Now if only they could more clearly communicate when games are playable offline.

  • sp3ctr4l
    link
    fedilink
    English
    133
    edit-2
    8 months ago

    However, it’s only being forced for kernel-level anti-cheat. If it’s only client-side or server-side, it’s optional, but Valve say “we generally think that any game that makes use of anti-cheat technology would benefit from letting players know”.

    I will always love Valve for their ability to use corpospeak against corpos.

    Your game has anti-cheat?

    Wonderful!

    I’m sure that always only results in an improved experience for all gamers, lets let them all know!

    =D

    • @[email protected]
      link
      fedilink
      English
      8
      edit-2
      8 months ago

      How does vac play into all of this then …

      Edit: I was talking about them labeling vac games as being anti cheat… And wondering if they were going to pull some double standard… I didn’t know they label them already and still don’t know if they do…

      • graff
        link
        fedilink
        English
        138 months ago

        It doesn’t run at the kernel level?

      • sp3ctr4l
        link
        fedilink
        English
        54
        edit-2
        8 months ago

        VAC is not kernel level, because surprise you don’t actually need kernel level to do anti cheat well.

        VAC games would just get the standard AC message banner, not the scary yellow kernel level warning banner.

        … I am pretty sure VAC games have indicated on their store page that they use VAC for well over a decade.

        • lastweakness
          link
          fedilink
          English
          78 months ago

          you don’t actually need kernel level to do anti cheat well.

          I’m sure you’re right, but VAC is one of the worst examples for that… I think whatever Blizzard does with Overwatch 2 is a better example.

          • sp3ctr4l
            link
            fedilink
            English
            38 months ago

            I would love to see any kind of documentation that can somehow prove OW2’s AC is better than VAC, something that isn’t based on vibes or immediacy bias.

            • lastweakness
              link
              fedilink
              English
              38 months ago

              I sure wish there was some empirical study regarding the same too. I’m very much going by anecdotal evidence from myself and others right now

              • sp3ctr4l
                link
                fedilink
                English
                2
                edit-2
                8 months ago

                So … your previous assertion that OW2’s AC is superior to VAC was in fact just based on vibes.

                Anti Cheat developers typically do not like to explain how exactly they work, how effective they actually are.

                Their data is proprietary, trade secrets.

                There will almost certainly never be a way to actually conduct the empirical study you wish for, save for (ironically) someone hacking into the corporate servers of a bunch of different anti cheat developers to grab their own internal metrics.

                But that should be obvious to anyone with basic knowledge of how Anti Cheats work, both technically and as a business.

                … None of that matters to you though, you have completely vibes based anecdotes that you confidently state as fact.

                Please stop doing that.

                When someone has no clue what they’re talking about, but confidently makes a claim about a situation because it feels right, this is typically called misinformation.

                • lastweakness
                  link
                  fedilink
                  English
                  28 months ago

                  I mean, anybody could verify it by spending a few hours each on the respective games… But yes, any empirical data would be nice. For example, a study on the amount of blatant hackers found on lobbies joined in comparable ranks. Anyway, this isn’t exactly misinformation to anybody who has played both games at any decent rank. It’s unproved but immediately discernible information. Take that how you will, i don’t really intend to argue about this here. This kind of pointless argument is the worst thing about Lemmy.

    • @[email protected]
      link
      fedilink
      English
      141
      edit-2
      8 months ago

      Adding kernel malware after the fact should entitle every single owner who requests one to a full refund no matter how long has passed.

      • TipRing
        link
        fedilink
        English
        478 months ago

        Full agree. I do want some kind of policy for games that introduce anti-cheat both during early access and after release. Bricking a game you paid for should offer some sort of recourse.

      • @[email protected]
        link
        fedilink
        English
        148 months ago

        That’s exactly what Valve did. The automated refund system wasn’t available, but you could request a manual review and cite the added anti cheat; Valve was refunding those who did so.

      • @[email protected]
        link
        fedilink
        English
        368 months ago

        I’d really like Valve to take an official policy on post-release changes that break games, but for what it’s worth they have not given me any hassle with refunds in these scenarios.

