Hacker News new | past | comments | ask | show | jobs | submit
throwaway48476 | on: Steam games will need to disclose kernel-level anti-cheat on store pages
When was the last time you had to install a Linux driver from out of tree?
db48x | parent
Most people do install Nvidia’s out‐of‐tree graphics driver. It is definitely a risk.
kelnos | root | parent | next
If you've already put a piece of hardware into your computer made by nvidia, installing a kernel driver also made by nvidia does not increase your risk at all.

Installing some random anti-cheat kernel driver is not the same thing, at all.

0x457 | root | parent
But you are not installing a random anti-cheat kernel driver, you're installing anti-cheat kernel driver provided by a game you've already put on your computer. It's very much the same thing.
screcth | root | parent
User space is not the same as kernel space.

User space applications can't access hardware or physical memory. They can't bypass permissions enforced by the OS. None of that applies to hardware or kernel drivers.

dwattttt | root | parent | next
I've always appreciated the forthrightness League of Legends deployed here (talking about introducing a kernel driver for anti-cheat: https://www.leagueoflegends.com/en-au/news/dev/dev-null-anti...):

> This isn’t giving us any surveillance capability we didn’t already have. If we cared about grandma’s secret recipe for the perfect Christmas casserole, we’d find no issue in obtaining it strictly from user-mode and then selling it to The Food Network. The purpose of this upgrade is to monitor system state for integrity (so we can trust our data) and to make it harder for cheaters to tamper with our games (so you can’t blame aimbots for personal failure).

0x457 | root | parent
Where did I say they are the same? We have a kernel-space thing (anti-cheat or gpu driver) and a user-space thing ((a game actually talks to both) that talks to a kernel-space thing.
loading story #42002158
Phrodo_00 | root | parent | next
> Most people do install Nvidia’s out‐of‐tree graphics driver

Most people that use Nvidia. I specifically don't buy Nvidia graphics cards or laptops that use them in my Linux computers because they're not in-tree.

OtomotO | root | parent | next
I am not using Nvidia since 2011. Last nvidia device was bought in 2007.

Back then I migrated to Archlinux and in all these years I only had problems with nvidia. Since then they are dead to me :)

II2II | root | parent | next
A few things to consider here:

- This is an abnormal case. Most hardware will work with in-tree drivers. Indeed, few vendors provide out-of-tree drivers for Linux.

- Nvidia is an established and reputable source. We aren't talking about some small hardware developer who doesn't have the resources to create secure drivers.

- Most Nvidia cards have in-tree drivers. There is a loss in performance, but the option usually exists.

coretx | root | parent
Those who do, choose to do so and generally take responsibility for their actions. It's not the same as tainting a kernel and just winging it.
vidarh | root | parent | next
It's a risk, but a very minor additional one - if you trust their hardware with direct access to your PCIe bus, you have already given them the metaphorical keys to the vault.
reissbaker | root | parent
Approximately no one with a Steam Deck installs Nvidia's out of tree graphics driver (because the Steam Deck is built on AMD).