Many people seem scared of the hypervisor method, because it needs you to turn things off and run commands. Here's an explanation of what it is, why it needs you to turn things off, and why it isn't as scary as it seems.
tldr; the hypervisor needs the same permissions as any other kernel driver, but it hasn't been signed, so you need to turn off the requirement that only signed drivers are run. You're trusting the hypervisor exactly as much as kernel-level anticheat
The hypervisor thing is, in essence, a layer that sits in-between the Denuvo game and your computer. When Denuvo asks "What's the CPU" the hypervisor intercepts that, tells the game "The CPU is ABCXYZ"
Then, the cracker puts a denuvo license file that matches CPU ABCXYZ where the game looks, and because the CPU matches the one the denuvo license is made for, the game runs.
The reason why it can't be run easily, is because of a series of things:
- the way a program asks what cpu a program has is baked directly into the silicon
- to load a program with the ability to intercept the CPUID instruction needs extra permissions
- these permissions require a driver and kernel access, just like Vanguard, Battleye, and other programs that need this level of access to your system
- The difference between the hypervisor and other kernel drivers like Vanguard is that Vanguard can get a signing certificate from microsoft, and the hypervisor team can't get that certificate for obvious reasons
- Microsoft and the computer manufacturer by default won't allow you to run kernel drivers that they haven't approved
- Therefore, to run the hypervisor, you need to force your computer and Windows to load the hypervisor driver
The two main things you need to do to run the hypervisor, therefore, are to disable the restrictions that allow your computer to only run Microsoft-signed drivers, and disable Windows' restrictions that prevent Windows from running unsigned (unapproved) drivers
Yes, these restrictions are security measures - without them, any software would be able to run at the hardware level, these security measures prevent malware from installing itself at the kernel level, mitigates the potential damage it could do. However, Secure Boot isn't really necessary, as long as your computer remains in a trusted environment; it's meant to prevent an attack where a bad actor has physical access to your computer, installs their malicious driver, since secure boot prevents unauthorized changes to drivers.
There are some nuances that I skipped over, for example Denuvo checks far more than just the CPU, but the basics are there, at least enough to give a more accurate picture of what the hypervisor is. The major takeaway of the hypervisor method is that you're trusting the hypervisor devs just as much as you would trust Vanguard, or any other kernel driver. What you're disabling is just the measures taken to prevent Windows from running unapproved drivers.
![LinkinParkxNaruto[AMV]](http://uploads.kiwifarms.st/data/avatars/l/61/61177.jpg?1699571951){kind=avatar}