        • NekuSoul
          link
          fedilink
          English
          118 months ago

          Yup. If it’s important enough that devs now have to add a disclaimer on the store page, surely devs shouldn’t be allowed to circumvent that by adding it later. Since SteamDeck customers are affected by this the most, it’s weird that this isn’t already a rule, particularly for games that are SteamDeck verified.

      • @[email protected]
        link
        fedilink
        English
        18 months ago

        I don’t think that’s fair. I “own” GTA5 and don’t really care for the last… 8 years? what they add. I had the full content of my purchase. Why should I be able to gain money for this?

        • @[email protected]
          link
          fedilink
          English
          14
          edit-2
          8 months ago

          Don’t be pieces of shit and you won’t owe refunds.

          In a just world people would be going to prison for it.

          • @[email protected]
            link
            fedilink
            English
            38 months ago

            They publish their single player games to steam. Don’t know about any of their multiplayer ones though.

            • xep
              link
              fedilink
              38 months ago

              I believe those are games made by other studios with the League IP and published by Riot. AFAIK there’s no reason for them to have anticheat.

  • @[email protected]
    link
    fedilink
    English
    3428 months ago

    Ooh and it’s a giant yellow banner you probably won’t miss, and not some two-shades-ligher-than-the-background nonsense.

    Good job, Valve.

    • Pyr
      link
      fedilink
      English
      78 months ago

      If only they let you filter out games from being seen on your store page or showing up in recommendations using this as a criteria.

    • @[email protected]
      link
      fedilink
      English
      1098 months ago

      They do this with Early Access and people still lose their shit about empty content and unfinished graphics in a game they paid $10 for.

    • @[email protected]
      link
      fedilink
      English
      128 months ago

      Gamers don’t care

      If Valve was against this then they would block them from their store. This is avoiding legal consequences

            • @[email protected]
              link
              fedilink
              English
              2
              edit-2
              8 months ago

              I don’t care what the minority of people here say

              The most popular games use kernel anti cheat, kids think cheating is bad. And very few people even know what a kernel is, they will just think it means “cheating is impossible” even though it doesn’t do that at all

      • @[email protected]
        link
        fedilink
        English
        288 months ago

        That’s fair: most probably don’t.

        I appreciate a ‘this won’t work in Linux no matter what you do’ banner on things, though.

        • @[email protected]
          link
          fedilink
          English
          28 months ago

          I’ve been using some browser plugins for Steam that add ProtonDB information to each Store page, it’s a useful thing to have. It may even make sense to leave it as a plugin, since many Windows users won’t care.

      • DreamButt
        link
        fedilink
        English
        1628 months ago

        “”“gamers”“” aren’t a monolith

        Some people clearly care bc they are currently discussing it

        • @[email protected]
          link
          fedilink
          English
          5
          edit-2
          8 months ago

          Another “to be fair” - what do y’all reckon is the proportion of gamers who could define kernel? (not rhetorical)

          Edit: maybe not as good as a question as how many have any opinion on kernel-level anticheat, since you don’t need to be able to define kernel to be against the anti-cheat if you’ve heard it slows down games

        • @[email protected]
          link
          fedilink
          English
          28 months ago

          “””gamers””” aren’t a monolith

          That’s why some people discussing it aren’t going to do anything to dissuade the practice

          • @[email protected]
            link
            fedilink
            English
            248 months ago

            Games have been buried in negative reviews for less. We can’t tell in advance.

            But implying you know, and can speak for all people who play games is just bafflingly ignorant and conceited.

        • @[email protected]
          link
          fedilink
          English
          198 months ago

          Well to be fair, we’re like 1% of all gamers. Most gamers don’t give a flying fuck and will gladly buy these products anyway. So the companies don’t really have much incentive to give a shit.

          • @[email protected]
            link
            fedilink
            English
            218 months ago

            That’s why it’s a big disturbing banner where most gamers don’t understand the text but know that big disturbing banner is bad. Will it affect the sales? Not at all. But it will raise the problem(mostly Linux anticheat) to the higher standing people in the gaming companies than before because now they require those top level managers to make a decision is it big disturbing banner or Linux anticheat.

