Now if only they could more clearly communicate when games are playable offline.

  • ArchRecord@lemm.ee
    link
    fedilink
    English
    arrow-up
    66
    ·
    edit-2
    1 month ago

    To put it very simply, the ‘kernel’ has significant control over your OS as it essentially runs above everything else in terms of system privileges.

    It can (but not always) run at startup, so this means if you install a game with kernel-level anticheat, the moment your system turns on, the game’s publisher can have software running on your system that can restrict the installation of a particular driver, stop certain software from running, or, even insidiously spy on your system’s activity if they wished to. (and reverse-engineering the code to figure out if they are spying on you is a felony because of DRM-related laws)

    It basically means trusting every single game publisher with kernel-level anticheat in their games to have a full view into your system, and the ability to effectively control it, without any legal recourse or transparency, all to try (and usually fail) to stop cheating in games.

    • ampersandrew@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      40
      ·
      1 month ago

      And it’s worth noting that trusting the game developer isn’t really enough. Far too many of them have been hacked, so who’s to say it’s always your favorite game developer behind the wheel?

    • barlescharkley@lemmy.world
      link
      fedilink
      English
      arrow-up
      35
      ·
      1 month ago

      More importantly, if traditional anticheat has a bug, your game dies. Oh no.

      If kernel level anticheat has a bug, your computer blue screens (that’s specifically what the blue screen is: a bug in the kernel, not just an ordinary bug that the system can recover from). Much worse. Sure hope that bug only crashes your computer when the game is running and not just whenever, because remember a kernel-level program can be running the moment your computer boots as above poster said

    • Katana314@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      1 month ago

      It’s not just trust of the game developer. I honestly believe most of them just want to put out profitable games. It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.

      There was some old article about how a black hat found a vulnerability in a signed virtual driver used by Genshin Impact. So, they deployed their whole infection package together with that plain driver to computers that had never been used for video games at all; and because Microsoft chose to trust that driver, it worked.

      I wish I could find an article on it, since a paraphrased summary isn’t a great source. This is coming from memory.

      • catloaf@lemm.ee
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 month ago

        It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.

        That’s not an accurate description of the exploit you describe. It sounds like the attacker bundled a signed and trusted but known vulnerable version of the module, then used a known exploit in that module to run their own unsigned, untrusted code with high privileges.

        This can be resolved by marking that signature as untrusted, but that requires the user to pull an update, and we all know how much people hate updating their PC.