Apple today announced two major changes to how it handles App Store disputes with third-party developers. The first is that Apple will now allow developers to appeal a specific violation of an App Store guideline, and that there will also be a separate process for challenging the guideline itself. Additionally, Apple says it will no longer delay app updates intended to fix bugs and other core functions over App Store disputes. The Verge reports: The changes come in the wake of Apple's high-profile showdown with Hey, a new email service from software developer Basecamp. The service launched last week as an invite-only website and a companion iOS app, with a full launch slated for July. But after initially approving the app, Apple later rejected Basecamp's subsequent updates and kicked off what became a very public feud between the company and Basecamp's co-founders, CEO Jason Fried and CTO David Heinemeier Hansson, over whether Hey could exist in the App Store in its current form at all. The feud, inconveniently for Apple, coincided with the announcement of two antitrust probes from the European Union last week that were spurred in part from complaints from longtime Apple rivals like Spotify.

The central dispute in this case was whether Hey qualified for an exemption to rules around in-app purchases, which Basecamp decided not to include because the company does not want to give Apple its standard App Store revenue cut. Apple said Hey did not and claimed Basecamp's iOS app violated three App Store guidelines by not allowing you to sign up or purchase access to Hey from mobile. Fried and Heinemeier Hansson claimed that the decision was evidence of inconsistency and greed on Apple's part given the numerous apps, like Netflix and business software, that do qualify for such exemptions and have existed in the App Store without in-app purchase options for years. Apple last week tried to head off any future escalation of the feud by outlining its reasoning in a letter signed from the App Review Board, which it disseminated to Basecamp and media organizations. Apple marketing chief Phil Schiller also conducted interviews with members of the press. [...] On Monday, ahead of the keynote, Apple capitulated, allowing Hey's updates to go through only after a compromise from Basecamp in which the company now lets you sign up for a burner account that expires after two weeks.

After rejecting an update last week, Apple has approved a new version of the subscription email app Hey. From a report: The approval, which came last week, ahead of today's Apple Worldwide Developer Conference, is meant to lower the temperature after Apple's initial app rejection drew widespread condemnation from lawmakers and other developers. But the approval is also only temporary in spirit, meant to give Hey developer Basecamp time to develop a version of the app more in line with Apple's policies -- and Basecamp's approach to that challenge is very aggressive, as a letter posted to its website today details.

Earlier this week, Apple told Basecamp, the company that makes the brand new email app called Hey, that it cannot distribute its app on the iPhone unless it makes it possible for users to sign up via Apple's own prescribed methods -- which gives Apple a 30 percent cut. Apple told Basecamp that by avoiding giving an option in its iOS app to sign up and support in-app purchases, it was violating Apple's App Store policy, 3.1.1, which says: If you want to unlock features or functionality within your app, (by way of example: subscriptions, in-game currencies, game levels, access to premium content, or unlocking a full version), you must use in-app purchase. Apps may not use their own mechanisms to unlock content or functionality, such as license keys, augmented reality markers, QR codes, etc. Apps and their metadata may not include buttons, external links, or other calls to action that direct customers to purchasing mechanisms other than in-app purchase. Dieter Bohn, writing for The Verge: The key thing to know is that the text of this policy is not actually the policy. Or rather, as with any law, the text is only one of the things you need to understand. You also need to know how it is enforced and how the enforcers interpret that text. It should not surprise you to know that Apple's interpretation of its text often seems capricious at best and at worst seems like it's motivated by self-dealing. And the enforcement consequently often seems unfair.

The rule states that if you want to sell digital goods, you have to use Apple's payment system. Except that's not how 3.1.1 has been interpreted to date. It has been interpreted as allowing people to access services they paid for elsewhere on their iOS devices, but not allowing those apps to try to get around the Apple payment rules when people sign up on those devices. That's convoluted, but that interpretation is what keeps Netflix from having an account sign-up in its app. It's the policy that has enraged Spotify and keeps you from buying Kindle books on your iPhone without jumping through a million weird Safari hoops. That was already a very bad rule, if you ask me. Now, with this email app, Apple is apparently changing its interpretation to be more strict. David Pierce, in an update to his news report about Hey-Apple debacle: Apple told me that its actual mistake was approving the app in the first place, when it didn't conform to its guidelines. Apple allows these kinds of client apps -- where you can't sign up, only sign in -- for business services but not consumer products. That's why Basecamp, which companies typically pay for, is allowed on the App Store when Hey, which users pay for, isn't. One other distinction: Apple allows "Reader" apps -- things like Netflix and Kindle and Dropbox, where you're using the app to access existing subscriptions -- as long as they don't offer a way to sign up. But email, messaging, etc. don't count as Reader apps. John Gruber, writing at DaringFireball: The lone instance of "consumer" refers to the "Consumer Health Records API". The price that Basecamp pays for not supporting in-app purchase in their iOS app is that they lose whatever number of users would have signed up in-app but won't sign up out-of-app. That's competition. Again, putting aside arguments that Apple should allow apps to use their own payment systems in apps, or be able to link to a website for sign up, or at the very least just tell users how to sign up -- the makers of an app should be able to say "OK, we won't even tell users how to sign up within our app; our app is only for existing customers and we'll obtain all of them outside the app." [...]

