Games publishers have been bad actors in this space for a long time now. The genshin impact anticheat was used in a malware campaign. Rockstar was very misleading trying to imply their kernel driver not being compatible with the steam deck was valves fault.
I can't play certain games, because they don't run on Linux and even if they did, I am not gonna install a rootkit to run them.
Early first-person shooter games had this figured out (small servers with 20-30 regular players, the server admin could choose to ban you), RTS games have this figured out, many MMOs have this figured out (interact with non-friends sometimes, but they have to 'join your party', etc.)
Playing with random strangers on the internet who may want to grief/destroy your game, be incredibly toxic, or cheat against you in general.. that's the cost of playing with random people in a completely public forum.
Nah. Consoles were a decade late to the online gaming party, and online gaming on consoles (counting Xbox Live as the first concerted attempt) has only been around half as long as consoles as a product segment have existed.
The sibling comment makes a point about anonymity, I find these discussions interesting in comparison with the only online competitive game I play these days. It's Tekken, and neither the current rendition nor the previous one had any real form of anti-cheat. For the current Tekken 8, supposedly some players have been banned after manual review from the company of replay data, which of course doesn't scale. But at the same time it doesn't really matter. Cheaters don't seem to be that prevalent, their ability to spoil the experience of a match is limited by the fact that matches are short, and people can spoil the experience in non-cheating ways like plugging, lag switching, using a weak computer, and for some sensitive players they'll get unreasonably upset by ki charging/teabagging/taunting/continuing an attack after KO. The status of the highest rank is also not that much -- the most status comes from performing well at the big in-person tournaments, where it's going to be harder to cheat and players are somewhat de-anonymized. If the positive incentives to cheat are minimized in the first place, you don't need so many negative incentives like rootkits.
(It always amazes me how custom controllers and even keyboards are allowed in fighting game tournaments, officially certain macros are banned and at least for Street Fighter certain modes of leverless controllers got banned, but it'd be hard to perfectly enforce. And it's been hilarious to see the increasing use of fake buttons or controller-hiding covers/jackets because it was assumed some players were able to see inputs out of their peripheral vision before they were registered in-game and adjust.)
Could I run windows as a VM guest under Linux and play Fortnite in that (with good GPU performance)? I don’t mind their rootkit running on some dedicated VM - I’ll just consider it my Fortnite unikernel.
(I’m also ok with the host OS being Windows or MacOS).
In practice, I'd settle for a peer Windows OS, like the WSL2 kernel, with the rootkit seperate from my main work one. Can I run two copies of Windows simultaneously as peers?
You basically let your guest OS use your GPU instead of the host.
Installing some random anti-cheat kernel driver is not the same thing, at all.
User space applications can't access hardware or physical memory. They can't bypass permissions enforced by the OS. None of that applies to hardware or kernel drivers.
> This isn’t giving us any surveillance capability we didn’t already have. If we cared about grandma’s secret recipe for the perfect Christmas casserole, we’d find no issue in obtaining it strictly from user-mode and then selling it to The Food Network. The purpose of this upgrade is to monitor system state for integrity (so we can trust our data) and to make it harder for cheaters to tamper with our games (so you can’t blame aimbots for personal failure).
When you install a hardware device you are trusting the manufacturer with full access to your machine, so installing a driver does not give them any more powers. You have already "unlocked the door".
When you install a game that runs on user space you are not trusting the vendor nearly as much as you are trusting a hardware manufacturer. Installing a kernel anti cheat is granting them a level of trust and access to your machine that they didn't have before.
Most people that use Nvidia. I specifically don't buy Nvidia graphics cards or laptops that use them in my Linux computers because they're not in-tree.
Back then I migrated to Archlinux and in all these years I only had problems with nvidia. Since then they are dead to me :)
- This is an abnormal case. Most hardware will work with in-tree drivers. Indeed, few vendors provide out-of-tree drivers for Linux.
- Nvidia is an established and reputable source. We aren't talking about some small hardware developer who doesn't have the resources to create secure drivers.
