Hacker News new | past | comments | ask | show | jobs | submit
0x457 | on: Steam games will need to disclose kernel-level anti-cheat on store pages
But you are not installing a random anti-cheat kernel driver, you're installing anti-cheat kernel driver provided by a game you've already put on your computer. It's very much the same thing.
screcth | parent
User space is not the same as kernel space.

User space applications can't access hardware or physical memory. They can't bypass permissions enforced by the OS. None of that applies to hardware or kernel drivers.

dwattttt | root | parent | next
I've always appreciated the forthrightness League of Legends deployed here (talking about introducing a kernel driver for anti-cheat: https://www.leagueoflegends.com/en-au/news/dev/dev-null-anti...):

> This isn’t giving us any surveillance capability we didn’t already have. If we cared about grandma’s secret recipe for the perfect Christmas casserole, we’d find no issue in obtaining it strictly from user-mode and then selling it to The Food Network. The purpose of this upgrade is to monitor system state for integrity (so we can trust our data) and to make it harder for cheaters to tamper with our games (so you can’t blame aimbots for personal failure).

0x457 | root | parent
Where did I say they are the same? We have a kernel-space thing (anti-cheat or gpu driver) and a user-space thing ((a game actually talks to both) that talks to a kernel-space thing.
screcth | root | parent
I understood that you were making an analogy between installing a piece of hardware and its associated kernel driver with installing a game and its associated kernel anticheat.

When you install a hardware device you are trusting the manufacturer with full access to your machine, so installing a driver does not give them any more powers. You have already "unlocked the door".

When you install a game that runs on user space you are not trusting the vendor nearly as much as you are trusting a hardware manufacturer. Installing a kernel anti cheat is granting them a level of trust and access to your machine that they didn't have before.

0x457 | root | parent
> When you install a game that runs on user space you are not trusting the vendor nearly as much as you are trusting a hardware manufacturer.

I'm not sure where this trust comes from. I absolutely do not trust any hardware vendor. I just have no choice here.