            • @[email protected]
              link
              fedilink
              English
              68 months ago

              I highly doubt this will do anything at all to sales. But I’m just guessing. Maybe it will. Hopefully! But I still applaud the change by Valve. I think it’s great.

              • @[email protected]
                link
                fedilink
                English
                88 months ago

                I don’t think the point is to do anything on sales. Valve profit from sales. It’s to raise the problem so now the managers have to decide on a scale how much they abuse the players. Before it wasn’t even a problem, now it’s Valve: “maybe you shouldn’t wink wink”

                • @[email protected]
                  link
                  fedilink
                  English
                  48 months ago

                  Well yea, I don’t think Valve wants to nuke their own sales, lol. I think they don’t want any devs doing any funny business and abusing anti cheat. That’s my guess.

      • Harvey656
        link
        fedilink
        English
        98 months ago

        I’m a gamer, and absolutely fuck these damn things. I still haven’t bought helldivers 2 yet. I refuse to compromise my system for their issues.

        • @[email protected]
          link
          fedilink
          English
          38 months ago

          If kernel level AC is a concern, you can play the game on Linux where “kernel” level AC runs at user level thru Wine

  • @[email protected]
    link
    fedilink
    English
    278 months ago

    Why is kernel-level anti-cheat even a thing?

    If I was trying to prevent cheating, I’d hash the relevant game files, encrypt the values, and hard-code them into the executable. Then when the game is launched, calculated the hash of the existing files and compare to the saved values.

    What is gained by running anti-cheat in kernel mode? I only play single-player games, so I assume I’m missing something.

    • SkavarSharraddas
      link
      fedilink
      178 months ago

      Modern cheats for multiplayer games don’t modify local files (or attribute values in memory), since the server validates everything anyway. They’re about giving you information that’s available but not shown in the game (like see-through walls, or exact skill ranges), or manipulate input (dodge enemy damage, easy combos). Those cheat can run in kernel mode (or at least evade detection from user mode), so the anti-cheat needs kernel mode to be more effective.

      • @[email protected]
        link
        fedilink
        English
        38 months ago

        If server validation was still a common practice (as it should be) then cheats wouldn’t come in the form of speed hacks, teleportation hacks, or invincibility. The traditional thing in CS that was hard to prevent is aimhacks and wallhacks. I respect that those are hard to prevent, but they can be much less impactful in modern hero shooters.

      • @[email protected]
        link
        fedilink
        English
        158 months ago

        since the server validates everything anyway

        Oh you sweet summer child.

        The server doesn’t validate shit, because that takes up CPU cycles on THEIR hardware, which costs them money. A huge part of kernel level anticheat is forcing YOU to pay the cost for anticheat, so they can squeeze a few more pennies out of it. And if your computer gets owned because they installed insecure, buggy malware on your system…? Well, they’ll just deny. After all, it’s kernel-level, how are YOU going to prove anything?

    • @[email protected]OP
      link
      fedilink
      English
      118 months ago

      They can prevent you from running cheats that other anti-cheats can’t detect. For instance, they could modify the value in memory so that your calculated hash always succeeds even when it’s modified. This doesn’t stop cheating though; it just means cheaters have to use cheat hardware that exists at a layer that even kernel anti-cheat can’t detect.

    • @[email protected]
      link
      fedilink
      English
      108 months ago

      And then a game gets updated so the hashes don’t match and uh oh, everything is fucked. Oh, but we can change the hashes of the files in the executable! Yeah, so can they. People modding shit into the executable is basically a given. Let alone the fact that you’d need to sit through a steam “validation of files” length of time every time you’d need to launch a game (because validation works exactly as you have described).

      What is gained is that it has access to more information. Some cheats use an entirely different program / process that reads memory and outputs info that is available to the game but hidden from the player. Like a client needs to know where a person on the other team is to be able to draw their model. So you read that, you put a little box over where they are, and bang you have wallhacks.

      • unalivejoy
        link
        fedilink
        English
        78 months ago

        I think the popular thing now is to mod your mouse so it clicks on the enemy player’s head.