Second, how could such a distinction be made in writing? There are some apps that are definitely "business services" and some that are definitely "consumer products" (games for example), but to say that the area in between encompasses many shades of gray is an understatement. The entire mobile era of computing -- an era which Apple itself has inarguably largely defined -- is about the obliteration of distinct lines between business and consumer products. [...] At some level there's a clear distinction here -- Netflix and Kindle are clearly consumption services. But Dropbox? Dropbox is a lot closer to an email or messaging service like Hey than it is to Netflix or Kindle. The stuff in my Dropbox account is every bit as personal as the stuff in my email account. When you put Dropbox in the same bucket with Netflix and Amazon Kindle, it seems to me like the distinction is not so much between what is and isn't a "reader" app or what is or isn't a "business" app, but between companies which are too big for Apple to push around and those they can.

Basecamp launched its email product Hey earlier this week. David Heinemeier Hansson, the co-founder of Basecamp, tweeted on Tuesday that Apple is already creating challenges for the firm. In a series of tweets, he said: Apple just doubled down on their rejection of HEY's ability to provide bug fixes and new features, unless we submit to their outrageous demand of 15-30% of our revenue. Even worse: We're told that unless we comply, they'll remove the app. On the day the EU announced their investigation into Apple's abusive App Store practices, HEY is subject to those very same capricious, exploitive, and inconsistent policies of shakedown. It's clear they feel embolden to tighten the screws with no fear of regulatory consequences. He adds: Apple has been capriciously, inconsistently, and in a few cases, cruelly, enforcing their App Store policies for years. But most of the abuses were suffered by smaller developers without a platform and without recurse. Apple saw that it worked, and that it paid. Now moving up. This is exactly the issue I gave testimony in front of congress earlier this year! We hadn't yet launched HEY, but I said it worried me, what Apple might do, if you're in direct competition with them. And now we know what they'd do. Attempt to crush us. But while I'm sure Apple's attempt to cut off the air supply to the likes of Spotify is board-room stuff, I think what we're facing is simply the banality of bureaucracy. Apple has publicly pivoted to services for growth, so KPIs and quarterly targets trickle down. And frankly, it's hard to see what they have to fear. Who cares if Apple shakes down individual software developers for 30% of their revenue, by threatening to destroy their business? There has been zero consequences so far! Most such companies quietly cave or fail. We won't. There is no chance in bloody hell that we're going to pay Apple's ransom. I will burn this house down myself, before I let gangsters like that spin it for spoils. This is profoundly, perversely abusive and unfair.

We did everything we were supposed to with the iOS app. Try downloading it (while you can?). You can't sign up, because Apple says no. We don't mention subscriptions. You can't upgrade. You can't access billing. We did all of it! Wasn't enough. We've been in the App Store with Basecamp for years. We know the game. It was always rigged. It was always customer-hostile, deeply confusing, but the unstated lines were reasonably clear. Now Apple has altered the deal, and all we can do is pray they don't alter it further.

Ahead of Apple's Worldwide Developer Conference starting next week, the company has today launched a new version of its Apple Developer App to better support its plans for the virtual event. TechCrunch reports: Notably, the app has been made available for Mac for the first time, in addition to a redesign and other minor feature updates. With the needs of an entirely virtual audience in mind, Apple has redesigned the app's Discover section to make it easier for developers to catch up on the latest stories, news, videos and more, the company says. This section will be regularly updated with "actionable" content, Apple notes, including the latest news, recommendations on implementing new features, and information about inspiring engineers and designers, alongside new videos.

