FYI - the owner of this site, gamingonlinux, was a mod on the !linux_gaming community until they were caught abusing their moderator powers. Then they deleted their account and complained on mastodon that it’s stupid design that mod logs are public. [Screenshot]
I imagine the alternative way to combat kernel-level cheats would be asking player for all his game state data, validating it on a server?
Wouldn’t work on peer-to-peer and you’d have to do a bunch of unnecessary compute(recalculating every tick if player-generated data is possible according to game rules) but its the only way I can think of.
Don’t tell the client what’s going on outside its vision, I suppose? Add a small buffer to compensate for latency, so wall hack would be more of a “corner hack”.
I mean sure, that is how some (mostly strategy and tactical) games do it, but for an FPS, figuring out where the buffer should be would be a programmers nightmare. I guess you would have to try to calculate all possible lines of sights a player could have within some buffer time (100-1000ms) and then all players that could in theory enter them… Add physics and it is practically impossible.
Also, corner hack is useful enough and it does not address aimbot. IMO the answer is some combination of human moderation and ability to play with “friends” instead of randos. E.g. you could ask people to like or dislike a player at the end of a match and try to pair players that liked each other in the past.
The best thing that’ll come out of this is people will realize Easy and BattleEye are kernel-level on Windows. I know so many people who calls Vanguard a rootkit then go play all the other games.
I do everything important like banking etc on a separate device that isn't my gaming PC. This has been quite liberating since I worry less about invasive anti-cheat, drm etc. I realize not everyone wants to do this but it's been a nice compromise.
Luckily Valve seems to believe in freedom of decision for their users so they won’t do this. There are kernel level cheats so there are kernel level anticheats. Obviously anticheats are mostly lame in what they do so it would probably be better for them to not be kernel level. Still there are “pure malware” anticheats and Valve thinks it’s up to the user to decide if they want one, their job is to inform the user. And that’s the best approach here in my opinion.
They will be gone with time, but not because anything that Valve does. Microsoft is locking down the kernel after the CrowdStrike debacle. In a few years it will be impossible to run any custom kernel code.
There is a sub for sanity checking mod actions, aita-style.
If you keep in mind it is for active unconfirmed situations, and that votes there are not meant to mark the cases of mod abuse, I think it can fill that niche.
I really don’t see a need to drag community drama everywhere. GoL is one of the biggest aggregator blogs out there for… linux gaming. Whether we should prioritize original sources over aggregators is a different discussion.
But yeah. Liam is great for news aggregating but he is 100% the stereotypical linux gamer and has a long history of starting random shit. Still annoyed by how fast he got everyone to shit on the Duckstation devs because they didn’t want to be exploited.
Are you the lemmy cops? Is it your responsibility to chase any link to someone’s website across every instance and make sure people know they are a bit of a jackass?
If you think GoL should be a banned source, take it up with the various moderators. If you think only primary sources should be allowed (which I actually agree with), that is also a discussion to be had.
But rushing in to berate people for linking to one of the most popular news aggregators for a story that people would be interested in because you don’t like the guy who owns that site? All you are doing is discouraging people from making posts in the future.
Which is the problem with dragging community/subreddit drama everywhere you go. It just makes the site a much more hostile place for everyone. And we really aren’t big enough to be doing that.
As the official lemmy police I am arresting you for defending a mad lad caught abusing powers. You do not have to say anything. But, it may harm your defence if you do not mention when questioned something which you later rely on in court. Anything you do say may be given in evidence.
Jokes aside… I do think people should be allowed to post opinions an discuss other peoples behavior. Gol dude was caught abusing his powers, which is a disgusting thing to do, personally don’t mind him being called out for that in a post here and there. It’s not an attack on the poster, it’s a reminder to folks who the guy really is.
As he said, modlogs are public, and it seems like other user retreived the trace of what you call an “abuse of power” : sopuli.xyz/comment/12732467 .
It is in his right as a moderator to chose how he moderate the communities he has the right to. If he finds your comment pedantic and annoying, and chose to remove it, so be it.
I’m not taking sides here. I don’t know the whole story, and I doubt anyone else here does. With the little context provided, It’d be hard to take knowingly a side.