- Most Nvidia cards have in-tree drivers. There is a loss in performance, but the option usually exists.
The driver is just what the developers say it is (as with all other anti-cheat). It provides an untempered interface for the userland anti-cheat to use to get info from the kernel. Because modern cheats tend to alter the output of kernel syscalls by running in the kernel themselves.
I really don't see why anyone needs to think it's anything more than that.
If Tencent needed to spy on you so badly there's no reason kernel anti-cheats need anything to do with it...
They expose a kernel API to allow games to verify the state of the system, and they're knowingly installed by the user.
And that API has root access... thus it's a rootkit.
The real solution, and not the hack Riot uses, is for Kernel to provide an API for anticheats, like it does for everything useland.
Can you give examples of games where you do that?
I mean, nothing of this is new. ESEA, one of the most influential esports leagues, was caught using its anticheat to mine Bitcoin in 2013. [1] This is long out of control, probably since the days BattlEye switched to ring0 in 2012 due to chronic cheating in the DayZ mod, or maybe earlier. Modern anticheats are full-fledged rootkits with extremely complex and targeted payloads siphoning customer data and hijacking all sorts of stuff, and that's not a theory, they actively abuse players' trust and indifference.
If you care about your data and the control of your devices, you should probably avoid them entirely, or at least use them on dedicated gaming PCs on a clean identity, and keep them separate from your LAN and your non-gaming digital life.
You have a closed source rootkit designed for finding data in raw memory (like passwords from an unlocked password manager), loaded into many gamer's machines, which many software engineers are. Some anti cheat explicitly support's arbitrary remote code execution by design. Many people mix their personal password vaults with their company's, which means that if you successfully hack an anticheat company and you can read the raw memory of an opened password manager with a program that is already designed to scan all processes memory, you now potentially have extremely valuable credentials. A small portion will even do things like add their 2fac keys into their vaults.
Here is Gabe Newell's thoughts on AntiCheat that are very relevant to this thread: https://www.reddit.com/r/gaming/comments/1y70ej/valve_vac_an...
Of course the other problem is the 23andMe problem and enshitification. Even if the data uploaded by anti-cheat isn't used right now, the storage of data alone creates incentive for abuse.
Personally I find both unacceptable: I won't play a game that requires me to install a rootkit, and I won't play a game where cheaters and bots run rampant, ruining the fun for everyone.
So hopefully there's a solution to this that doesn't require a rootkit.
(in theory, GTA online has had / still has huge problems with bots and cheats but still earns the publisher hundreds of millions a year)
The solution is to build trusted spaces again IMO.
For video games assume that each user is trusted by default. As soon as they violate that trust by cheating, they are banned permanently for that copy of the game. If they want to be trusted again they have to buy another copy of the game to get another license. Make it hard to become a member of a trusted community and easy to be kicked out of a trusted community for violating trust. This would eliminate the vast majority of cheating and bots because most gamers are kids and having to buy a fresh copy will hit hard. If they abuse it enough, make them jump through more hoops like ip bans and computer fingerprint bans.
One could argue that a game isn't critical but one could say it's critical to stop hackers.
If you were to take the stance that gaming isn't critical than with that logic you're then claiming multiplayer hacking is a feature of the game.
Doesn't do well for the community or the company. But nor do the rootkits do good for the consumer.
Some cheats are getting rather sophisticated now. There's an ever-increasing number of Pi-devices where the cheating is done externally.
But nowdays the Valorant community complains about hackers almost as the CS community.
It's never critical to stop hackers in a videogame IMO. We need to stop being so damn serious about gaming.
Is it fun to be a non-cheater, and join a multi-player game where there are other players using software cheats that let them easily beat you every single time?
I'm pretty sure I would quickly stop playing that game, and demand the publisher refund my money. That's just not fun.
And that's just as a casual gamer. For people who compete and win prizes, endorsements, etc., the stakes are a bit higher.
I'm not saying kernel-level rootkits installed on everyone's machine is the answer, but letting people cheat isn't going to work either.
(I’d still lean towards expecting game houses to find another way, kernel drivers are still client side trust mechanisms).