this post was submitted on 04 Apr 2026
243 points (99.2% liked)

Technology

83502 readers
3503 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
243
Denuvo has been broken, company promises countermeasures against new DRM bypasses — zero-day game releases become norm as security concerns mount over hypervisor-based bypass (www.tomshardware.com)
submitted 2 days ago by Astertheprince@lemmy.dbzer0.com to c/technology@lemmy.world
56 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] SomethingBurger@jlai.lu 11 points 1 day ago (2 children)

What's preventing spoofing this with a fake implementation?

[–] LedgeDrop@lemmy.zip 2 points 1 day ago (2 children)

To expand on this a bit:

It's all built on top of the concept of "a chain of trust", starting at the hardware level.

(as mentioned) TPM is a chip that'll store encryption keys at a hardware level and retrieval of these keys can only happen if the hardware is unmodified.

I assume that part of this key is derived from aspects of your OS (ie: all device drivers are signed by MS).

The OS will fetch this key, if it's valid - the OS knows that the hardware is untampered, it can then verify that the OS is unmodified, which can then be used by application to determine that their not modified, etc.

Now you could spoof your own TPM chip (similar to how Switch 1's are chipped/nodded), but the deal-breaker is that when you add your key to the TPM chip, you sign it with a hardware vendor specific public key. And that vendor private key is baked into the hardware (often into the CPU, so the private key never crosses the hardware bus).

[–] redsand@infosec.pub 1 points 3 hours ago

Luckily that key always leaks from a human or side channel

[–] meaansel@lemmy.world 0 points 10 hours ago (1 children)

But at the end of day, doesn't app have to ask OS? At that stage, can't you spoof "positive" responce of unmodified system?

[–] LedgeDrop@lemmy.zip 1 points 26 minutes ago

That's the strength of public/private key encryption.

The application (or OS) knows what the hardware vendors public key is. Thus ,it can verify that any message (or application key) claiming to come from that hardware (TPM) is legitimate or not. Thus, the OS is just a proxy or the middle man.

Now what you could do (in theory) is to start modifying the application and replace the hardware vendor public key with your own. ...but you'd need to do this with every application and they'll probably have some sort of anti-tampering or (more likely) you won't even be allowed to install the application because your OS isn't "safe/secure".

disclaimer: I'm a bit hazy on some of these details. There are probably more elegant solutions.

[–] foggenbooty@lemmy.world 1 points 1 day ago

Cryptography.