    • @[email protected]
      link
      fedilink
      English
      538 months ago

      Because there are kernel-level cheats

      What you proposed can very easily be bypassed without even needing kernel access by just editing the executable code that checks hashes to always return true

      • sp3ctr4l
        link
        fedilink
        English
        08 months ago

        … Buuut you can still defeat Kernel level Anti Cheats.

        https://m.youtube.com/watch?v=RwzIq04vd0M&t=2s&pp=2AECkAIB

        Which means that you still have to end up relying on reviewing a player’s performance and actions as recorded by the game servers statistically via complex statistical algorithms or machine learning to detect impossibly abnormal activity.

        … Which is what VAC has been doing, without kernel level, for over a decade.

        All that is gained from pushing AC to the kernel level is you ruin the privacy and system stability of everyone using it.

        You don’t actually stop cheating.

        It is not possible to have a 100% full proof anti cheat system.

        There will always be new, cleverer exploitation methods, just as there are with literally all other kinds of computer software, which all have new exploits that are detected and triaged basically every day.

        But you do have a choice between using an anti cheat method that is insanely invasive and potentially dangerous to all your users, and one that is not.

      • @[email protected]
        link
        fedilink
        English
        108 months ago

        Boo freaking hoo.

        It’s not like there are so many other ways to cheat, actually used in many games with anticheats.

        We should all stop pretending it’s necessary to put malware into your computer just so some company can claim they have no cheaters, which is never even true.

        • xep
          link
          fedilink
          98 months ago

          The point of anti-cheat is to create a substantial barrier for cheating. If you have to go the extra mile to run an external hardware cheat so as to be “undetected” then surely this means the anti-cheat is working. If it were as ineffective as you imply, cheaters would be cheating on their main accounts.

  • @[email protected]
    link
    fedilink
    English
    698 months ago

    Easy Anti Cheat - requires manual removal

    Wait, so this sketchy, privacy-invading stuff remains even after a game is uninstalled?! I had no idea.

    How is this stuff not classed as malware at this point?

    • @[email protected]
      link
      fedilink
      English
      58 months ago

      Wikipedia says malware is

      any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user’s computer security and privacy

      It does not do any of these things. Like any software, it may have vulnerabilities, and being a kernel module it can be high risk. But that’s no different from any kernel module, like your graphics driver.

      • @[email protected]
        link
        fedilink
        English
        28 months ago

        It’s a much higher risk than average because games are often abandoned within one year of release and still run as long as 10-15 years later and connects to the internet and other randos on the internet. See the Call of Duty games that allow you to take over the computer of anyone who connects to your online match. It greatly degrades the security of its users.

        Technically lots of things people call “malware” don’t actually do any of those things. For instance they may hijack your default search engine, pop up ads, or otherwise monetize your computer at your expense. The category that was invented by ass coverers is “possibly unwanted program” but outside of those who worry about being sued by scumbags people colloquially refer to both what you call malware AND PUPs as "malware the root of which is “bad” after all. Language being descriptive not prescriptive I think this broader definition of malware is fine.

    • @[email protected]
      link
      fedilink
      English
      88 months ago

      I’ve been shouting from the rooftops for years that this stuff is malware. I’m not the only one. No one listens.

    • sp3ctr4l
      link
      fedilink
      English
      178 months ago

      Oh it was initially classed as insanely intrusive malware when kernel level AC was introduced about a decade ago, by anyone with a modicum of actual technical knowledge about computers.

      Unfortunately, a whole lot of corpo shills ran propaganda explaining how actually its fine, don’t worry, its actually the best way to stop cheaters!

      Then the vast, vast majority of idiot gamers believed that, or threw their hands up and went oh well its the new norm, trying to fight it is futile and actually if you are against this that means you are some kind of paranoid privacy freak who hates other people having fun.

    • @[email protected]
      link
      fedilink
      English
      58 months ago

      Do you remember when Sony released cds that when inserted into Windows computer auto ran an installer that installed a rootkit that made it impossible for Windows to see any processes or files that started with a certain sequence of characters instantly turning any malware that named its files or processes similarly powerful rootkit. Oh and it installed a cd driver that made it impossible to copy their music.

      Suggested removal was a full reinstall of windows.

    • @[email protected]
      link
      fedilink
      English
      38 months ago

      EAC installation process includes “registration” of a game, and the uninstall process “unregisters” the game. If all games using EAC are uninstalled, EAC itself also should be uninstalled.

