That is very interesting input, I was not aware about this - thank you!

To make a third party driver to Microsoft standard that runs in kernel mode NT to windows 10 you are not meant to use any native ring 0 only Assembly. So all the code of a windows NT-10 third party driver should in fact be able to execute in ring3. So what wine is doing with the driver is not exactly emulating but running the driver where it can be run there is a bit of history why this is the case. NT/Windows kernel was based of microkernel idea except for performance the drivers that by pure microkernel should be running in ring 3 are running in ring 0. Wine is basically running the driver as it would have run under early NT before release yes we are talking before 1993 here yes this is how something that happened now almost 3 decades ago is having direct effect today.

Basically that is the reason why wine can run some NT-10 drivers but there was no way to do Windows 9x VXDs as those in fact used real ring 0 only Assembly.

So in theory Microsoft could provide their Windows end users with option of running particular kernel mode ring 0 drivers in userspace ring 3 with isolated memory access if they wanted to.

Do note it is important to take note of what I said. A driver running under winedevice can see the complete memory space of that wineprefix. So if you are a person who put all applications in 1 wineprefix the Denuvo driver rootkit sill might cause nice big security problems not as big as windows or linux kernel rootkit but still not good.

Ok maybe it is my native tongue but I meant that there is no Linux Kernel Hack needed which squezzes some "rootkit" into ring 0 of the Linux Kernel to make Denuvo under wine runable which is the concern. If it is possible to "emulated" - I know wine is no emulator- the ring 0 in ring 3 there is no concern about compromised kernel security in Linux land.

Not quite wine uses winedevice to run windows drivers that would normally run in kernelspace(ring 0) in userspace(ring 3). So yes a ring 0 hack under windows can run under wine just when it does its run as ring 3 and only sees 1 wineprefix memory space.

I havent read the entire comments on Xaero_Vincent link https://github.com/ValveSoftware/Pro...ment-631750507 but it seems that Denuvo already works in some cases with wine. Since wine is totally in the userspace there is no Ring 0 hack to make it runable. Besides this point was also mentioned in the comments of the link.

But to be honest I'm not up to date which DRM or Anti-Cheat technologies are on the market. Usually I prefer SinglePlayer Games and there you come across Denuvo as "Anti-Wine" Plugin.

This is not about the Denuvo DRM thingy. This is about their new anti-cheat and that uses a kernel driver in windows

No. Can't it be done without? Doesn't the Kernel have already interfaces to store drm data etc. How is drm managed on Android phones?

That was a quick turnaround. I wonder if someone they care about threatened to sue their asses over the kernel hack. Or maybe they heard the phrase 'class-action lawsuit'.

DRM/Anticheat companies remain a sorry bunch. They can't stop cheating to save their lives. If that's actually their goal, then they suck at their jobs. Now they've progressed from rootkits to kernel hacks. That's what you get for paying for the product. A fucking kernel hack on your system.

I have this fantasy, where these fools mess with the wrong person. Say the head of intelligence for a country plays a new game, and he gets a rootkit or worse. Then he jacks up everyone involved, because... he can do that.

Or we could just make shit like this illegal in the first place and save everyone the trouble.

You would actually install a kernel rootkit just to play a game?

Denuvo wine compatible would be a real relief....not as good as getting rid of it completly .