Kernel-hack-drill and exploiting CVE-2024-50264 in the Linux kernel

https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html

#HackerNews #KernelHack #Drill #CVE2024 #LinuxKernel #Cybersecurity #Exploit

Worse even, there are developments re: #cheating which involve using "#AI" to merely #aimbot / a player into making hits, including stochastic delays and inaccuracy to hide it.

• I know from a reliable source that this - alongside existing #Cheating problems - is why #Valve only considers #ServerSideAnticheat as reliable as #ClientSideAnticheat is impossible to enforce outside of #GameConsoles like the #XboxOne ¹!

This doesn't even account for the fact that #Linux isn't a good platform to do these #malware-style #Kernelhack|s but also that trying to do #ClientSide #Anticheat isn't worth the hassle.

• Which is why Valve works hard on "AI"-based #cheat detection in a way #fraud with #CreditCard|s is being combatted through #plausibility checks and per-transaction risk assessment.

The whole #CSGO / #CS2 "#Overwatch" basically amounts to #training (alongside with the existing footage of "known good" and "known bad" examples) of those "AI" efforts!

• Simply because with every gameplay they are able to collect metrics and will automatically flag games if someone were to suddenly have an extremely good K/D.

This is also why #Ranking is enforced in #Competitive #Multiplayer of #CounterStrike2 and why Valve yeeted "#smurf"-accounts because #smurfing taints their dataset.

¹ https://www.youtube.com/watch?v=U7VwtOrwceo

@EdwinG oersonally, I think #CrowdStrike - like all #Scareware - shouldn't exist.

• If I don't trust #Microsoft to secure #Windows from the factory then I've to cease using it! No amount of 3rd party binaryblob #Rootkit / #Bootkit #KernelHack is going.to make the system more secure - espechally since "#Antivirus" and "#AntiMalware" product vendors don't get sourcecode access.

The fact that such a big mistake made it out of #QA testing is a clear disqualifier.

@jsrailton #Govware like #Pegasus isn't something that can be fixed outside of extensive #ITsec, #InfoSec, #OpSec & #ComSec workups.

In fact it's easier to bootstrap an entirely new identity than trying to uninstall such persistent shite!

That being said, #VPN providers are just the newest #DigitalSnakeoil sales reps and everything against them applies to #Antivirus as well...

So sad that @tomscott was just naively debunking them years ago...

The constant #disinfo sown by VPN and #AV providers is so rampant that I'd not be surprised if one day both would finally be made illegal for all the right reasons:

• A VPN won't save peoples asses from getting jailed !

• Any 3rd party #Kernelhack-#BinaryBlob won't make one's #backdoored with Govware OS (regardless if #Windows or #macOS) more secure, but rather less secure!

• It should be the sole responsibility of the OS/Distro maintainers to make them secure by default, espechally on #iOS and #Android where users don't have administrative / #root privilegues!

@isotopp not to mention the whole concept of paying a 3rd party that (outside of #FLOSS-based OSes like #Linux and #BSD's!) won't habe Sourcecode access and accept their #BinaryBlob #Kernelhack is not only weird per concept but basically a digital #RacketeeringScheme!

In fact, it should be the SOLE RESPONSIBILITY of the #maontainers to actually make their #OS secure - period!

Everything else is just #bait for the #Scareware-based sales pitch that fools #TechIlliterates into becoming victims of said racketeering scheme...

@kubikpixel Und genau das kotzt mich so sehr an dass ich kein #Windows auch nur anfasse...

Dritthersteller #Antivirus ist bestenfalls #Scareware bzw. #DigitalSnakeoil wenn nicht sogar #Malware weil's nen #BinaryBlob - #KernelHack in Windows ist...

Fundamentale Sicherheit muss ab Werk rein und vorallem müssen #User*innen die 99,9% aller Probleme verursachen geschult werden...

@DaemonFC
Espechally since 3rd Party AV on #Windows is always a malware-like #KernelHack and worsens #ITsec.

If one doesn't trust #WindowsDefender they should not use Windows at all - period!