Comment by Retr0id

Comment by Retr0id 18 hours ago

11 replies

View on Hacker News

> Just recompile the kernel and change the functions it uses to hide the possible cheat and bypass all checks.

You can do this on macOS too, by the way. XNU is open-source.

gjsman-1000 18 hours ago

… well, technically speaking, most of it is open source. However, some parts regarding Apple Pay, FileVault, FairPlay DRM, any iOS compatibility, it’s excised.

Reply View 4 replies
  • Retr0id 18 hours ago

    Right, but you can splice your recompiled version back into the original binary, complete with proprietary components. I've done this before, maybe I should write up the process.

    Reply View 3 replies
chuckadams 18 hours ago

Good luck booting a custom kernel with SIP enabled, and I'm pretty sure any anti-cheat will nope out immediately if SIP is disabled.

Reply View 3 replies
  • 15155 18 hours ago

    So intercept whatever mechanism it's using to detect SIP enabled status...?

    Reply View 1 reply
    • ChocolateGod 19 minutes ago

      You would have to somehow compromise the security coprocessors, even on Android where more of the system is open source, Play Integrity relying on this has killed pretty much all methods of tricking application code that the system is stock outside of downgrade attacks (by convincing the application the phone doesn't support newer verification methods).

      We can run tasks on them that only produces valid output if the boot chains is verified.

      Reply View 0 replies
  • Retr0id 18 hours ago

    You do have to disable it, but you can patch the kernel to lie to userland about SIP status.

    Reply View 0 replies