kernelwernel
commented
5 months ago I'll increase the threshold to 1500 then. Thanks for reporting on this :+1:
Closed fameowner99 closed 5 months ago
kernelwernel
commented
5 months ago I'll increase the threshold to 1500 then. Thanks for reporting on this :+1:
kernelwernel
commented
5 months ago 
fameowner99
commented
5 months ago But it is somekind of tradeoff. You don't know which exact value you need to check so it will be false positive or false negative. Maybe need to think about changing test logic.
kernelwernel
commented
5 months ago But it is somekind of tradeoff. You don't know which exact value you need to check so it will be false positive or false negative. Maybe need to think about changing test logic.
in all fairness, some techniques can have false positives in their design. That's why I added a certainty score of the RDTSC_VMEXIT technique to 35%. I could definitely lower it due to what you said, but I sort of need second opinions on what the new certainty score should be (maybe 15?)
I have slow windows PC and this test say that I am running VM but it's not true.
line 3271 | return (avg >= 1000 || avg == 0);
wrong because I have avg = ~1500.