Blacklisting non-vm computer as vm #886
Comments
|
@pinkestflamingo Please mind your language. We don't tolerate verbal abuse (this is not Twitter -> X). |
|
@pinkestflamingo Try to retain some basic manners, otherwise it is unlikely that you'll make your wishes heard. @Notselwyn Could you please have a look at the issue and specifically investigate whether there is a way to distinguish between a physical system having a virtual disk installed and a virtual system running on a virtual disk. |
|
@dbuechel Is there any chance this is a logic bug? DeviceBlacklist.Any(d => device.ToLower().Contains(d.ToLower()))
&& DeviceWhitelist.All(d => !device.ToLower().Contains(d.ToLower())) |
|
You are very correct indeed! I doubt that we have a logic error there, I vaguely remember introducing the whitelist which then has been verified by our internal testing. @Notselwyn Do you happen to have the capacity and time to debug the issue and verify that it can't be |
|
I did some fiddling (https://dotnetfiddle.net/eG3JXN) and it seems it should indeed not trigger. Unfortunately I do not have access to devices with Hyper-V or WSL support laying around, so I cannot test for any cases where the literal string is not
|
|
Thanks, this already should prove that the VM detection was not actually triggered because there is a virtual disk installed on a physical machine. |
dbuechel
added
the
can't reproduce
Enabling the following options on your Windows computer will create the disk 'PROD_VIRTUAL_DISK' which is blacklisted by SEB:
This caused me to get flagged each and every exam for 8+ months and I had to attach a debugger to SEB to understand where it is flagging me.
Filtering for "PROD_VIRTUAL_DISK" is the most stupid thing I've seen to detect virtual environments.
It is embarrassing that having a virtual disk is a detection vector. Step up your game. EMBARRASSING!
The text was updated successfully, but these errors were encountered: