Just googled their share price and they are 34% higher than they were before the shitstorm they caused.
What's your point?
Yeah, thats an interesting point. I'd be interested to read analysis on that. Maybe being seen to pay for something that claims to make things more secure is more important than actually being more secure.
https://www.theregister.com/2025/05/07/delta_crowdstrike_cla...
The same with Zscaler - people about as far from tech I'm friends with complain to me about how much they hate it so you know /it's everywhere/
Fuck these AntiVirus software vendors, they are just as much scum as the baddies are. What once was just Norton, today is everyone.
I'm glad that they're getting less access to the system, even if it's for another reason.
This whole situation now feels like too little, too late. We currently have a vast market of "security" software built on top of their platform, and everyone is compelled to use it, often due to compliance requirements. Now, Microsoft has to walk on thin ice by restricting these "snake oil" vendors without getting into trouble for anticompetitive behavior by restricting a market on top of their platform that should have never existed in the first place.
unaindz•3d ago
>Another big area of Windows that uses kernel-level drivers is anti-cheating engines for games. Microsoft has been speaking with game developers about how to reduce the amount of kernel usage, but it’s a more complicated use case as cheaters often have to purposefully tamper with their machine to disable protections and get cheating engines running.
>“A lot of [game developers] would love to not have to maintain kernel stuff, and they are very interested in how they do that,” Weston says. “We’ve been talking about the requirements there, and I think we’ll have more to say on that in the near future.” Riot Games told me last year that it’s willing to follow potential Windows security changes and “recede from the kernel space.”
I hope it spreads to anti cheats as well.
jchw•6h ago
steelbrain•6h ago
Fly-by, but HDCP is already cracked. There's no shortage of HDCP strippers from AliExpress; although they use clever marketing terms to avoid spelling out the fact (presumably to avoid legal troubles)
jchw•6h ago
perching_aix•2h ago
jchw•2h ago
Like there's obvious cheating. Playing online chess games using an engine to tell you every move is cheating, and thankfully if you really don't know what you are doing, you are likely to get caught.
Then there's less obvious cheating. It's pretty easy to cheat in speedrunning by passing off a carefully constructed "TAS" run as a regular speedrun; though just like with chess it's going to be obvious if you don't know what you are doing, but it's pretty hard to inspect in detail so you might get away with it as long as nobody pays too much attention.
Then there's things that may or may not be cheating in the first place. A good example is key binds in Source Engine games, like null-cancelling movement configurations. The game allows it and keybinds are not traditionally treated as cheating, so is it? (I think they may have changed this in newer games/updates but I'm behind on the times.) Or custom controllers for Super Smash Bros Melee. Merely emulating degraded analog sticks in a way that is advantageous is generally not considered to be cheating, but e.g. warping the stick movement depending on an internal state machine to make certain things easier to do is usually considered too far. I can think of many examples. "Calcing" and charting in PangYa is a nice obscure one.
But I do say this: If you took one aspect of cheating, like aimbots, you could attack it surgically. You could detect the current state-of-the-art, do your best to make it hard for aimbot developers to figure out how you're detecting them, ban players and make it hard for them to get new accounts. The problem is that this is not easy or cheap. People just want to throw some money at the problem and have it go away, they want something like Easy Anti-Cheat.
I think though that eventually, it might all just be futile. It depends. If machine learning continues to progress, eventually it will be pretty hard to distinguish human and machine inputs no matter how hard you try to. It's already not very easy looking at "state of the art" technology from 2022. I linked this elsewhere but it has a nice chart of people mostly failing to detect their ML-based aimbot:
https://arxiv.org/abs/2205.07060
I guess I'm just disappointed in these lazy approaches because they wind up being so vapidly anti-consumer. I know that they accept the temporary nature of these fixes since they don't really intend on these games running forever (which is also a sort of problem, though not related since obviously they really can't worry about and invest in anti-cheat forever) so they just need something that works for now. But it seems like no bridge is too far, and now we're nearly all the way to "you need to install this rootkit and enable secure boot and use Windows 11 and have TPM2" or whatever else.
edit: I really wish Hacker News pushed downvoters to leave a reply... If whoever did that comes across this post again I'm actually genuinely interested in hearing about whatever you disagreed with strongly enough in this post. Unfortunately I said so much that I can only guess what and that's a bummer because I bet it would be interesting.
johnfonesca•6h ago
It's being 15 years already
hypercube33•6h ago
Be it you can't game on Linux (steam deck) or if you have some specific software installed you're flagged as a cheater (autohotkey) or other dumb things.
That said even in some AAA games it feels like the game cheats anyway either intentionally or unintentionally (read about how modern warfare basically decides the outcome of an encounter before it happens to keep your k/d ratio close to 1)
lukan•6h ago
Good luck implementing anything fast this way.
Have you thought about a bit, what this means?
Only ever give the client what it can see?
With common real world ping times around 60 ms?
It would result in very slow shooters. Where you have to wait a bit to see what is around the corner after going there. Not that practical.
In my opinion most anti cheat is BS anyway and even if some gets banned, the main problem is, game companies seem happy with the solution of just selling new accounts to cheaters.
anton-c•5h ago
Hard to not see it - esp in smaller games - as the bots and cheaters providing too much revenue to cut out completely.
Ukv•4h ago
I think ideally you'd send players only what they could possibly see before next the next packet comes in. If their ping is 60ms and the game's tickrate is 128Hz, each tick they'd be receiving everything visible from within 68ms walking/running/jumping/etc. of their position 60ms ago.
