Co-Op SpoilersBy the end of the coop story and it’s DLC you also realise that she’s still a lot softer like she is when accompanying Chell in the main game. She tries to pretend to still be ruthless and unfeeling but that mask falls off a few times.
spoilerBut at the end of the game, when she replaced Wheatley, she indicates that she deleted Caroline because it made her soft. Chapter 9: The Part Where He Kills You
“Ending Lines” section: theportalwiki.com/…/GLaDOS_voice_lines_(Portal_2)
Yeah, to stop another CrowdStrike, but it’s not a sure thing, yet there’s talk of api’s etc and wouldn’t surprise me if certain companies got a pass. An article covering your point: theverge.com/…/microsoft-windows-kernel-antivirus…
Nope. They’re developing an alternative set of APIs for userspace in conjunction with security vendors for their products to use but it’s all still a long way off and will be optional to start with.
Given the volume of mission-critical devices security products are installed on (which the CrowdStrike fuckup highlighted), getting them out of kernel space would be a huge risk reduction for the world. And security vendors would love to get away from that risk as pulling a CrowdStrike costs a lot of money setting things right with customers.
But an anticheat used by consumers on their personal devices for a game, not such a big deal.
While I’m sure MS will eventually deprecate and then kill off third party kernel drivers, it could take a decade since MS has so much business (both internal and within their customer base) that relies on legacy crap.
I have a feeling you’re right about this. I do wish Microsoft would take the Apple approach as Apple steamed ahead with deprecating kernel-mode access.
Love them or hate them, Apple take security a lot more seriously than Microsoft these days and it’s a real shame MS see security architecture as a nuisance rather than a core responsibility of their business.
it’s a real shame MS see security architecture as a nuisance rather than a core responsibility of their business.
I’m pretty sure the reason behind this is that they treat backwards compatibility as a higher priority in a lot of cases. There are so many odd choices I see in my day to day that I can only explain away by backwards compatibility. It’s part of the reason you see them take forever to depreciate old and insecure protocols until they get an encouragement from a vuln hitting the news.
That’s what I’ve noticed as well. They keep the old stuff around for as long as they can, because some software made 30years ago is critical to our society so they need to support it or we’re doomed
And it’s not like the companies will update old stuff, either. They’ve shown a willingness to forget about old games as soon as the revenue dips too much. The result will be that those games will be unplayable in the future.
I can tell you why they do it. Which is to get installed at launch time (like a driver required to boot for example), so they can watch absolutely everything that loads into the system.
But yes, I wouldn't play any game that needs a kernel anti-cheat.
I got a console when I switched to Linux. This has been a problem for decades now. So I’ve got one corporate game box that works with my friends, and one computer that I actually control.
Valve never intended for deadlock to have as much media coverage as it did. It happened anyways because a media outlet chose to ignore the informal NDA message that popped up when launching the game. The message was removed shortly after the incident.
Soooo, you’re telling me, that if I want to use a NVIDIA graphics card in Linux, I am not allowed to load its official driver’s kernel modules unless I either deactivate secure boot or generate my own signing key and load it into the UEFI, as otherwise this would make the kernel untrusted. But on windows every $random_game_publisher is allowed to run at kernel level without it being considered untrusted?
<span style="color:#323232;">let $random_game_publisher = "Ubisoft";
</span><span style="color:#323232;">print("But on windows every {$random_game_publisher} is allowed...?");
</span><span style="color:#323232;">> But on windows every Ubisoft is allowed...?
</span>
Well, see, there’s your problem. You handcrafted this code carefully, but didn’t think about today’s coding standards. That’s outdated code you use. Why use a simple print with variable substitutions, if you can instead just vibe print it by sending a rough description what your program tries to output to an LLM to account for such possible errors! /s
This is windows, So Valorant is running its anticheat stopping Battlefields anti-cheat from starting up. Meaning you will have to pick one game as they all seem to start from boot though other sources have said the games have to be running.
In Linux you could prob just run a pass-through in a couple of VMs. But Linux itself doesn’t work with most of these anti-cheats so by default no one running Linux is exposed to this sort of thing.
Yes, obviously, and you don’t typically have trouble with display drivers either nowadays, I suppose we were both jesting.
The right way to do it would probably be either to spin a dedicated partition, or to add a boot entry that sets up a dedicated environment for the game (I haven’t really thought about it but it’s probably doable). In both cases it’s a bit silly, when the whole anti-cheat thing is apparently mostly useless anyway.
