Now if only they could more clearly communicate when games are playable offline.
You must log in or register to comment.
god damn right!
Can someone explain like I’m stupid on kernel level anti cheat and why I should watch out for it? Not a dig at all, a genuine question!
deleted by creator
It’s not just trust of the game developer. I honestly believe most of them just want to put out profitable games. It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.
There was some old article about how a black hat found a vulnerability in a signed virtual driver used by Genshin Impact. So, they deployed their whole infection package together with that plain driver to computers that had never been used for video games at all; and because Microsoft chose to trust that driver, it worked.
I wish I could find an article on it, since a paraphrased summary isn’t a great source. This is coming from memory.
It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.
That’s not an accurate description of the exploit you describe. It sounds like the attacker bundled a signed and trusted but known vulnerable version of the module, then used a known exploit in that module to run their own unsigned, untrusted code with high privileges.
This can be resolved by marking that signature as untrusted, but that requires the user to pull an update, and we all know how much people hate updating their PC.
Not all anti cheats run at startup. Some only run when you play a game. I think vanguard for valorant ran all the time at first and people were pissed. Meanwhile easy anti cheat runs only with a game. So it depends. It all sucks though.
deleted by creator
And it’s worth noting that trusting the game developer isn’t really enough. Far too many of them have been hacked, so who’s to say it’s always your favorite game developer behind the wheel?
Or, even better, when you let a whole bunch of devs have acces to the kernel…
… sometimes they just accidentally fuck up and push a bad update, unintentionally.
This is how CrowdStrike managed to Y2K an absurd number of enterprise computers fairly recently.
Its also why its … you know, generally bad practice to have your kernel just open to fucking whoever instead of having it be locked down and rigorously tested.
Funnily enough, MSFT now appears to be shifting toward offering much less direct access to its kernel to 3rd party software devs.
Thank you! Really clear and appreciate you taking the time to explain!
More importantly, if traditional anticheat has a bug, your game dies. Oh no.
If kernel level anticheat has a bug, your computer blue screens (that’s specifically what the blue screen is: a bug in the kernel, not just an ordinary bug that the system can recover from). Much worse. Sure hope that bug only crashes your computer when the game is running and not just whenever, because remember a kernel-level program can be running the moment your computer boots as above poster said
Easy, a bug in battle eye forced me to reinstall windows, this kernel access has to go.
Making it super simple, it runs with full access on your machine, always. It can fuck anything up, and see everything. It can get your browser history, banking details or private messages you enter, activate your webcam or mic without you knowing, or brick your computer even.
And you can’t even check what it’s really doing on your computer because it’s a crime under US law.
Finally, it can get hacked and other people than the creator can do all these to your computer as well,as it already happened once.
And you can’t even check what it’s really doing on your computer because it’s a crime under US law.
Is this specifically for kernel level anticheat? Because this isn’t a thing for software in general right??
It’s a thing for any measure said to enforce copyright under the DMCA.
So it’s a thing for most proprietary software.
If anything reverse engineering is more permissible in the USA than many other places, IIRC
Not if you’re running afoul of the DMCA.
Also, the most games that don’t work in linux is for this reason (and steamdeck works in linux)
Imagine a game having higher privileges than what you get with “Run as administrator”
Nice.
FYI - the owner of this site, gamingonlinux, was a mod on the [email protected] community until they were caught abusing their moderator powers. Then they deleted their account and complained on mastodon that it’s stupid design that mod logs are public. [Screenshot]
Instead, here’s a link to the official post https://steamcommunity.com/groups/steamworks/announcements/detail/4547038620960934857
As he said, modlogs are public, and it seems like other user retreived the trace of what you call an “abuse of power” : https://sopuli.xyz/comment/12732467 .
It is in his right as a moderator to chose how he moderate the communities he has the right to. If he finds your comment pedantic and annoying, and chose to remove it, so be it.
I’m not taking sides here. I don’t know the whole story, and I doubt anyone else here does. With the little context provided, It’d be hard to take knowingly a side.