It has also updated its Browse tab where users search for existing sessions, videos, articles and news, including the over 100 technical and design-focused videos found in the WWDC tab. The WWDC tab has also been updated in preparation for the live event starting on Monday, June 22. The redesign has added a way to favorite individual articles, in addition to session content and videos. Plus it includes new iMessage stickers along with other enhancements and bug fixes. The app, which was previously available on iPhone, iPad and Apple TV, is also now offered on Mac.

Google is pressing on with new plans to hide all parts of web addresses except the domain name. Android Police reports: A few new feature flags have appeared in Chrome's Dev and Canary channels (V85), which modify the appearance and behavior of web addresses in the address bar. The main flag is called "Omnibox UI Hide Steady-State URL Path, Query, and Ref" which hides everything in the current web address except the domain name. For example, "https://www.androidpolice.com/2020/06/07/lenovo-ideapad-flex-5-chromebook-review/" is simply displayed as "androidpolice.com." There are two additional flags that modify this behavior. One reveals the full address once you hover over the address bar (instead of having to click it), while the other only hides the address bar once you interact with the page. An issue page on the Chromium Bug tracker has also been created for keeping track of the changes, though there aren't any additional details there.

There's no public explanation yet for why Google is pressing ahead with these changes, but the company has said in the past that it believes showing the full address can make it harder to tell if the current site is legitimate. "Showing the full URL may detract from the parts of the URL that are more important to making a security decision on a webpage," Chromium software engineer Livvie Lin said in a design document earlier this year. Google has since clarified how the experiment will work and what opt-out options will be available.

"We think this is an important problem area to explore because phishing and other forms of social engineering are still rampant on the web," a Chromium developer on the bug tracker for the change said, "and much research shows that browsers' current URL display patterns aren't effective defenses. We're implementing this simplified domain display experiment so that we can conduct qualitative and quantitative research to understand if it helps users identify malicious websites more accurately."

It was also confirmed that Google will keep the opt-out mechanism that is already present -- an 'Always show full URLs' setting that appears when you right-click the address bar. "We plan to support this opt-out option indefinitely," the same developer said.

An anonymous reader writes: FreeBSD has has adopted a new LLVM-derived code of conduct. The code of conduct requires users to: be friendly and patient,
be welcoming,
be considerate,
be respectful,
be careful in the words that you choose and be kind to others,
when we disagree, try to understand why.

This isn't an exhaustive list of things that you can't do. Rather, take it in the spirit in which it's intended - a guide to make it easier to communicate and participate in the community. This code of conduct applies to all spaces managed by the FreeBSD project. This includes online chat, mailing lists, bug trackers, FreeBSD events such as the developer meetings and socials, and any other forums created by the project that the community uses for communication. It applies to all of your communication and conduct in these spaces, including emails, chats, things you say, slides, videos, posters, signs, or even t-shirts you display in these spaces. In addition, violations of this code outside these spaces may, in rare cases, affect a person's ability to participate within them, when the conduct amounts to an egregious violation of this code.

Security and software development company Quarkslab played around with Google's new Fuchsia operating system, which could one day replace Android on smartphones and Chrome OS on laptops. The researchers "decided to give a quick look at Fuchsia, learn about its inner design, security properties, strengths and weaknesses, and find ways to attack it." Here's what they concluded: Fuchsia's micro kernel is called Zircon. It is written in C++. [...] Contrary to every other major OS, it appears rather difficult to target the Zircon kernel directly. A successful RCE (Remote Code Execution) on the world-facing parts of the system (USB, Bluetooth, network stack, etc) will only give you control over the targeted components, but they run in independent userland processes, not in the kernel. From a component, you then need to escalate privileges to the kernel using the limited number of syscalls you can access with the handles you have. Overall, it seems easier to target other components rather than the kernel, and to focus on components that you can talk to via IPC and that you know have interesting handles.

Overall, Fuchsia exhibits interesting security properties compared to other OSes such as Android. A few days of vulnerability research allowed us to conclude that the common programming bugs found in other OSes can also be found in Fuchsia. However, while these bugs can often be considered as vulnerabilities in other OSes, they turn out to be uninteresting on Fuchsia, because their impact is, for the most part, mitigated by Fuchsia's security properties. We note however that these security properties do not -- and in fact, cannot -- hold in the lowest layers of the kernel related to virtualization, exception handling and scheduling, and that any bug here remains exploitable just like on any other OS. All the bugs we found were reported to Google, and are now fixed.

Again, it is not clear where Fuchsia is heading, and whether it is just a research OS as Google claims or a real OS that is vowed to be used on future products. What's clear, though, is that it has the potential to significantly increase the difficulty for attackers to compromise devices.