  • @[email protected]
    link
    fedilink
    English
    668 months ago

    I feel like they’re doing this because they are going so hard with steam deck. Regardless, good on Valve for doing this.

  • @[email protected]
    link
    fedilink
    English
    178 months ago

    I bought Sea of Thieves about 5 years ago. Recently, they added kernal-level anticheat (which does precisely fuck-all to actually stop cheating). While that is annoying, I’m not particularly worried because the studio that makes that game is owned by Microsoft, and like all Microsoft products, it was banished to my windows partition with the rest of the spyware.

    • @[email protected]
      link
      fedilink
      English
      78 months ago

      Well… kernel level software can access everything on your computer. That includes other partitions and unmounted drives

      • @[email protected]
        link
        fedilink
        English
        68 months ago

        Only if those other partitions are not encrypted. Sure, it could still wipe them - but that’s something that backups are good for, and something you would certainly notice immediately :)

  • @[email protected]
    link
    fedilink
    English
    88 months ago

    I wish Valve would just ban them. It’s weird to have something that looks like pure malware in a Game store.

    • Maestro
      link
      fedilink
      18 months ago

      They will be gone with time, but not because anything that Valve does. Microsoft is locking down the kernel after the CrowdStrike debacle. In a few years it will be impossible to run any custom kernel code.

    • @[email protected]
      link
      fedilink
      English
      138 months ago

      Luckily Valve seems to believe in freedom of decision for their users so they won’t do this. There are kernel level cheats so there are kernel level anticheats. Obviously anticheats are mostly lame in what they do so it would probably be better for them to not be kernel level. Still there are “pure malware” anticheats and Valve thinks it’s up to the user to decide if they want one, their job is to inform the user. And that’s the best approach here in my opinion.

  • Chozo
    link
    fedilink
    88 months ago

    Probably a pessimistic take, but I don’t expect this to have any discernable impact on sales, or any other effects that would discourage publishers from these practices. The average user doesn’t care about or understand how these things work; they’ll see an anti-cheat warning on the store page and think “Okay, tell the colonel I’ll be on my best behavior then” and continue to buy the game.

    • snooggums
      link
      fedilink
      English
      228 months ago

      It will benefit those that care and won’t negatively impact the experience for those that don’t.

      Win, win.

  • @[email protected]
    link
    fedilink
    English
    28 months ago

    I imagine the alternative way to combat kernel-level cheats would be asking player for all his game state data, validating it on a server?

    Wouldn’t work on peer-to-peer and you’d have to do a bunch of unnecessary compute(recalculating every tick if player-generated data is possible according to game rules) but its the only way I can think of.

    • @[email protected]
      link
      fedilink
      English
      48 months ago

      That does not detect things like wall hack and aim-bots that don’t modify the game state directly.

      • @[email protected]
        link
        fedilink
        English
        18 months ago

        Don’t tell the client what’s going on outside its vision, I suppose? Add a small buffer to compensate for latency, so wall hack would be more of a “corner hack”.

        • @[email protected]
          link
          fedilink
          English
          5
          edit-2
          8 months ago

          I mean sure, that is how some (mostly strategy and tactical) games do it, but for an FPS, figuring out where the buffer should be would be a programmers nightmare. I guess you would have to try to calculate all possible lines of sights a player could have within some buffer time (100-1000ms) and then all players that could in theory enter them… Add physics and it is practically impossible.

          Also, corner hack is useful enough and it does not address aimbot. IMO the answer is some combination of human moderation and ability to play with “friends” instead of randos. E.g. you could ask people to like or dislike a player at the end of a match and try to pair players that liked each other in the past.

    • bitwolf
      link
      fedilink
      English
      9
      edit-2
      8 months ago

      Or bring server browsers back and let server mods handle it.

      I’ve rarely, if ever, had a bad time using a server browser.

      A more modern idea. Put all the chesters into the same lobbies through matchmaking

    • @[email protected]
      link
      fedilink
      English
      58 months ago

      Most games already do this lol Cheats usually don’t do anything that is technically impossible to do on a vanilla client, just highly improbable

  • @[email protected]
    link
    fedilink
    English
    418 months ago

    Can someone explain like I’m stupid on kernel level anti cheat and why I should watch out for it? Not a dig at all, a genuine question!

