This is an automated archive made by the Lemmit Bot.
The original was posted on /r/piracy by /u/Nadeoki on 2024-08-23 12:28:47+00:00.
In Short
Watch this video on Microsoft's Driver Signing Process
In Long
Every few weeks now, if you scroll through this subreddit or this subreddit, you'll see posts
Talking about malware or nefarious activity originating from cracked software or games.
Often, the Source of this alledged evil is reverse-engineers, DDL sites or repacker in the scene.
Examples for this are m0nkrus, fitgirl, EMPRESS, SkidRowReloaded, IGG, 1337x and so on.
ALMOST AWAYS, when one of these posts goes viral (which happends simply too easily without moderation) They are usually deemed guilty before proven innocent. A twisted, reversed idea of how to be diligent.
ALMOST NOBODY though, talks about how AntiVirus is about the only alledged evidence in nearly all of the aforementioned cases.
The problem with that is AV Software and Windows (Which is the great majority of Enduser OS choices for Pirated Games and Software) has a system in place that fundamentally needs to be ignored in order to engage in Pirated Content.
Signed Signatures.
Every single driver that is part of a software published by a company needs to go through the process of signing through the Microsoft Developer Program. A process that involves revealing your real ID, paying for said process and a few other steps. Obviously big companies that seek to make a profit with their software is willing to accomodate this process, and so their Software Drivers will be signed and your AV won't detect an Unsigned Signature.
The problem with reverse engineering or breaking Software DRM is, it often involves tampering with the Code used in the software to bypass protections. If a modified DLL is placed within this process, it is now UNSIGNED.
Your Windows System and most AV Software will automatically flag such drivers as potential threats and treat them as malicious. THIS IS WHY almost all repackers and scene release notes include a very clear instruction in almost universal terms.
"DISABLE YOUR ANTIVIRUS DURING INSTALLATION"
This is done for exactly the reason mentioned above.
We need to return to a system of review in which a person, who often at risk of legal trouble contributes to this community out of good will is treated with the respect they deserve and if ANYONE wants to alledge malicious intent they better PROVE IT by giving us more than just a screenshot from fucking Kaspersky.