Academics from a university in the Netherlands have published details today about a new vulnerability in Intel processors. From a report: The security bug, which they named CrossTalk, enables attacker-controlled code executing on one CPU core to leak sensitive data from other software running on a different core. The Vrije University's Systems and Network Security Group (VUSec) says the CrossTalk vulnerability is another type of MDS (microarchitectural data sampling) attack. MDS attacks target user data while in a "transient" state, as it's being processed inside the CPU and its many data-caching systems. More specifically, CrossTalk attacks data while it's being processed by the CPU's Line Fill Buffer (LBF), one of these aforementioned CPU cache systems. According to the VUSec team, the LBF cache actually works with a previously undocumented memory "staging buffer" that is shared by all CPU cores.

South Korean phone manufacturer LG has released a security update last month to fix a vulnerability that impacts its Android smartphones sold over the past seven years. From a report: The vulnerability, tracked under the identifier of CVE-2020-12753, impacts the bootloader component that ships with LG smartphones. In March this year, US software engineer Max Thomas discovered a vulnerability in the bootloader component that had been added to LG smartphones starting with the LG Nexus 5 series. In a technical breakdown of the vulnerability published on Tuesday, Thomas says the bootloader component's graphics package contains a bug that lets attackers sneak in their own code to run alongside the bootloader's graphics under certain conditions, such as when the battery dies out and when the device is in the bootloader's Download Mode. Thomas says that threat actors who perfectly time an attack can gain the ability to run their own custom code, which could allow them to take over the bootloader, and inherently the entire device.

Well-known leaker Universe Ice on Twitter, along with dozens of other users, have discovered that simply setting an image as wallpaper on your phone could cause it to crash and become unable to boot. Android Authority reports: Based on user reports, many models from Samsung and Google are affected, while we've also seen some reports from users of OnePlus, Nokia, and Xiaomi devices (it's not clear if these latter devices ran stock software or custom ROMs). From our own testing and looking at user reports, Huawei devices seem to be less exposed to the wallpaper crash issue. There are a few solutions, depending on how hard the phone is hit. Some users were able to change the wallpaper in the short interval between crashes. Others had success deleting the wallpaper using the recovery tool TWRP. But in most cases, the only solution was to reset the phone to factory settings, losing any data that's not backed up.

The issue affects up-to-date phones running Android 10, but as it turns out, it's not actually new. Users have been reporting similar problems for a couple of years, and just last month Android Police reported on what appears to be a closely related issue specifically impacting Pixel phones running the Google Wallpapers app. [...] An issue with a very similar description has been reported in Google's Android issue tracker back in 2018. At the time, Google developers said they were unable to reproduce the issue and closed it out (Hat tip: inverimus on Reddit).

An anonymous reader quotes Forbes: When Apple announced Sign in with Apple at the June 2019 worldwide developers conference, it called it a "more private way to simply and quickly sign into apps and websites." The idea was, and still is, a good one: replace social logins that can be used to collect personal data with a secure authentication system backed by Apple's promise not to profile users or their app activity... Unsurprisingly, it has been pushed as being a more privacy-oriented option than using your Facebook or Google account.

Fast forward to April 2020, and a security researcher from Delhi uncovered a critical Sign in with Apple vulnerability that could allow an attacker to potentially take over an account with just an email ID. A critical vulnerability that was deemed important enough that Apple paid him $100,000 through its bug bounty program by way of a reward. With the vulnerability already now patched by Apple on the server-side, Bhavuk Jain published his disclosure of the security shocker on May 30.
It applied "only to third-party apps which used Sign in with Apple without taking any further security measures," the article points out , adding that the researcher who found it "said Apple carried out an internal investigation and determined that no account compromises or misuse had occurred before the vulnerability was fixed."

But they also quote an SME application security lead at ImmersiveLabs who said he "would have expected better testing around this from a company such as Apple, especially when it is trying to set itself a reputation as privacy-focused."

An anonymous reader quotes a report from The Register: A very specific software bug made airliners turn the wrong way if their pilots adjusted a pre-set altitude limit. The bug, discovered on Bombardier CRJ-200 aircraft fitted with Rockwell Collins Aerospace-made flight management systems (FMSes), led to airliners trying to follow certain missed approaches turning right instead of left -- or vice versa.

