGuard in that case. The main reason WireGuard is popular at all is because it is approachable. IPsec is much more complicated and is designed for network engineers, not users.
That's a large packet benchmark, not mixed packet size, and it just barely hits it. If you need consistent 10Gbps for a business use case, I would not consider that sufficient. > "To me, the bulk of Tailscale's overhead…
Mikrotik can be popular for CE (Customer Edge) devices, that is correct. Those are not ISPs however, those are customers.
CE (Customer Edge) is what you are referring to. ISPs would be the PE (Provider Edge). I am aware it can be popular for SMB CE devices, however that is simply not the case for PE devices. Service Provider ISPs cannot…
AWS/GCE/Azure's network implementations pre-date EVPN and are proprietary to their cloud. EVPN is for on-premise. You don't exactly have the opportunity to use their implementation unless you are on their cloud, so I am…
I'm curious what you classify as a business ISP? Take a look at AMS-IX, one of the largest internet exchanges: https://bgp.tools/ixp/AMS-IX 21/1020 (2%) of all peers are Mikrotik. 15 (1.4%) of those are >=1000mbps. 7…
wireguard-go is indeed very slow. For example, the official WireGuard Mac client uses it, and performance on my M1 Max is CPU capped at 200Mbps. The kernel WireGuard implementation available for Linux is certainly…
You'd be surprised to know that this strategy works quite well! Pixel bots require a hardware fake display when faced with kernel anti-cheat. They also depend on color/pattern recognition, as AI is not yet capable of…
Aimbot is actually very solvable! 1) When DMA is fully blocked, Aimbot resorts to being a pixel bot. 2) Once you're relying on a pixel bot, all the anti-cheat has to do is "bait" the bot. After you click the bait a few…
> "How come replay analysis doesn’t catch more cheaters?" 1) There's too many players. 2) Closet cheaters are extremely subjective: automated & manual moderation would be full of false positives. In these cases,…
I feel someone doesn't need to play competitive games to be able to give an honest assessment of the privacy & security risks. I'm sad I'm not seeing that honesty elsewhere in this thread.
At least in Valorant, DMA is becoming impossible due to IOMMU / Memory Integrity enforcement. The only option is becoming pixel bots. As for faking the input device: I'm sure it's possible, but I'm also sure that…
In my opinion, the debate about kernel anti-cheat on Windows is fear-mongering. I'm confused why Hacker News of all places misrepresents the technical details. You can already completely compromise the average user's…
That's a different type of game entirely. Private/community servers cannot be competitive at the scale of modern competitive games.
This isn't possible in Valorant. Their kernel module is extremely particular about input devices: 1) only allows a single mouse input device at a time 2) completely ignores virtual mouse input 3) flags…
I don't disagree. Clarifying, I personally don't think this exploit is a backdoor, but rather that the negligence is enough to appear malicious. Just for fun (not saying I believe this!): Did you ever consider that a…
If the device does not have BitLocker, WinRE already by default provides full Administrator access to the unencrypted disk via Command Prompt. > I think that level of pushback against the claims is a valid (and small)…
If the device doesn't have BitLocker, this exploit is pointless because you can already boot any OS USB and immediately have full access to the unencrypted disk. This exploit is only ever relevant with BitLocker enabled…
1) Except that the entire premise behind BitLocker TPM's security relies on the login screen as a hard security boundary, and thus any attack on the login screen is an attack on BitLocker. It is semantics to dispute…
Considering the researcher had already reported these to Microsoft, and delayed releasing them publicly until Microsoft "pulled every childish game possible" (quote) instead of patching them, it's not unreasonable for…
What's with all the replies on these threads downplaying this? Why is it mainly brand new accounts? What's going on here? I've seen every variant of: 1) "this is an authentication/privilege escalation bug, not a…
That’s quite a stretch, to say the least.
But it doesn't. Full authentication bypass exploits are extremely rare and unheard of among tech giants. Maybe account takeover/recovery, sure, but full bypass? It just never happens. Microsoft goes beyond that: they've…
I knew there was another incident that I was forgetting, insanity... I don't understand how Microsoft keeps getting away with this and everyone just forgets.
Microsoft has never been good at security, and that is why their centralization to cloud is absolutely terrifying. I'm reminded of Storm-0558 [1] where a stolen signing key was able to forge authentication tokens for…
I'd use WireGuard in that case. The main reason WireGuard is popular at all is because it is approachable. IPsec is much more complicated and is designed for network engineers, not users.
That's a large packet benchmark, not mixed packet size, and it just barely hits it. If you need consistent 10Gbps for a business use case, I would not consider that sufficient. > "To me, the bulk of Tailscale's overhead…
Mikrotik can be popular for CE (Customer Edge) devices, that is correct. Those are not ISPs however, those are customers.
CE (Customer Edge) is what you are referring to. ISPs would be the PE (Provider Edge). I am aware it can be popular for SMB CE devices, however that is simply not the case for PE devices. Service Provider ISPs cannot…
AWS/GCE/Azure's network implementations pre-date EVPN and are proprietary to their cloud. EVPN is for on-premise. You don't exactly have the opportunity to use their implementation unless you are on their cloud, so I am…
I'm curious what you classify as a business ISP? Take a look at AMS-IX, one of the largest internet exchanges: https://bgp.tools/ixp/AMS-IX 21/1020 (2%) of all peers are Mikrotik. 15 (1.4%) of those are >=1000mbps. 7…
wireguard-go is indeed very slow. For example, the official WireGuard Mac client uses it, and performance on my M1 Max is CPU capped at 200Mbps. The kernel WireGuard implementation available for Linux is certainly…