diff --git a/main.go b/main.go
index c0a6b10..9091e21 100644
--- a/main.go
+++ b/main.go
@@ -471,7 +471,11 @@ func transformCompile(args []string) ([]string, error) {
 
 	blacklist := buildBlacklist(files, info, pkg)
 
-	if envGarbleLiterals {
+	// unsafe.Pointer is a special type that doesn't exist as a plain Go
+	// type definition, so we can't change its name.
+	blacklist[types.Unsafe.Scope().Lookup("Pointer")] = struct{}{}
+
+	if envGarbleLiterals && privatePkg {
 		files = literals.Obfuscate(files, info, fset, blacklist)
 	}
 
@@ -577,11 +581,29 @@ func transformCompile(args []string) ([]string, error) {
 	return append(flags, newPaths...), nil
 }
 
+var blacklistedPackages = [...]string{
+	// Hardcoded variables and methods names
+	"runtime",
+
+	// Constants in asm code
+	"internal∕cpu",
+	"internal/bytealg",
+}
+
 // isPrivate checks if GOPRIVATE matches path.
 //
 // To allow using garble without GOPRIVATE for standalone main packages, it will
 // default to not matching standard library packages.
 func isPrivate(path string) bool {
+	println(path)
+	for _, blacklistedPackage := range blacklistedPackages {
+		if path == blacklistedPackage || strings.HasPrefix(path, blacklistedPackage+"/") {
+			return false
+		}
+	}
+	if strings.HasPrefix(path, "runtime") || path == "internal/cpu" {
+		return false
+	}
 	if path == "main" || path == "command-line-arguments" || strings.HasPrefix(path, "plugin/unnamed") {
 		// TODO: why don't we see the full package path for main
 		// packages? The linker has it at the top of -importcfg, but not
diff --git a/testdata/scripts/goprivate.txt b/testdata/scripts/goprivate.txt
index 599d5fb..9068c69 100644
--- a/testdata/scripts/goprivate.txt
+++ b/testdata/scripts/goprivate.txt
@@ -4,9 +4,8 @@ stderr 'does not match any packages'
 
 [short] stop
 
-# TODO: https://github.com/mvdan/garble/issues/108
-# env GOPRIVATE='*'
-# garble build  -o bin ./standalone
+env GOPRIVATE='*'
+garble -literals build  -o bin ./standalone
 
 -- go.mod --
 module test/main