But in both case, this is textbook harassement as you are copy-pasting this comment on every community this is posted on. This community has a pretty clear rule against harrassement (rule 2), which you are breaching, offense for which I’ll use my g… mod given right of banning you for the time being (I’ll re-evaluate tomorrow when I’ll be less tired).
Edit : After talking with OP via PM, a ban of 7 days was issued
Eli5: your PC has different access levels a program can run at. This prevents a malicious or badly coded program from completely fucking your computer. Kernel level anti cheat runs at the lowest level access that exists under windows. It can do basically whatever it wants to your PC, and if a backdoor is coded in (happens way more than you’d think), it gives malware basically total access to your PC.
To put it very simply, the ‘kernel’ has significant control over your OS as it essentially runs above everything else in terms of system privileges.
It can (but not always) run at startup, so this means if you install a game with kernel-level anticheat, the moment your system turns on, the game’s publisher can have software running on your system that can restrict the installation of a particular driver, stop certain software from running, or, even insidiously spy on your system’s activity if they wished to. (and reverse-engineering the code to figure out if they are spying on you is a felony because of DRM-related laws)
It basically means trusting every single game publisher with kernel-level anticheat in their games to have a full view into your system, and the ability to effectively control it, without any legal recourse or transparency, all to try (and usually fail) to stop cheating in games.
And it’s worth noting that trusting the game developer isn’t really enough. Far too many of them have been hacked, so who’s to say it’s always your favorite game developer behind the wheel?
Or, even better, when you let a whole bunch of devs have acces to the kernel…
… sometimes they just accidentally fuck up and push a bad update, unintentionally.
This is how CrowdStrike managed to Y2K an absurd number of enterprise computers fairly recently.
Its also why its … you know, generally bad practice to have your kernel just open to fucking whoever instead of having it be locked down and rigorously tested.
Funnily enough, MSFT now appears to be shifting toward offering much less direct access to its kernel to 3rd party software devs.
More importantly, if traditional anticheat has a bug, your game dies. Oh no.
If kernel level anticheat has a bug, your computer blue screens (that’s specifically what the blue screen is: a bug in the kernel, not just an ordinary bug that the system can recover from). Much worse. Sure hope that bug only crashes your computer when the game is running and not just whenever, because remember a kernel-level program can be running the moment your computer boots as above poster said
Not all anti cheats run at startup. Some only run when you play a game. I think vanguard for valorant ran all the time at first and people were pissed. Meanwhile easy anti cheat runs only with a game. So it depends. It all sucks though.
That’s definitely true, I probably should have been a little more clear in my response, specifying that it can run at startup, but doesn’t always do so.
I’ll edit my comment so nobody gets the wrong idea. Thanks for pointing that out!
It’s not just trust of the game developer. I honestly believe most of them just want to put out profitable games. It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.
There was some old article about how a black hat found a vulnerability in a signed virtual driver used by Genshin Impact. So, they deployed their whole infection package together with that plain driver to computers that had never been used for video games at all; and because Microsoft chose to trust that driver, it worked.
I wish I could find an article on it, since a paraphrased summary isn’t a great source. This is coming from memory.
It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.
That’s not an accurate description of the exploit you describe. It sounds like the attacker bundled a signed and trusted but known vulnerable version of the module, then used a known exploit in that module to run their own unsigned, untrusted code with high privileges.
This can be resolved by marking that signature as untrusted, but that requires the user to pull an update, and we all know how much people hate updating their PC.
Making it super simple, it runs with full access on your machine, always. It can fuck anything up, and see everything. It can get your browser history, banking details or private messages you enter, activate your webcam or mic without you knowing, or brick your computer even.
And you can’t even check what it’s really doing on your computer because it’s a crime under US law.
Finally, it can get hacked and other people than the creator can do all these to your computer as well,as it already happened once.
Probably a pessimistic take, but I don't expect this to have any discernable impact on sales, or any other effects that would discourage publishers from these practices. The average user doesn't care about or understand how these things work; they'll see an anti-cheat warning on the store page and think "Okay, tell the colonel I'll be on my best behavior then" and continue to buy the game.
gamingonlinux.com
Gorące