Could be combined with server-side behavior analysis to detect players seemingly using information their client was sent but they shouldn't have seen. Packets from the client of what they actually did in that 60ms should be half received by the server and half in flight to the server by that point, so the client can't retroactively lie.
Wouldn't eliminate the advantage of this kind of cheating entirely, but might make it small enough that for many current cheaters it no longer justifies the risk.
lukan•4h ago
That still makes wallhacks possible if standing close to a corner.
And otherwise what you describe makes netcode way more complicated, than it already is. Resulting in a worse game experience.
I am annoyed by any lag or stuttering and find it immersion breaking.
Ukv•3h ago
That's what I'm thinking with the server-side behavior analysis to detect players seemingly using information their client was sent (in case they made a certain movement) but they shouldn't have actually seen (because they didn't make that movement). Though even without that, restricting wallhacks to corners that you could already almost immediately see around would already be a significant improvement.
> And otherwise what you describe makes netcode way more complicated, than it already is. Resulting in a worse game experience.
It's what I think is the ideal and would definitely take some work to implement in practice, but if implemented well I'd argue the measures would be invisible to players in almost all scenarios, and game experience would be superior to solutions that have rampant wallhackers and/or don't work on many machines due to invasive client-side anti-cheat.
dontlaugh•6h ago
Personally I don't mind if fast-paced adversarial multiplayer FPS games stop existing, but that's a minority opinion.
Demiurge•6h ago
dontlaugh•5h ago
I also understand that there are many players that like adversarial FPS games and many companies that make money from that.
Just because I personally don’t think the trade-off is worth it doesn’t mean I expect the world to comply to my preference.
armarr•5h ago
jchw•24m ago
For something like a 2D fighting game it seems like they've landed on determinism + rollback most of the time. That basically only trusts inputs from any given client and nothing else is trusted. Totally possible for the server to "verify" a client's claims by running the replay if needed, though obviously that can be rather expensive. Either way, that eliminates a huge avenue of cheating; as long as the developers did it right, you're basically just left with cheating by botting and using macros.
For something like an FPS game life is hard. The client has to react "as if" there is no latency even though there is. If an arena "twitch" shooter (does... anybody still make these?) ever had a situation where the cross-hair lined up but it didn't count, that would basically break the game. Still, there are many more things that are typically client-controlled, and there should be ways to not give the client as much control without adding too much latency. Any situation where the client and the server or peers can both track something and the server or peers can verify the correctness of the state of the client after the fact, it's probably possible to make some improvements. Basically, make an effort to ensure as little of the information received from any given client is inherently "trusted".
I won't lie, the approach of using heuristics in an otherwise client-trusted environment is definitely "fraught with peril" to some degree; bad heuristics can be pretty damaging. Blizzard ran into a problem where they were accidentally banning Wine users at one point, and it took them a really long time to actually admit the bans were incorrect, and as far as I know they never bothered reversing any of them. Don't get me wrong, they can say "Wine is not supported" and call it a day, but even ignoring that you'll always have some false positives, due to bugs or even weirder issues like clients with bad DRAM.
FPS games are definitely in for a world of hurt though. It's one thing to combat rudimentary aim bots that read internal game data and move the mouse with exact precision, totally different ball game when you have vision models controlling HID mice and keyboards. A Raspberry Pi Pico and a second computer with a capture card isn't a non-zero expense... but, a lot of people already have these things lying around. No amount of not trusting the client can do anything for you with this. You would definitely have to get deeper into behavioral analysis.
Razengan•6h ago
And the ultimate "cheat" would be an android hooked up to the computer and indistinguishable from a meat-based person :)
zihotki•4h ago
immibis•4h ago
reginald78•2h ago
Razengan•1h ago
anton-c•5h ago
I don't play fps anymore not trying to cheat lol
jchw•5h ago
https://arxiv.org/abs/2205.07060
anton-c•5h ago
reginald78•4h ago
SirMaster•1h ago
How do you do proper matchmaking with user-hosted dedicated servers?
Like what would an end-user dedicated server system look like for call of duty warzone, or Fortnite, battle royale games. A round lasts about 20 minutes and you want 150 players filled in right at the start and you don't want to wait more than a couple minutes to fill the server for each round.
The other popular types of FPS games are mostly like 5v5 modes, and you want really balanced teams based on an MMR system. I don't really see how you do that with dedicated servers.
Toritori12•6h ago
mysterydip•6h ago
cyborgx7•5h ago
I'm not saying it's the only thing that stops mass adoption of Linux for gaming, but I think we'd see a massive uptick very quickly, if this problem went away.
nkrisc•5h ago
There’s one “solution” to cheating that publishes seem loathe to offer these days: server executables so people can host their own servers.
When I played BF1942, we just banned anyone we thought was cheating. Having a reputation for being actively moderated and typically cheater-free meant the server was popular and often full. When I ran a Minecraft server, I used a whitelist so it was a complete non-issue.
The only online game I still occasionally play is WoW where cheating is mostly non-existent and what cheating that does exist doesn’t typically affect the gameplay experience of normal players.
Someone•5h ago
‘Luckily’, the overhead of antivirus software already can be quite high at times [1]. So, if this API can keep the number of kernel-userspace transitions down, I think the relative impact could be barely noticeable.
[1] https://www.tomsguide.com/us/av-software-least-system-impact...:
“For example, McAfee Total Protection had a relatively light background impact, slowing down the Lenovo laptop by only 9% after installation”