From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1FybEg-0006Eq-3F
	for qemu-devel@nongnu.org; Thu, 06 Jul 2006 17:18:10 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1FybEd-0006DX-3o
	for qemu-devel@nongnu.org; Thu, 06 Jul 2006 17:18:09 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1FybEd-0006DU-0Y
	for qemu-devel@nongnu.org; Thu, 06 Jul 2006 17:18:07 -0400
Received: from [200.24.235.2] (helo=horus.tecnoera.com)
	by monty-python.gnu.org with esmtp (Exim 4.52) id 1FybEt-0005zH-Di
	for qemu-devel@nongnu.org; Thu, 06 Jul 2006 17:18:23 -0400
Received: from fw.aplik (pc-125-171-104-200.cm.vtr.net [200.104.171.125])
	by horus.tecnoera.com (Postfix) with ESMTP id B026A82A241A
	for <qemu-devel@nongnu.org>; Thu,  6 Jul 2006 16:46:41 -0400 (CLT)
Received: from pcdaniel.aplik (pcdaniel.aplik [192.168.0.4])
	by fw.aplik (8.12.11.20060308/8.11.6) with SMTP id k66KkeV5008212
	for <qemu-devel@nongnu.org>; Thu, 6 Jul 2006 16:46:41 -0400
Date: Thu, 6 Jul 2006 16:46:40 -0400
From: Daniel Serpell <daniel_serpell@yahoo.com>
Subject: Re: [Qemu-devel] Have any ideas about how to detect whether a
	program	is running inside QEMU?
Message-ID: <20060706204640.GA28903@aplik.cl>
References: <c13b6c000607052204x33217b2dw4a4f4f28b5c73ecd@mail.gmail.com>
	<1152168950.6324.302.camel@aragorn>
	<c13b6c000607060018y10cf5c8fwdce320e34fb0f333@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <c13b6c000607060018y10cf5c8fwdce320e34fb0f333@mail.gmail.com>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

Hi!

El Thu, Jul 06, 2006 at 03:18:14PM +0800, James Lau escribio:
> My program is a utility for internet payment. It takes an important role in
> the payment process to ensure security.  One of the key functions is that
> the program should detect which machine is paying. So while virtual machine
> (like QEMU) is present, it can cheat the program.
> Checking the hard disk model, cpu type, and other hardward informations
> makes little sense.  Because the users or the hackers can easily modify
> these informations. So I need a QEMU internal checking method that hackers
> can't easily bypass.
> 

Well, as others have argued, this is probably worthless.

But there is a way to detect virtual machines under x86, see
http://invisiblethings.org/papers/redpill.html

But if you run qemu without direct instruction copying, it won't
work (and qemu will run slower), because qemu will correctly
emulate the unprivileged instructions.

        Daniel.