I mean if you simply change certificates Windoze will likely have ways to detect it, so you need to also prove that the behavior you measure is the same as if you didn't change them
Analyzing Windows 10 Telemetry Deeper
Elijah Scott
Brody Butler
The OS detecting a "vmware virtual xyz adapter" device (or equivalent in other virtualization software) is not enough for it to figure out it's run in a vm?
Nathaniel Campbell
If you want to run a blue pill VM, you obviously don't give it such an adapter name.
Gavin Young
1. encryption (whether by the OS or by the ME)
2. big network equipment companies (such as Cisco) being part of the cabal can make such traffic invisible to the user
Ian Johnson
All virtualization software exposes some virtual devices to the OS which can be trivially recognized as such by any modern OS. Or do you know virtualization software that can either do passthrough of every physical host device (or spoof presence of various physical devices)?
Lincoln Martin
Yes, it's literally called a blue pill. Modern AMD-V or VT-x virtualization is entirely transparent, and you can just use a minimal hypervisor underneath that doesn't perform PCI initialization.
Joshua Baker
By default, because it helps with getting the guest OS to run as decently as possible. That default can be changed. As I said, I don't know how you would go about with a QEmu/KVM setting, but fully fooling the guest OS is a possibility since Joanna Rutkowska's work in 2005-2006.
Bentley Collins
What about React OS?
Asher Myers
What about? Go and test and tell us.
Luis Sanders
It's still in alpha. So it's unstable, featureless, doesn't work fine with any drivers yet and doesn't work well with a lot of software.