First discovered in 2017, the flaw was only apparent when pilots manually edited a pre-set "climb to" altitude programmed into a "missed approach" procedure following an Instrument Landing System approach. It also arose if pilots used the FMS's temperature compensation function in extremely cold weather. In theory the bug could have led to airliners crashing into the ground, though the presence of two trained and alert humans in the cockpit monitoring what the aircraft was doing made this a remote possibility. "The bug was first uncovered when a CRJ-200 crew flying into Canada's Fort St John airport used the FMS's temperature correction function," the report adds. "They discovered that the software turned their aeroplane in the wrong direction while it was following the published missed approach, something that generally does not happen. The fault was swiftly reported to the authorities and the relevant manufacturers."

Full details, including the maths, are available here. The U.S. Federal Aviation Authorities also published a Powerpoint presentation (PDF) about the bug.

An anonymous reader quotes a report from VentureBeat: Google today launched Android Studio 4.0, the latest version of its integrated development environment (IDE). Android Studio 4.0 is supposed to help developers "code smarter, build faster, and design apps." Version 4.0 includes a new Motion Editor, a Build Analyzer, and Java 8 language APIs. Google also overhauled the CPU Profiler user interface and improved the Layout Inspector. [In the article] you'll find Android Studio 4.0 features broken down by category: design, develop, and build. The new version also includes the usual performance improvements and bug fixes on top of the new features (full release notes). Google didn't share its plans for the next version. Normally we'd get hints at the company's I/O developer conference, but 2020 is a weird year.

Bug bounty platform HackerOne announced today that it has paid out $100,000,000 in rewards to white-hat hackers around the world as of May 26, 2020. From a report: Since it started delivering vulnerability reports to its customers, HackerOne bug bounty hunters have found roughly 170,000 security vulnerabilities according to the company's CEO Marten Mickos. Over 700,000 ethical hackers are no using the bug bounty platform to get paid for security bugs in the products of more than 1,900 HackerOne customers. "It is impossible to know exactly how many cyber breaches have thereby been averted but we can estimate that it is thousands or perhaps over ten thousand," Mickos said.

"Altran has released a new tool that uses artificial intelligence to help software engineers spot bugs during the coding process instead of at the end," reports TechRepublic. "Available on GitHub, Code Defect AI uses machine learning to analyze existing code, spot potential problems in new code, and suggest tests to diagnose and fix the errors." Walid Negm, group chief innovation officer at Altran, said that this new tool will help developers release quality code quickly. "The software release cycle needs algorithms that can help make strategic judgments, especially as code gets more complex," he said in a press release....

"Microsoft and Altran have been working together to improve the software development cycle, and Code Defect AI, powered by Microsoft Azure, is an innovative tool that can help software developers through the use of machine learning," said David Carmona, general manager of AI marketing at Microsoft, in a press release...

In a new report about artificial intelligence and software development, Deloitte predicts that more and more companies will use AI-assisted coding tools. From January 2018 to September 2019, software vendors launched dozens of AI-powered software development tools, and startups working in this space raised $704 million over a similar timeframe.... "The benefits of AI-assisted coding are numerous," according to Deloitte analysts David Schatsky and Sourabh Bumb, the authors of AI is Helping to Make Better Software. " However, the principal benefit for companies is efficiency. Many of the new AI-powered tools work in a similar way to spell- and grammar-checkers, enabling coders to reduce the number of keystrokes they need to type by around 50%. They can also spot bugs while code is being written, while they can also automate as many as half of the tests needed to confirm the quality of software." This capability is even more important as companies continue to rely on open-source code.
The Register got more details about Altran's Code Defect AI: The company told us that the AI does not look much at the source code itself, but rather at the commit metadata, "the number of files in the check-in, code complexity, density of the check-in, bug history of the file, history of the developer, experience of the developer in the particular module/file etc." Training of the model is done only on the project being examined...

"Around 70% of our serious security bugs are memory safety problems," the Chromium project announced this week. "Our next major project is to prevent such bugs at source."

ZDNet reports: The percentage was compiled after Google engineers analyzed 912 security bugs fixed in the Chrome stable branch since 2015, bugs that had a "high" or "critical" severity rating. The number is identical to stats shared by Microsoft. Speaking at a security conference in February 2019, Microsoft engineers said that for the past 12 years, around 70% of all security updates for Microsoft products addressed memory safety vulnerabilities. Both companies are basically dealing with the same problem, namely that C and C++, the two predominant programming languages in their codebases, are "unsafe" languages....