But in both case, this is textbook harassement as you are copy-pasting this comment on every community this is posted on. This community has a pretty clear rule against harrassement (rule 2), which you are breaching, offense for which I’ll use my g… mod given right of banning you for the time being (I’ll re-evaluate tomorrow when I’ll be less tired).
Edit : After talking with OP via PM, a ban of 7 days was issued
I really don’t see a need to drag community drama everywhere. GoL is one of the biggest aggregator blogs out there for… linux gaming. Whether we should prioritize original sources over aggregators is a different discussion.
But yeah. Liam is great for news aggregating but he is 100% the stereotypical linux gamer and has a long history of starting random shit. Still annoyed by how fast he got everyone to shit on the Duckstation devs because they didn’t want to be exploited.
Being a big(“great”) news aggregator doesn’t excuse bad behavior.
Are you the lemmy cops? Is it your responsibility to chase any link to someone’s website across every instance and make sure people know they are a bit of a jackass?
If you think GoL should be a banned source, take it up with the various moderators. If you think only primary sources should be allowed (which I actually agree with), that is also a discussion to be had.
But rushing in to berate people for linking to one of the most popular news aggregators for a story that people would be interested in because you don’t like the guy who owns that site? All you are doing is discouraging people from making posts in the future.
Which is the problem with dragging community/subreddit drama everywhere you go. It just makes the site a much more hostile place for everyone. And we really aren’t big enough to be doing that.
🚨 🚨 🚨 FREEZE! STOP RIGHT THERE!! 🚨 🚨 🚨
As the official lemmy police I am arresting you for defending a mad lad caught abusing powers. You do not have to say anything. But, it may harm your defence if you do not mention when questioned something which you later rely on in court. Anything you do say may be given in evidence.
Jokes aside… I do think people should be allowed to post opinions an discuss other peoples behavior. Gol dude was caught abusing his powers, which is a disgusting thing to do, personally don’t mind him being called out for that in a post here and there. It’s not an attack on the poster, it’s a reminder to folks who the guy really is.
I’m all for the truth, no matter who it is.
Wow, mad because you can be held accountable. That’s sad.
Thanks for the steam link!
He used to relentlessly spam the /r/linux_gaming subreddit and argue with people there too until he deleted his reddit account lol
He’s still on Reddit
He would make another account account
Yes he said he made an alt but I think his main is still active? Not sure.
I was going to ask why the thumbnail on this post is a hexagon shaped bear, but your comment explains it well enough.
the thumbnail is a hexagon bear because it’s the logo for easyanticheat, the most recogniseable anticheat
Well thats somewhat unnerving.
You will love the spyware bear.
4 likes on him complaining that modlogs being public is something bad, cowards that only want to be shitty in the shadows.
I’m still fairly new. Where do I go for modlog drama?
There is a sub for sanity checking mod actions, aita-style.
If you keep in mind it is for active unconfirmed situations, and that votes there are not meant to mark the cases of mod abuse, I think it can fill that niche.
Probably a pessimistic take, but I don’t expect this to have any discernable impact on sales, or any other effects that would discourage publishers from these practices. The average user doesn’t care about or understand how these things work; they’ll see an anti-cheat warning on the store page and think “Okay, tell the colonel I’ll be on my best behavior then” and continue to buy the game.
It will benefit those that care and won’t negatively impact the experience for those that don’t.
Win, win.
I bought Sea of Thieves about 5 years ago. Recently, they added kernal-level anticheat (which does precisely fuck-all to actually stop cheating). While that is annoying, I’m not particularly worried because the studio that makes that game is owned by Microsoft, and like all Microsoft products, it was banished to my windows partition with the rest of the spyware.
Well… kernel level software can access everything on your computer. That includes other partitions and unmounted drives
Anything sensitive is encrypted and I never decrypt it while running windows.
Only if those other partitions are not encrypted. Sure, it could still wipe them - but that’s something that backups are good for, and something you would certainly notice immediately :)
Easy Anti Cheat - requires manual removal
Wait, so this sketchy, privacy-invading stuff remains even after a game is uninstalled?! I had no idea.
How is this stuff not classed as malware at this point?