I’m not an expert, but it sounds like if you finish a session of valorant, the anti cheat never unloads and continues to monitor memory and files.
Easy Anticheat though, according so some sources, only runs during game play.
Riots Anticheat has a bad history though. But both essentially are black boxes that send details both hash and samples back to their owners for them to approve what’s on it computer. Opened a medical record? It’s probably been hashed and sent back.
Opened your employers accounting files when working from home? details you probably sent riot a copy.
Both can be updated. There’s no guarantees that riot won’t do something nasty against a portion of high value targets. They know you from your payment details. They can identify, update the module and get anything they like, they have root.
They do this to prevent cheaters, and it is effective. Some people who have no problems running any other executable that can do just as much damage believe this load on boot style is too invasive.
I wouldn’t mind this feature dying so I could play on Linux though.
Tell me how any other app uploading your entire documents directory is okay then. “Into the kernel” is largely fear mongering. Other, less trustworthy apps can do plenty of damage, and you don’t seem to care about those.
If you really want to be secure, you can’t do gaming on the same machine as your security sensitive stuff. It’s not limited to these anti-cheats.
code running in kernel space is hugely privileged… it can open up enormous security vulnerabilities because when you’re in the kernel you can bypass a LOT of security checks and restrictions… windows code is generally pretty well tested, so is unlikely to have particularly bad bugs like RCEs etc… but these kernel mode apps aren’t nearly as rigorously tested - things like this is what lead to the crowdstrike outage
things running in the kernel can also cause a lot more damage than user space apps, because the kernel doesn’t do a lot of the error checking and validation that stops things like kernel panics
And anti-cheat needs a lot of access (e.g. read app memory) and sees a lot of churn to evolve with cheat engines. More churn means less thorough testing, which means higher likelihood of an exploit.
and also, security isn’t about 100% guarantees… we each have our own risk profile: regular joe gamer doesn’t need to be as security conscious as someone working for the NSA… their risks are different, because their exploitation value is different… most people only need to protect themselves from generalised attacks because they’re not going to be targeted
kernel level apps, however, blast a massive hole in the walls that keep us secure and potentially open attack vectors for generalised attacks… it’s just not worth that risk
You’re running closed source software that has permissions to read your keyboard input to other applications (other than apps running as admin), they can access your files, and and they can communicate over the Internet.
You’re inherently trusting these publishers if you’re gaming on Windows. Who is the publisher of Darkest Dungeon or Deep Rock Galactic or Lethal Company?
And it's such a weird argument to make that just because some other app uploads your entire documents directory (which to be clear is also not okay) you shouldn't care about being forced into an potential attack vector that can take over your entire computer. Do you also leave your home server unsecured because Google is tracking you through your phone?
Proof is in cheaters existing on day one of battlefield 6 open beta. Client side anti-cheat will never work. It’s good to have some basic preventative measures client-side, but server-side anti cheat is the only way to properly prevent cheaters.
Unfortunately companies keep investing in garbage client side anticheat that just pokes security holes into our machines.
Only Valve to my knowledge is investing money into their server side anti cheat, no other big player is to my knowledge.
It needs to be a mix. Have your clientside anti-cheat look for obvious attack vectors, have your serverside anti-cheat look for suspicious play, and let users report others. Then have humans review suspected cheaters and make the final call.
But that’s expensive, and off-the-shelf anti-cheat gives them someone else to blame.
I agree, there’s definitely some checks you can only do on the client and only some that work server-side. Ideally everything that can be checked on either, are checked.
Currently it’s just all wrong, the client-side can’t be relied upon as heavily as it is.
The benefit factor to the rootkits they install on our machines is nil. Just bloats our systems with garbage that is just waiting to be exploited by hackers.
You're viewing from the perspective of what would be best for the playerbase. These decisions are made based on what's the cheapest possible solution to have the playerbase shut up about cheaters so they wouldn't drive away potential customers.
I would think there’s money to gain by keeping your players engaged longer by having less cheaters, but I guess theres also an incentive to keep just enough cheaters that you can steadily ban them for more game sales (not that I think that’s happening, i hope not).
Anyways they take our money, we expect whats best for us, within reason of course.
