So to sum up. Valorant's anti-cheat, which the author sees something like an ideal solution:
- starts up and loads its kernel driver on boot.
- generates a persistent unique ID based on hardware serial numbers and associates this with my game account.
- stays active the entire time the system is up, whether I play the game or not. But don't worry, it only does some unspecified logging.
- is somehow not a spyware or data protection risk at all...
For anyone saying “just do server side,” no, it’s physically impossible to stop all cheating that way until we have internet faster than human perception.
Don't let perfect be the enemy of good.
The problem is that server-side occlusion is only a small piece of the puzzle. A naïve implementation means hundreds of thousands of raycasts per second, which doesn’t scale. Real engines rely on precomputed visibility sets, spatial partitioning, and still have to leak some data client-side for responsiveness.
Basically - the kernel level check is not laziness, but for unsolvable problems without huge compute costs or latency.
Hundreds of thousands of raycasts per second sounds doable to me, but couldn't you just use a GPU and some simplified level geometry? That ought to scale well enough. It's not free or perfect (knowing the position of a hand a cheat will be able to estimate where the head is anyway), but that's not the goal, right?
It's cat and mouse game.
Don't worry, it's owned by Tencent.
Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
Is the memory of this kernel module protected from access from another kernel module ?
Which obviously causes all kinds of issues, and violates both freedoms 0 and 1 https://www.gnu.org/philosophy/free-sw.en.html
And they don't just remove those freedoms regarding the game, but for the entire system.
They do not, as long as you can disable the anti-cheat and reboot.
Even if the game itself doesn't grant me that freedom, my OS and drivers should not prevent me from attaching a debugger to the game without it noticing.
My computer, and the software on it, should obey me, and me alone. Never should they obey a developer's desire to restrict what I can and cannot do.
That is the ideological basis of the free software movement, and as you may have noticed, incompatible with client side anticheat.
Genshin's anticheat was used to install ransomware, ESEA's anticheat was used to install bitcoin miners on users machines, EA's anticheat was used to hack clients computers during a tournament, etc.
When not explicitly malicious, anticheat software is at best spyware that's spying on your computer use to identify cheating. People complain a ton about Microsoft recall storing screenshots of your computer locally being a security risk, and yet they're fine with a Chinese owned anticheat program taking screenshots of your computer and uploading them online. And even if the company isn't trying to use that info to spy on you, my understanding is that when you're a chinese company, you have to give full access of that data to the government.
With the ongoing/rising tensions between the US and China, I actually think there's a significant chance that we may see all Chinese owned anticheat programs banned in the US, which would be pretty significant since they own or partially own the majority (as far as I know).
Well, I don't think anyone reasonable should be telling others what they "should" be ok with, myself included (I made an exception this one time).
> Genshin's anticheat was used to install ransomware
You should tell the full story: Ransomware installed Genshin's anticheat because it was whitelisted by antivirus providers, it then used the anti-cheat to load itself deeper into the system. So not really a problem with Genshin's anticheat (indeed, users who had never played the game or even heard about it would be affected), but a problem with how antivirus providers dealt with it.
> ESEA's anticheat was used to install bitcoin miners
You should tell the full story: Someone compromised the supply-chain and snuck a miner into the anticheat binary. It was discovered immediately, and the fact that the miner was in the anticheat and not, say, a game loader, did nothing to hide it.
> People complain a ton about Microsoft recall storing screenshots of your computer locally being a security risk, and yet they're fine with a Chinese owned anticheat program taking screenshots of your computer and uploading them online
This is just a fallacy. Like saying "people voted for candidate A, but then they voted for candidate B!" Obviously, there can be multiple groups of people, and saying that "people" vaguely support X but not Y is usually a misunderstanding of the groupings involved.
The obvious explanation for this is"apparent" contradiction you point out is: Windows Recall is likely to be an on-by-default feature, and people don't really trust Microsoft not to "accidentally" enable it after an update. Also, Recall would likely be installed on all computers, not just gaming PCs. That's a big deal. A lot of people have multiple PCs, because they're cheap and ubiquitous these days. Maybe they're okay with recall and/or anticheat taking snapshots of their gaming PCs, but not the laptop they use to do their taxes, etc. The source of your confusion is likely the misunderstanding that most people, unlike the HN crowd, are practical, not ideological. They don't oppose anticheat on some abstract level, they care about the practical reality it brings to their life.
Another element is that most people, at least in the US, have "spy fatigue". They figure, hey, the US government spies on me, the five eyes spies on me, Russia and China spy on me, what does it matter?
Alas, I'd like to believe we could be in an era of "hey, not a problem, just have a dedicated gaming machine," but that too is difficult.
You can do this on macOS too, by the way. XNU is open-source.
How would one get the modified XNU past the verified-boot process? Turn off verified boot?
It's much harder to cheat if the game isn't running on your computer.