Plenty of games use it, if it uninstalled with each one then others would stop working.
Oh it was initially classed as insanely intrusive malware when kernel level AC was introduced about a decade ago, by anyone with a modicum of actual technical knowledge about computers.
Unfortunately, a whole lot of corpo shills ran propaganda explaining how actually its fine, don’t worry, its actually the best way to stop cheaters!
Then the vast, vast majority of idiot gamers believed that, or threw their hands up and went oh well its the new norm, trying to fight it is futile and actually if you are against this that means you are some kind of paranoid privacy freak who hates other people having fun.
Wikipedia says malware is
any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user’s computer security and privacy
It does not do any of these things. Like any software, it may have vulnerabilities, and being a kernel module it can be high risk. But that’s no different from any kernel module, like your graphics driver.
It’s a much higher risk than average because games are often abandoned within one year of release and still run as long as 10-15 years later and connects to the internet and other randos on the internet. See the Call of Duty games that allow you to take over the computer of anyone who connects to your online match. It greatly degrades the security of its users.
Technically lots of things people call “malware” don’t actually do any of those things. For instance they may hijack your default search engine, pop up ads, or otherwise monetize your computer at your expense. The category that was invented by ass coverers is “possibly unwanted program” but outside of those who worry about being sued by scumbags people colloquially refer to both what you call malware AND PUPs as "malware the root of which is “bad” after all. Language being descriptive not prescriptive I think this broader definition of malware is fine.
EAC installation process includes “registration” of a game, and the uninstall process “unregisters” the game. If all games using EAC are uninstalled, EAC itself also should be uninstalled.
I’ve been shouting from the rooftops for years that this stuff is malware. I’m not the only one. No one listens.
Do you remember when Sony released cds that when inserted into Windows computer auto ran an installer that installed a rootkit that made it impossible for Windows to see any processes or files that started with a certain sequence of characters instantly turning any malware that named its files or processes similarly powerful rootkit. Oh and it installed a cd driver that made it impossible to copy their music.
Suggested removal was a full reinstall of windows.
That’s awesome! GTA V just screwed everyone on Linux! What a rug pull.
Adding kernel malware after the fact should entitle every single owner who requests one to a full refund no matter how long has passed.
That’s exactly what Valve did. The automated refund system wasn’t available, but you could request a manual review and cite the added anti cheat; Valve was refunding those who did so.
I don’t think that’s fair. I “own” GTA5 and don’t really care for the last… 8 years? what they add. I had the full content of my purchase. Why should I be able to gain money for this?
Don’t be pieces of shit and you won’t owe refunds.
In a just world people would be going to prison for it.
Full agree. I do want some kind of policy for games that introduce anti-cheat both during early access and after release. Bricking a game you paid for should offer some sort of recourse.
I’d really like Valve to take an official policy on post-release changes that break games, but for what it’s worth they have not given me any hassle with refunds in these scenarios.
Yup. If it’s important enough that devs now have to add a disclaimer on the store page, surely devs shouldn’t be allowed to circumvent that by adding it later. Since SteamDeck customers are affected by this the most, it’s weird that this isn’t already a rule, particularly for games that are SteamDeck verified.
Valve was giving refund when riot added the anticheat
Are there Riot games on Steam?
They publish their single player games to steam. Don’t know about any of their multiplayer ones though.
I believe those are games made by other studios with the League IP and published by Riot. AFAIK there’s no reason for them to have anticheat.
That should be any update if you can’t play the previous one
I wish Valve would just ban them. It’s weird to have something that looks like pure malware in a Game store.
Luckily Valve seems to believe in freedom of decision for their users so they won’t do this. There are kernel level cheats so there are kernel level anticheats. Obviously anticheats are mostly lame in what they do so it would probably be better for them to not be kernel level. Still there are “pure malware” anticheats and Valve thinks it’s up to the user to decide if they want one, their job is to inform the user. And that’s the best approach here in my opinion.
They will be gone with time, but not because anything that Valve does. Microsoft is locking down the kernel after the CrowdStrike debacle. In a few years it will be impossible to run any custom kernel code.
