Techly NewsGet the app

Get the latest tech news

How kernel anti-cheats work


Modern kernel anti-cheat systems are, without exaggeration, among the most sophisticated pieces of software running on consumer Windows machines. They operate at the highest privilege level available to software, they intercept kernel callbacks that were designed for legitimate security products, they scan memory structures that most programmers never touch in their entire careers, and they do all of this transparently while a game is running. If you have ever wondered how BattlEye actually catches a cheat, or why Vanguard insists on loading before Windows boots, or what it means for a PCIe DMA device to bypass every single one of these protections, this post is for you.

None

Get the Android app

Or read this on Hacker News

Read more on:

Photo of deep dive

deep dive

Related news:

News photo

Palantir's secret weapon isn't AI – it's Ontology. An open-source deep dive

News photo

A deep dive into Apple's .car file format

News photo

Deep dive into Turso, the “SQLite rewrite in Rust”

« The Removed DOGE Deposition Videos Have Already Been Backed Up Across the Internet | On Friday, a judge ordered those who uploaded the videos to YouTube to remove them. By Saturday, a backup of the videos was available online as a torrent and on the Internet Archive.
America's First Large-Scale Offshore Wind Project Finally Finishes Construction »