Posts on cristianrz

Reverse Engineering the Anticheat on a Private MMO Server

Thu, 11 Jun 2026 10:24:39 +0100

I play on a private Aion server. For those unfamiliar, Aion is an MMO from 2009 that NCSoft has largely abandoned in the West, but a community of private servers keeps it alive. The server I play on uses a third-party anticheat called Active Anticheat, a commercial product sold to private server operators by a developer in Warsaw.

I got curious about what it actually does to my machine. A few evenings with Wireshark, Procmon, Ghidra, and pefile later, here’s what I found.

An Analysis of GrapheneOS's Server Infrastructure

Sun, 31 May 2026 00:00:00 +0000

I was poking around the GrapheneOS infrastructure repo last week, just curious how they build things. First thing I noticed: every single server runs Arch Linux. DNS nodes, mail servers, the lot. You can verify it directly — every package list includes pacman-contrib and pacutils, which are Arch-specific and don’t exist on any other distro. The deploy-initial-vps script checks for the Arch ISO before doing anything else: ssh $remote '[[ $(grep IMAGE_ID /etc/os-release) = "IMAGE_ID=archlinux" ]]'. Arch on a server is unusual. I kept reading.

The Reboot Problem: Why Most Operating Systems Can't Defend Against a Compromised Root

Fri, 22 May 2026 11:36:38 +0100

Assume malware has run on your machine and obtained root. After a reboot, is it still there? For most operating systems the answer is yes. The OS itself offers no structural resistance once root is obtained — it can write to system directories, replace binaries, install kernel modules, modify boot configuration. None of this requires exploiting a vulnerability. It’s just what root can do by design.

The threat we’re reasoning about throughout is specifically this: malware that has obtained root and wants to survive a reboot at the OS level. Not keyloggers in ~/.bashrc — those are a different layer. Can the base OS be modified without detection, and will those modifications persist?

Console security principles and why PC is still catching up

Sat, 30 Aug 2025 14:16:40 +0100

Consoles have a pretty remarkable track record. The PS5 and Xbox Series X have been out for years and neither has a public jailbreak. Meanwhile on PC, kernel-level cheats, rootkits, and firmware-level malware are a constant concern that entire security teams spend careers fighting.

That’s not a coincidence. Console manufacturers made a set of deliberate architectural decisions that PC security has only started seriously borrowing from in the last decade — and some of it still hasn’t landed properly.

Securing Your Homelab: Navigating the Complexities of Remote Access and Trust

Mon, 13 Mar 2023 00:00:00 +0000

Trying to set up my homelab and have it be reachable from the internet I had serious problems getting to where I wanted to be, although I never expected it was going to be that difficult.

Being very pro-privacy pro-security my goals where:

Access my services from anywhere, including my phone
Create trust between server and client that doesn’t involve 3rd parties, ideally trust on first use. Assume all middle-men are compromised.
Have end to end encrypted connections.
Clients can only talk to services once I know they are clients who I trust.
Have a usable latency/bandwidth.
Setup once/work forever. The kind of thing I would install on my mom’s devices so she can use my Nextcloud instance forever.
Assume services security is flawed and they need a gatekeeper.

Now, the options I considered and why I don’t think any of them are viable.