I doubt the revenue from sales to cheaters is that significant compared to the risk of losing players. I think the simplest explanation is that catching cheaters is hard (read: expensive), so they’re happy with catching the most obvious cheaters with off the shelf solutions (i.e. the Pareto principle).
I refuse to play them. If they want kernel level anticheat, they can submit the source under the GPL to the Linux kernel devs for consideration, because that’s the only way I’d consider using it. No game is worth compromising my system’s security.
That’s only proof that it will never be enough to stop all cheating. But if the metric is if it reduces cheating then that proves nothing. Not saying I have proof that it does reduce cheating but I would personally bet on it reducing it somewhat at least.
It definitely reduces cheating, but mostly just by raising the bar of entry (not by that much as evident in day 1 cheats being present). I doubt it’s effectiveness though, since most games you can do some quick research and find $5 cheats that will go undetected (hell even free cheats can work if you do a little more research on doing the injection part manually yourself).
You can also never stop cheating, but the anti-cheat they install on your computer is just an extra attack vector for hackers, etc at this point, since it obviously doesnt work as intended.
Hopefully they start to learn from this at some point… they should realise that their current anti-cheat systems are not working as intended at some point right?
Battlefield will lose sales, every game definitely loses players because of cheater infestations. Lots of money lost in my eyes, is it enough to make them see straight?
Valves anti-cheat doesn’t really do anything though, at least not in CS2. It does like to boot me from the game from time to time because I’m playing on Linux though.
True VAC alone is not great (nothing really is), but CS2 (in my opinion) has one of the best systems against abuse, even though legit players like myself can get stuck in low trust factor sometimes.
VAC, trust factor, overwatch (player report reviewing, not sure if this was discontinued) all work together.
Hopefully a big improvement is to come soon with the VAC Live agents that monitor games using AI to predict likely cheaters.
Valve obviously has a big interest in keeping cheaters out, because their skin economy makes them boatloads (literally hehe) of money. I think they are the only company going down this road right now of AI agents, which is unobtrusive to users and should hopefully keep up VACs high accurate ban rate (which is at least a good thing about VAC, when you are banned, in almost all cases, you were indeed cheating (low fase positives)).
I do recognize though that AI agents likely comes with a high cost and may only be implemented in other highly competitive games that make lots of money.
There probably exist other methods, but it’ll take more investment in designing adaptable systems that can work on many games.
I do report a lot of cheaters, but I never know if it even does anything. I pretty much only play casual anyways. The worst is when someone is obviously cheating, and no one votes to kick them, or some special types actually vote against kicking the cheater so they can win …
ETA: the AI agents sounds cool, as long as legit players don’t get mistakenly banned. I didn’t realize cheating was such a huge problem these days until I started playing CS2 again. I used to scrim 1.6 Back in the day and never really had that problem that I can remember.
Client side anti-cheat (the one installed on your PC) will never work, it’s just fundamentally impossible. They can restrict user freedom as much as they want, but the hardware still isn’t under their control.
The only reason they push for those kinds of anti-cheats is because they don’t have to pay for the extra processing of server side anti-cheat, and they also get the benefit of a backdoor into your computer that you may never fully uninstall without buying a new computer.
That statement is to easy. It all depends on how much permissions you give the game and in what kind of environment you execute your game. From sandboxing to inmutable root file systems there is a lot possible to exactly prevent this to happen.
I mean, it’s like saying Pentagon security can’t work because some skilled hackers can someday find a way to spoof / steal credentials. Security always happens on a sliding scale based on the value of the contents.
I think at the very least, they can take steps that inconvenience hackers sufficiently each update without harming players - they can’t make it impossible to hack on the client side, but they can’t make it feel not worth it for them.
The reason I sort of insist on it is that even with serverside checks for game logic like teleportation and instant kills, game engines still load the data for player positions which allow for wallhacks and aimhacks. Those checks can only happen clientside; you can’t even send mouse positions often enough to look for “snaps”.
At the least, I agree that modern coders have gotten very lazy about having the server verify basic actions. “Okay, player 22 deals 8000 damage to every other player in the server simultaneously? Okay.”
Some of it does, some of it doesn’t, the critique is that kernel level stuff is way more than needed against most cheaters but not enough against the most dedicated ones, and it is invasive as hell.
The best anticheat is good netcode and server side checks. You can’t wallhack if your client doesn’t see behind the walls.
bin.pol.social
Najstarsze