Google says that since March 2019, 125 of the 130 Chrome vulnerabilities with a "critical" severity rating were memory corruption-related issues, showing that despite advances in fixing other bug classes, memory management is still a problem... Half of the 70% are use-after-free vulnerabilities, a type of security issue that arises from incorrect management of memory pointers (addresses), leaving doors open for attackers to attack Chrome's inner components...

While software companies have tried before to fix C and C++'s memory management problems, Mozilla has been the one who made a breakthrough by sponsoring, promoting and heavily adopting the Rust programming language in Firefox... Microsoft is also heavily investing in exploring C and C++ alternatives⦠But this week, Google also announced similar plans as well... Going forward, Google says it plans to look into developing custom C++ libraries to use with Chrome's codebase, libraries that have better protections against memory-related bugs. The browser maker is also exploring the MiraclePtr project, which aims to turn "exploitable use-after-free bugs into non-security crashes with acceptable performance, memory, binary size and minimal stability impact."

And last, but not least, Google also said it plans to explore using "safe" languages, where possible. Candidates include Rust, Swift, JavaScript, Kotlin, and Java.

The official COVID-19 contact-tracing app for the state of North Dakota, designed to detect whether people have potentially been exposed to the coronavirus, sends location data and a unique user identifier to Foursquare -- and other data to Google and a bug-tracking company -- according to a new report from smartphone privacy company Jumbo Privacy. From a report: The app, called Care19, and produced by a company called ProudCrowd that also makes a location-based social networking app for North Dakota State sports fans, generates a random ID number for each person who uses it. Then, it can "anonymously cache the individual's locations throughout the day," storing information about where people spent at least 10 minutes at a time, according to the state website. If users test positive for the coronavirus, they can provide that information to the North Dakota Department of Health for contact-tracing purposes so that other people who spent time near virus patients can potentially be notified. According to the app's privacy policy, "location data is private to you and is stored securely on ProudCrowd, LLC servers" and won't be shared with third parties "unless you consent or ProudCrowd is compelled under federal regulations."

Edison Mail has rolled back a software update that apparently let some users of its iOS app see emails from strangers' accounts. From a report: Several Edison users contacted The Verge to report seeing the glitch after they applied the update, which was meant to allow users to sync data across devices. Reader Matthew Grzybowski said after the update he had more than 100 unread messages from the UK-based email account of a stranger. He didn't have to enter any credentials to see the emails, Grzybowski added. The company said it was a bug, not a security breach, and that the issue appeared limited to users of the iOS app.

"Doom Eternal has become the latest game to use a kernel-level driver to aid in detecting cheaters in multiplayer matches," reports Ars Technica: The game's new driver and anti-cheat tool come courtesy of Denuvo parent Irdeto, a company once known for nearly unbeatable piracy protection and now known for somewhat effective but often cracked piracy protection. But the new Denuvo Anti-Cheat protection is completely separate from the company's Denuvo Anti-Tamper technology... The new Denuvo Anti-Cheat tool rolls out to Doom Eternal players after "countless hours and millions of gameplay sessions" during a two-year early access program, Irdeto said in a blog post announcing its introduction. But unlike Valorant's similar Vanguard system, the Denuvo Anti-Cheat driver "doesn't have annoying tray icons or splash screens" letting players monitor its use on their system. "This invisibility could raise some eyebrows," Irdeto concedes.

To assuage any potential fears, Irdeto writes that Denuvo Anti-Cheat only runs when the game is active, and Bethesda's patch notes similarly say that "use of the kernel-mode driver starts when the game launches and stops when the game stops for any reason...."

"No monitoring or data collection happens outside of multiplayer matches," Denuvo Anti-Cheat Product Owner Michail Greshishchev told Ars via email. "Denuvo does not attempt to maintain the integrity of the system. It does not block cheats, game mods, or developer tools. Denuvo Anti-Cheat only detects cheats." Greshishchev added that the company's driver has received "certification from renown[ed] kernel security researchers, completed regular whitebox and blackbox audits, and was penetration-tested by independent cheat developers." He said Irdeto is also setting up a bug bounty program to discover any flaws they might have missed.

And because of Denuvo Anti-Cheat's design, Greshishchev says the driver is more secure than others that might have more exposure to the Internet. "Unlike existing anti-cheats, Denuvo Anti-Cheat does not stream shell code from the Web," Greshishchev told Ars. "This means that, if compromised, attackers can't send down arbitrary malware to gamers' machines...."

If a driver exploit is discovered in the wild, Greshishchev told Ars that revocable certificates and self-expiring network keys can be used as "kill switches" to cut them off.