Title sounds confusing and It might be wrong terminology, sorry about that. I have POP OS and windows in VM (virtualbox) for few apps that are not available on linux. Im trying to install one app that requires diferent activation method because it recognized Im running virtual machine. Is there any way to hide that so I can activate the app the way I usually do on non-VM windows?

I hope I was clear enough, cheers

Edit: typo

  • Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    English
    arrow-up
    62
    ·
    1 year ago

    Hiding virtualisation can be very easy or extremely difficult. It depends on what you’re trying to hide virtualisation from.

    If you’re trying to hide virtualisation from Windows or a random app that tries to be clever but crashes, renaming the VirtualBox devices should be more than enough. This may also work for some viruses if virus analysis is your sort of thing.

    If you’re trying to fool anticheat, you’re in for a world of hurt. There are tons of signs and weird behaviours that point out if a machine is a VM or not. You’ll need to patch a lot of hypervisor code to hide the basic hypervisor API, for example. You’ll also need to make sure the CPU architecture in your VM matches your host CPU exactly. You’ll need to patch the virtualised network cards and such to make them bug for bug compatible with the actual hardware, you can’t just rely on the spec like a normal programmer would.

    You could go the extreme route and virtualise the entire machine (BOCHS/PCem style) but you’ll probably be limited to Pentium III speeds if you do that, and performance monitoring will still be able to point out weird timing issues that indicate a VM.

    How hardcore you’ll need to go really depends on how the application detects that it’s running inside a VM. Try tools like these and see how far you’ll come, or follow the guides written by cheaters which aren’t always successful, but at least they’re exhaustive.

      • Skull giver@popplesburger.hilciferous.nl
        link
        fedilink
        English
        arrow-up
        7
        ·
        1 year ago

        A combination of university classes on cybersecurity/computer science and having experimented/messed with virtualization for years. The theory is quite simple: is there something that stands out among most virtual machines? Often, they all use the exact same network cards, the same sound cards, the same USB hubs, and they have some backdoors for sharing files that can be detected. From there on out you can extrapolate.

        Malware tries to detect virtual machines security researchers use to analyze them, which is where I first started reading about this stuff for. An afternoon reading into hypervisor tech a few years ago taught me a lot as well; just keep digging deeper until you’re close to the hardware. Then there was a vain attempt at running a game or two in a Windows VM and digging into why it didn’t work.

        If you’re interested into this stuff, I recommend following a tutorial about writing your own hypervisor (if you know any native programming language, it’s actually surprisingly easy with modern CPUs! the real difficulty is writing all the device implementations and their drivers…) and experimenting with detecting virtual machines yourself.