Is this a Linux problem? I’ve never had to look for this detail before in Windows.
It does prevent Linux compatibility, but even if it didn’t, it’s a computer security problem, for those who care. You’re essentially allowing different game companies to install a rootkit on your computer so you can play a video game.
You’re essentially allowing different game companies to install a rootkit on your computer so you can play a video game.
Put like that, makes it even more obvious how insanely stupid slash desperate slash addicted some gamers are, doesn’t it?
Most gamers don’t know that easy anti-cheat is a rootkit to begin with.
Mostly, and even some Windows users don’t want to install software that has such a great amount of permission over the entire system just for a game’s anti-cheat.
It’s nice that users can now know beforehand if a game uses such software. Avoids refunds.
Unless, of course, they add it months after release drastically limiting your chances of refunding (looking at you EA WRC 2024 😡)
That sucks : (
If they change the deal they should have to offer refunds. This makes it an expensive choice after the fact.
No its common for anti-cheat on Windows to have full root permission to your entire system Windows users are just on average less intelligent, less concerned about privacy, and, more ignorant about technology. This doesn’t mean using Windows makes you stupid its just the OS of choice for the stupid and ignorant.
Holy logical fallacy batman. Ad hominem much?
Any program having kernel level access is spyware. This is getting ridiculous.
Vanguard anticheat…
I do everything important like banking etc on a separate device that isn’t my gaming PC. This has been quite liberating since I worry less about invasive anti-cheat, drm etc. I realize not everyone wants to do this but it’s been a nice compromise.
For me anything important is done in the browser (very rarely) and mostly on the phone.
That’s one way to do it, but I worry less about those things by not supporting them with my time and money.
However, it’s only being forced for kernel-level anti-cheat. If it’s only client-side or server-side, it’s optional, but Valve say “we generally think that any game that makes use of anti-cheat technology would benefit from letting players know”.
I will always love Valve for their ability to use corpospeak against corpos.
Your game has anti-cheat?
Wonderful!
I’m sure that always only results in an improved experience for all gamers, lets let them all know!
=D
How does vac play into all of this then …
Edit: I was talking about them labeling vac games as being anti cheat… And wondering if they were going to pull some double standard… I didn’t know they label them already and still don’t know if they do…
It doesn’t run at the kernel level?
VAC is not kernel level, because surprise you don’t actually need kernel level to do anti cheat well.
VAC games would just get the standard AC message banner, not the scary yellow kernel level warning banner.
… I am pretty sure VAC games have indicated on their store page that they use VAC for well over a decade.
you don’t actually need kernel level to do anti cheat well.
I’m sure you’re right, but VAC is one of the worst examples for that… I think whatever Blizzard does with Overwatch 2 is a better example.
I would love to see any kind of documentation that can somehow prove OW2’s AC is better than VAC, something that isn’t based on vibes or immediacy bias.
I sure wish there was some empirical study regarding the same too. I’m very much going by anecdotal evidence from myself and others right now
So … your previous assertion that OW2’s AC is superior to VAC was in fact just based on vibes.
Anti Cheat developers typically do not like to explain how exactly they work, how effective they actually are.
Their data is proprietary, trade secrets.
There will almost certainly never be a way to actually conduct the empirical study you wish for, save for (ironically) someone hacking into the corporate servers of a bunch of different anti cheat developers to grab their own internal metrics.
But that should be obvious to anyone with basic knowledge of how Anti Cheats work, both technically and as a business.
… None of that matters to you though, you have completely vibes based anecdotes that you confidently state as fact.
Please stop doing that.
When someone has no clue what they’re talking about, but confidently makes a claim about a situation because it feels right, this is typically called misinformation.
I mean, anybody could verify it by spending a few hours each on the respective games… But yes, any empirical data would be nice. For example, a study on the amount of blatant hackers found on lobbies joined in comparable ranks. Anyway, this isn’t exactly misinformation to anybody who has played both games at any decent rank. It’s unproved but immediately discernible information. Take that how you will, i don’t really intend to argue about this here. This kind of pointless argument is the worst thing about Lemmy.
deleted by creator
W steam/valve
