<p>Electronic music rhythm game Spin Rhythm XD recently added Linux / Steam Deck support <a href="https://www.gamingonlinux.com/2025/04/electronic-music-rhythm-game-spin-rhythm-xd-recently-added-linux-steam-deck-support/" target="_blank" rel="nofollow noopener" translate="no"><span class="invisible">https://www.</span><span class="ellipsis">gamingonlinux.com/2025/04/elec</span><span class="invisible">tronic-music-rhythm-game-spin-rhythm-xd-recently-added-linux-steam-deck-support/</span></a></p><p><a href="https://mastodon.social/tags/SpinRhythmXD" class="mention hashtag" rel="tag">#<span>SpinRhythmXD</span></a> <a href="https://mastodon.social/tags/Linux" class="mention hashtag" rel="tag">#<span>Linux</span></a> <a href="https://mastodon.social/tags/SteamDeck" class="mention hashtag" rel="tag">#<span>SteamDeck</span></a></p>

<p>OH: (girl browsing malwarebazaar) &quot;I feel like I&#39;m doomscrolling my Steam library&quot;</p>

<p><span class="h-card" translate="no"><a href="https://akko.chir.rs/users/charlotte" class="u-url mention">@<span>charlotte</span></a></span> i assume they smoke crack</p>

<p><span class="h-card" translate="no"><a href="https://akko.chir.rs/users/charlotte" class="u-url mention">@<span>charlotte</span></a></span> yeah you could just replace one java function with a nop</p>

<p><span class="h-card" translate="no"><a href="https://labyrinth.zone/users/Rairii" class="u-url mention">@<span>Rairii</span></a></span> i was aware of vmprotect etc but this is the first time i&#39;ve encountered one in the wild and dug into it</p>

<p>fairly sure i could automate reverse-engineering it by applying a first Futamura projection (basically, unroll the loop body and constant-propagate until done) but it really wasn&#39;t worth it</p>

<p>i reverse-engineered a significant chunk of it but then i realized it&#39;s literally just there to encrypt crash logs. then i decided to do literally anything else with my time</p>

<p>i found something called libEncryptorP.so in an Android binary and it uses an interesting method of obfuscation: it replaces a function with basically a CPU emulator for a fantasy CPU and then runs it on a program stored in .rodata or something</p><p>it&#39;s quite cute, at first it looked incomprehensible but it has 32 registers, a 6-bit opcode field, and 16 bits of random stuff (flags, etc) which it extracts out of a 32-bit instruction word and dispatches in a loop</p><p>made by ByteDance apparently</p>

<p><span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> That would make a lot more sense.</p>