logoalt Hacker News

mschuster91yesterday at 11:22 PM7 repliesview on HN

> NT system calls use the same syscall numbering as recent Windows, to support applications that hardcode syscall numbers.

Other than antivirus software and maybe MAYBE kernel-level "anticheat" slop - who in their right mind does straight syscalls to the kernel?

Replies

StrauXXyesterday at 11:32 PM

Some programming language compilers generate asm that does call systemcalls directly. Go for example.

show 1 reply
tux3yesterday at 11:43 PM

Userland DRMs do all sort of nonsense. Kernel anticheats wouldn't use the syscalls, they're already able to call the kernel routines they want directly.

userbinatortoday at 1:08 AM

Does it matter? The closer they get to being indistinguishable from Windows, the better.

show 1 reply
realusernametoday at 6:35 AM

This change was motivated to improve anticheat support indeed.

kachapopopowtoday at 12:22 AM

anti tamper, drm, library call obfuscation and they all do it wrong, really wrong.

wat10000today at 2:56 AM

I'd argue that anyone who willingly attempts to program these infernal beasts is not entirely in their right mind to begin with.