    • @[email protected]
      link
      fedilink
      English
      168 months ago

      Easy, a bug in battle eye forced me to reinstall windows, this kernel access has to go.

    • ℍ𝕂-𝟞𝟝
      link
      fedilink
      English
      36
      edit-2
      8 months ago

      Making it super simple, it runs with full access on your machine, always. It can fuck anything up, and see everything. It can get your browser history, banking details or private messages you enter, activate your webcam or mic without you knowing, or brick your computer even.

      And you can’t even check what it’s really doing on your computer because it’s a crime under US law.

      Finally, it can get hacked and other people than the creator can do all these to your computer as well,as it already happened once.

      • @[email protected]
        link
        fedilink
        English
        48 months ago

        And you can’t even check what it’s really doing on your computer because it’s a crime under US law.

        Is this specifically for kernel level anticheat? Because this isn’t a thing for software in general right??

        • @[email protected]
          link
          fedilink
          English
          18 months ago

          If anything reverse engineering is more permissible in the USA than many other places, IIRC

        • ℍ𝕂-𝟞𝟝
          link
          fedilink
          English
          48 months ago

          It’s a thing for any measure said to enforce copyright under the DMCA.

          So it’s a thing for most proprietary software.

    • @[email protected]
      link
      fedilink
      English
      28 months ago

      Imagine a game having higher privileges than what you get with “Run as administrator”

    • LoboAureo
      link
      fedilink
      English
      88 months ago

      Also, the most games that don’t work in linux is for this reason (and steamdeck works in linux)

      • @[email protected]OP
        link
        fedilink
        English
        648 months ago

        And it’s worth noting that trusting the game developer isn’t really enough. Far too many of them have been hacked, so who’s to say it’s always your favorite game developer behind the wheel?

        • sp3ctr4l
          link
          fedilink
          English
          208 months ago

          Or, even better, when you let a whole bunch of devs have acces to the kernel…

          sometimes they just accidentally fuck up and push a bad update, unintentionally.

          This is how CrowdStrike managed to Y2K an absurd number of enterprise computers fairly recently.

          Its also why its … you know, generally bad practice to have your kernel just open to fucking whoever instead of having it be locked down and rigorously tested.

          Funnily enough, MSFT now appears to be shifting toward offering much less direct access to its kernel to 3rd party software devs.

      • @[email protected]
        link
        fedilink
        English
        48 months ago

        It’s not just trust of the game developer. I honestly believe most of them just want to put out profitable games. It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.

        There was some old article about how a black hat found a vulnerability in a signed virtual driver used by Genshin Impact. So, they deployed their whole infection package together with that plain driver to computers that had never been used for video games at all; and because Microsoft chose to trust that driver, it worked.

        I wish I could find an article on it, since a paraphrased summary isn’t a great source. This is coming from memory.

        • @[email protected]
          link
          fedilink
          English
          28 months ago

          It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.

          That’s not an accurate description of the exploit you describe. It sounds like the attacker bundled a signed and trusted but known vulnerable version of the module, then used a known exploit in that module to run their own unsigned, untrusted code with high privileges.

          This can be resolved by marking that signature as untrusted, but that requires the user to pull an update, and we all know how much people hate updating their PC.

      • @[email protected]
        link
        fedilink
        English
        598 months ago

        More importantly, if traditional anticheat has a bug, your game dies. Oh no.

        If kernel level anticheat has a bug, your computer blue screens (that’s specifically what the blue screen is: a bug in the kernel, not just an ordinary bug that the system can recover from). Much worse. Sure hope that bug only crashes your computer when the game is running and not just whenever, because remember a kernel-level program can be running the moment your computer boots as above poster said

      • @[email protected]
        link
        fedilink
        English
        108 months ago

        Not all anti cheats run at startup. Some only run when you play a game. I think vanguard for valorant ran all the time at first and people were pissed. Meanwhile easy anti cheat runs only with a game. So it depends. It all sucks though.