You you do choose to release it, do it on codeberg because GitHub is Microsoft owned and has an incentive to remove it.

Ahoy matey, frrrrree the code

“Violat[ing] DRM policies” isn’t “misuse.” DRM itself is misuse of the machine owner’s property.

Anyway, you might have already foreclosed the possibility by talking about it on this Lemmy account if it can be traced back to you, but my suggestion would’ve been to release it as open source anonymously.

It really depends on if you think this is a genuine exploit or not. If it is, look up Microsoft’s track record on complying with disclosure and make yourself familiar with responsible disclosure guidelines.

If it’s not then you just need to look into the EULA of the specific windows parts affected, so they don’t pull your repository. Because that’s usually the biggest thing they do if you don’t specifically start fights with these companies.

Generally, you’re probably fine. If you want me to look over it I can give you my discord or fluxer or whatever. Not an expert, just a Cybersecurity enthusiast.

I’m no legal advisor. But my opinion is that it is possible for any code to be misused. If you have a legitimate use case for your own purpose that is compliant with the law, isn’t it possible that the screen capture protection code is (in that scenario) being misused?

Piracy will continue existing either you release that tool or not. I can’t see the concern related to this.

Also, I could just setup a virtual machine, open Windows on it and take a screenshot or record from the host machine, I don’t think Windows would be able to detect it.

You’ve probably created something that would be considered a DRM circumvention device under the DMCA, so possessing it would be illegal unless it’s covered by one of the exceptions. If you think it might be, then you’re probably in a legal grey area as there isn’t case law settling whether the exceptions override the parts about DRM circumvention, but it’s fairly widely accepted that they probably do - DRM-era console emulators like Dolphin rely on it being legal to bypass the games’ DRM in order to interoperate with other computer systems, and no one’s been brave enough to sue them for that interpretation yet.

If it is illegal, the most likely outcome is just that someone does a DMCA takedown request and GitHub would take it down and that would be the end of that, which is pretty much the same thing as would likely happen if anyone didn’t like it but it was legal, as it’s easy to submit takedown requests, but hard to appeal them if they’re unjustified.

Needs expert advice, so asks random strangers on Lemmy…

Just do it anonymously like the rest of the hackers. Use Tor, post the code to Pastebin or similar, share link on public forums with a burner account.

If you can find a way, so can “the bad guys™”. If you feel charitable towards MS do a “responsible disclosure” and inform them and agree to a release embargo, so they can fix it first; If you don’t, do a “full disclosure” and just publish =^_^=