This is windows, So Valorant is running its anticheat stopping Battlefields anti-cheat from starting up. Meaning you will have to pick one game as they all seem to start from boot though other sources have said the games have to be running.
In Linux you could prob just run a pass-through in a couple of VMs. But Linux itself doesn’t work with most of these anti-cheats so by default no one running Linux is exposed to this sort of thing.
Yes, obviously, and you don’t typically have trouble with display drivers either nowadays, I suppose we were both jesting.
The right way to do it would probably be either to spin a dedicated partition, or to add a boot entry that sets up a dedicated environment for the game (I haven’t really thought about it but it’s probably doable). In both cases it’s a bit silly, when the whole anti-cheat thing is apparently mostly useless anyway.
I’m not an expert, but it sounds like if you finish a session of valorant, the anti cheat never unloads and continues to monitor memory and files.
Easy Anticheat though, according so some sources, only runs during game play.
Riots Anticheat has a bad history though. But both essentially are black boxes that send details both hash and samples back to their owners for them to approve what’s on it computer. Opened a medical record? It’s probably been hashed and sent back.
Opened your employers accounting files when working from home? details you probably sent riot a copy.
Both can be updated. There’s no guarantees that riot won’t do something nasty against a portion of high value targets. They know you from your payment details. They can identify, update the module and get anything they like, they have root.
They do this to prevent cheaters, and it is effective. Some people who have no problems running any other executable that can do just as much damage believe this load on boot style is too invasive.
I wouldn’t mind this feature dying so I could play on Linux though.
Tell me how any other app uploading your entire documents directory is okay then. “Into the kernel” is largely fear mongering. Other, less trustworthy apps can do plenty of damage, and you don’t seem to care about those.
If you really want to be secure, you can’t do gaming on the same machine as your security sensitive stuff. It’s not limited to these anti-cheats.
code running in kernel space is hugely privileged… it can open up enormous security vulnerabilities because when you’re in the kernel you can bypass a LOT of security checks and restrictions… windows code is generally pretty well tested, so is unlikely to have particularly bad bugs like RCEs etc… but these kernel mode apps aren’t nearly as rigorously tested - things like this is what lead to the crowdstrike outage
things running in the kernel can also cause a lot more damage than user space apps, because the kernel doesn’t do a lot of the error checking and validation that stops things like kernel panics
And anti-cheat needs a lot of access (e.g. read app memory) and sees a lot of churn to evolve with cheat engines. More churn means less thorough testing, which means higher likelihood of an exploit.
and also, security isn’t about 100% guarantees… we each have our own risk profile: regular joe gamer doesn’t need to be as security conscious as someone working for the NSA… their risks are different, because their exploitation value is different… most people only need to protect themselves from generalised attacks because they’re not going to be targeted
kernel level apps, however, blast a massive hole in the walls that keep us secure and potentially open attack vectors for generalised attacks… it’s just not worth that risk
You’re running closed source software that has permissions to read your keyboard input to other applications (other than apps running as admin), they can access your files, and and they can communicate over the Internet.
You’re inherently trusting these publishers if you’re gaming on Windows. Who is the publisher of Darkest Dungeon or Deep Rock Galactic or Lethal Company?
And it's such a weird argument to make that just because some other app uploads your entire documents directory (which to be clear is also not okay) you shouldn't care about being forced into an potential attack vector that can take over your entire computer. Do you also leave your home server unsecured because Google is tracking you through your phone?
Soooo, you’re telling me, that if I want to use a NVIDIA graphics card in Linux, I am not allowed to load its official driver’s kernel modules unless I either deactivate secure boot or generate my own signing key and load it into the UEFI, as otherwise this would make the kernel untrusted. But on windows every $random_game_publisher is allowed to run at kernel level without it being considered untrusted?
<span style="color:#323232;">let $random_game_publisher = "Ubisoft";
</span><span style="color:#323232;">print("But on windows every {$random_game_publisher} is allowed...?");
</span><span style="color:#323232;">> But on windows every Ubisoft is allowed...?
</span>
Well, see, there’s your problem. You handcrafted this code carefully, but didn’t think about today’s coding standards. That’s outdated code you use. Why use a simple print with variable substitutions, if you can instead just vibe print it by sending a rough description what your program tries to output to an LLM to account for such possible errors! /s
Valve never intended for deadlock to have as much media coverage as it did. It happened anyways because a media outlet chose to ignore the informal NDA message that popped up when launching the game. The message was removed shortly after the incident.
I can tell you why they do it. Which is to get installed at launch time (like a driver required to boot for example), so they can watch absolutely everything that loads into the system.
But yes, I wouldn't play any game that needs a kernel anti-cheat.
I got a console when I switched to Linux. This has been a problem for decades now. So I’ve got one corporate game box that works with my friends, and one computer that I actually control.
Yeah, to stop another CrowdStrike, but it’s not a sure thing, yet there’s talk of api’s etc and wouldn’t surprise me if certain companies got a pass. An article covering your point: theverge.com/…/microsoft-windows-kernel-antivirus…
Nope. They’re developing an alternative set of APIs for userspace in conjunction with security vendors for their products to use but it’s all still a long way off and will be optional to start with.
Given the volume of mission-critical devices security products are installed on (which the CrowdStrike fuckup highlighted), getting them out of kernel space would be a huge risk reduction for the world. And security vendors would love to get away from that risk as pulling a CrowdStrike costs a lot of money setting things right with customers.
But an anticheat used by consumers on their personal devices for a game, not such a big deal.
While I’m sure MS will eventually deprecate and then kill off third party kernel drivers, it could take a decade since MS has so much business (both internal and within their customer base) that relies on legacy crap.
I have a feeling you’re right about this. I do wish Microsoft would take the Apple approach as Apple steamed ahead with deprecating kernel-mode access.
Love them or hate them, Apple take security a lot more seriously than Microsoft these days and it’s a real shame MS see security architecture as a nuisance rather than a core responsibility of their business.
it’s a real shame MS see security architecture as a nuisance rather than a core responsibility of their business.
I’m pretty sure the reason behind this is that they treat backwards compatibility as a higher priority in a lot of cases. There are so many odd choices I see in my day to day that I can only explain away by backwards compatibility. It’s part of the reason you see them take forever to depreciate old and insecure protocols until they get an encouragement from a vuln hitting the news.
That’s what I’ve noticed as well. They keep the old stuff around for as long as they can, because some software made 30years ago is critical to our society so they need to support it or we’re doomed
And it’s not like the companies will update old stuff, either. They’ve shown a willingness to forget about old games as soon as the revenue dips too much. The result will be that those games will be unplayable in the future.
Co-Op SpoilersBy the end of the coop story and it’s DLC you also realise that she’s still a lot softer like she is when accompanying Chell in the main game. She tries to pretend to still be ruthless and unfeeling but that mask falls off a few times.
spoilerBut at the end of the game, when she replaced Wheatley, she indicates that she deleted Caroline because it made her soft. Chapter 9: The Part Where He Kills You
“Ending Lines” section: theportalwiki.com/…/GLaDOS_voice_lines_(Portal_2)
bin.pol.social
Najnowsze