The ultimate "anti-cheat" is playing on some trusted party's computer. That can be a cloud machine, but I think today a game console would work just as well, turn that closed nature into an actual user-facing benefit. Console manufacturers seem focused on their traditional niche of controller couch gaming and not on appealing to high-FPS keyboard-and-mouse gamers, though.
It doesn't even seem very hard to implement, steam already has the ability to stream games, they could add this pretty easily as an option for any game (although there is the concern of the extra cost of running the servers).
To be fair kernel anticheat can't block this completely either, it can be run on external hardware that uses a capture card to analyze your video feed and alter your mouse inputs to the computer. Generally undetectable unless the game is able to identify unnatural mouse movements.
I think at some point defeating this becomes impossible. This sort of cheating isn't much different conceptually from just having someone who's really good at the game play for you.
Of course, to TFA's point on network code... a lot of the issues in question could come down to checking for movements that exceed human... moving faster than the speed in game, or even twitch aiming movements faster than a mouse, or a consistent level of X accuracy in shooting over time. On the last part, I'm not sure if there might be some way to mask a user's hit zone, rendering and such so that an aim-bot thinks the foot is center-mass, etc. Or if it could be randomly shifted in a test scenario.
I think the more important question isn't how you implement an anti-cheat, it's why some types of games attract cheaters.
When victory in a game isn't about strategy but just about how quickly you can click o character's head, and just by doing it once you win the game, that makes the whole game a clear target for cheating. Everyone cheats as the sniper, nobody cheats as the medic.
I think you could make an FPS that cheaters hate by designing it so that it requires at least 2 players to defeat a player on the opposite team, e.g. by giving everyone weapons of different type and needing two types to defeat an enemy.
I wonder if anti-cheating game design is a thing?
Game designers could have just worked on their ranking systems, and least the cheaters rocket off into their own domain of impossibly-high-elo games. Let there be a cheaters league. It could be fascinating, what’s fully-cheated gameplay look like? Just ban disruptive behavior like ddosing other players.
OTOH, artificially lowering your rank to stomp low-level players is a problem. But cheaters, as well as just legitimately really good players, can do this; the place to solve this is the ranking system.
Of course, I still remember seeing cheaters back then, in that game... usually quickly kicked off the server you were playing on.
https://playvalorant.com/en-gb/news/dev/vanguard-hits-new-ba...
Of course the cheat developers don't sit idle, so this is far from over.
Anti-cheat does not ordinarily like to run inside a VM, because then the hypervisor can do the cheating, invisibly to the kernel. However, technologies like AMD SEV can (in theory) protect the guest from the host, using memory encryption. (And potentially also protect from DMA-based cheats, too)
What you'd need is some way for the hardware to attest to the guest "yes, you really are running inside SEV".
I'm largely a console gamer, so I don't have to worry about EA's latest malware opening my computer up to the world. I'm also a filthy casual though.
---
Let me ask you a question. How many vulnerable drivers (yes, those that can be abused by bad actors to gain kernel access) do you think the average gamer has on their Windows install? I’ll start with my own system. This is what I can immediately think of:
• MSI Afterburner - RTCore64.sys driver (yes, even in the latest version) has a vulnerability that allows any usermode process to read and write any kernel memory it wishes
• CPU-Z - cpuz142_x64.sys driver has (again) kernel memory read/write vulnerability and MSR register read/write
If I looked hard enough, I would most likely find more.
And if you're not doing something particularly sensitive, then security on consumer PCs must matter a lot less than some people think.
Anticheat is only hard because people are looking for a technical solution to a social problem. The actual way to get a good game in most things is to only play with people you trust and, if you think someone is cheating, stop trusting them and stop playing with them.
This doesn't scale to massive matchmaking scenarios of course - and so many modern games don't even offer it as an option - so companies would have to give up the automatic ranking of all players and the promise of dopamine that can be weaponised against them, but it works for sports in the real world and it worked for the likes of Quake, UT, etc. so I don't think it's a necessarily bad idea. Social ostracism is an incredibly powerful force.
However, it does mean that the big publishers wouldn't have control over everything a player does. Getting them to agree to that is probably the real hard problem.
However, I wonder if you could have that while still removing features that make cheating seem appealing. For example, as you said, you can have games with randoms without an automatic ranking of all players. (Or maybe you rank players so you can match people of similar skill levels, but you don't tell anyone what their rank is.)
Ultimately the OS should be providing a service that can verify a program is running in a secure environment and hasn't been tampered with. That's something that's useful for things far beyond games. I kind of hope the cheaters win this war for now, to create the incentive for building a better, proper, standardized, cross-platform solution.
Having the kernel itself, actually deny any access... The game devs run a build without debug symbols (not that debugging could work with it on), and run with it... Also, this should severely limit what that process can do in terms of communication outside itself. And maybe a launch warning from the OS... "You are about to launch a sealed application that cannot be observed, do you want to continue? Y/N"
ai_critic•17h ago