1460
Steam games will now need to fully disclose kernel-level anti-cheat on store pages
(www.gamingonlinux.com)
Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.
Submissions have to be related to games
No bigotry or harassment, be civil
No excessive self-promotion
Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts
Mark Spoilers and NSFW
No linking to piracy
More information about the community rules can be found here.
Why is kernel-level anti-cheat even a thing?
If I was trying to prevent cheating, I'd hash the relevant game files, encrypt the values, and hard-code them into the executable. Then when the game is launched, calculated the hash of the existing files and compare to the saved values.
What is gained by running anti-cheat in kernel mode? I only play single-player games, so I assume I'm missing something.
Because there are kernel-level cheats
What you proposed can very easily be bypassed without even needing kernel access by just editing the executable code that checks hashes to always return true
Boo freaking hoo.
It's not like there are so many other ways to cheat, actually used in many games with anticheats.
We should all stop pretending it's necessary to put malware into your computer just so some company can claim they have no cheaters, which is never even true.
The point of anti-cheat is to create a substantial barrier for cheating. If you have to go the extra mile to run an external hardware cheat so as to be "undetected" then surely this means the anti-cheat is working. If it were as ineffective as you imply, cheaters would be cheating on their main accounts.
.... Buuut you can still defeat Kernel level Anti Cheats.
https://m.youtube.com/watch?v=RwzIq04vd0M&t=2s&pp=2AECkAIB
Which means that you still have to end up relying on reviewing a player's performance and actions as recorded by the game servers statistically via complex statistical algorithms or machine learning to detect impossibly abnormal activity.
... Which is what VAC has been doing, without kernel level, for over a decade.
All that is gained from pushing AC to the kernel level is you ruin the privacy and system stability of everyone using it.
You don't actually stop cheating.
It is not possible to have a 100% full proof anti cheat system.
There will always be new, cleverer exploitation methods, just as there are with literally all other kinds of computer software, which all have new exploits that are detected and triaged basically every day.
But you do have a choice between using an anti cheat method that is insanely invasive and potentially dangerous to all your users, and one that is not.