Valve announced a change for Steam today that will make things a lot clearer for everyone, as developers will now need to clearly list the kernel-level anti-cheat used on Steam store pages.

Now if only they could more clearly communicate when games are playable offline.

    • Dremor@lemmy.worldMEnglish
      21·
      1 month ago

      As he said, modlogs are public, and it seems like other user retreived the trace of what you call an “abuse of power” : https://sopuli.xyz/comment/12732467 .

      It is in his right as a moderator to chose how he moderate the communities he has the right to. If he finds your comment pedantic and annoying, and chose to remove it, so be it.

      I’m not taking sides here. I don’t know the whole story, and I doubt anyone else here does. With the little context provided, It’d be hard to take knowingly a side.

      But in both case, this is textbook harassement as you are copy-pasting this comment on every community this is posted on. This community has a pretty clear rule against harrassement (rule 2), which you are breaching, offense for which I’ll use my g… mod given right of banning you for the time being (I’ll re-evaluate tomorrow when I’ll be less tired).

      Edit : After talking with OP via PM, a ban of 7 days was issued

    • Jtee@lemmy.worldEnglish
      95·
      1 month ago

      Wow, mad because you can be held accountable. That’s sad.

      Thanks for the steam link!

    • yamanii@lemmy.worldEnglish
      47·
      1 month ago

      4 likes on him complaining that modlogs being public is something bad, cowards that only want to be shitty in the shadows.

    • Voyajer@lemmy.worldEnglish
      23·
      1 month ago

      He used to relentlessly spam the /r/linux_gaming subreddit and argue with people there too until he deleted his reddit account lol

    • finitebanjo@lemmy.worldEnglish
      65·
      1 month ago

      I was going to ask why the thumbnail on this post is a hexagon shaped bear, but your comment explains it well enough.

    • conciselyverbose@sh.itjust.worksEnglish
      981·
      1 month ago

      Adding kernel malware after the fact should entitle every single owner who requests one to a full refund no matter how long has passed.

      • TipRing@lemmy.worldEnglish
        34·
        1 month ago

        Full agree. I do want some kind of policy for games that introduce anti-cheat both during early access and after release. Bricking a game you paid for should offer some sort of recourse.

      • CaptDust@sh.itjust.worksEnglish
        26·
        1 month ago

        I’d really like Valve to take an official policy on post-release changes that break games, but for what it’s worth they have not given me any hassle with refunds in these scenarios.

      • PM_Your_Nudes_Please@lemmy.worldEnglish
        11·
        1 month ago

        That’s exactly what Valve did. The automated refund system wasn’t available, but you could request a manual review and cite the added anti cheat; Valve was refunding those who did so.

      • pressanykeynow@lemmy.worldEnglish
        19·
        1 month ago

        I don’t think that’s fair. I “own” GTA5 and don’t really care for the last… 8 years? what they add. I had the full content of my purchase. Why should I be able to gain money for this?

  • vordalack@lemm.eeEnglish
    611·
    1 month ago

    Any program having kernel level access is spyware. This is getting ridiculous.

  • TommySoda@lemmy.worldEnglish
    47·
    1 month ago

    I feel like they’re doing this because they are going so hard with steam deck. Regardless, good on Valve for doing this.

  • Captain Aggravated@sh.itjust.worksEnglish
    301·
    1 month ago

    I wonder if you phrased it the way the Play store does: This game wants permission to:

    • send SMS messages
    • make calls
    • know your location
    • stalk your family
    • raid your fridge
    • access, read and upload files
    • manage and add contacts
    • cup your balls
    • go through your trash
    • irritate your boss

    etc.

    Think anyone would install them?

  • Woodstock@lemmy.worldEnglish
    26·
    1 month ago

    Can someone explain like I’m stupid on kernel level anti cheat and why I should watch out for it? Not a dig at all, a genuine question!

    • ArchRecord@lemm.eeEnglish
      66·
      1 month ago

      To put it very simply, the ‘kernel’ has significant control over your OS as it essentially runs above everything else in terms of system privileges.

      It can (but not always) run at startup, so this means if you install a game with kernel-level anticheat, the moment your system turns on, the game’s publisher can have software running on your system that can restrict the installation of a particular driver, stop certain software from running, or, even insidiously spy on your system’s activity if they wished to. (and reverse-engineering the code to figure out if they are spying on you is a felony because of DRM-related laws)

      It basically means trusting every single game publisher with kernel-level anticheat in their games to have a full view into your system, and the ability to effectively control it, without any legal recourse or transparency, all to try (and usually fail) to stop cheating in games.

      • ampersandrew@lemmy.worldOPEnglish
        40·
        1 month ago

        And it’s worth noting that trusting the game developer isn’t really enough. Far too many of them have been hacked, so who’s to say it’s always your favorite game developer behind the wheel?

      • barlescharkley@lemmy.worldEnglish
        35·
        1 month ago

        More importantly, if traditional anticheat has a bug, your game dies. Oh no.

        If kernel level anticheat has a bug, your computer blue screens (that’s specifically what the blue screen is: a bug in the kernel, not just an ordinary bug that the system can recover from). Much worse. Sure hope that bug only crashes your computer when the game is running and not just whenever, because remember a kernel-level program can be running the moment your computer boots as above poster said

      • Katana314@lemmy.worldEnglish
        21·
        1 month ago

        It’s not just trust of the game developer. I honestly believe most of them just want to put out profitable games. It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.

        There was some old article about how a black hat found a vulnerability in a signed virtual driver used by Genshin Impact. So, they deployed their whole infection package together with that plain driver to computers that had never been used for video games at all; and because Microsoft chose to trust that driver, it worked.

        I wish I could find an article on it, since a paraphrased summary isn’t a great source. This is coming from memory.

        • catloaf@lemm.eeEnglish
          2·
          1 month ago

          It’s trust that a hacker won’t ever learn how to sign their code in a way that causes it to be respected as part of the game’s code instructions.

          That’s not an accurate description of the exploit you describe. It sounds like the attacker bundled a signed and trusted but known vulnerable version of the module, then used a known exploit in that module to run their own unsigned, untrusted code with high privileges.

          This can be resolved by marking that signature as untrusted, but that requires the user to pull an update, and we all know how much people hate updating their PC.

    • yamanii@lemmy.worldEnglish
      121·
      1 month ago

      Easy, a bug in battle eye forced me to reinstall windows, this kernel access has to go.

    • LoboAureo@lemm.eeEnglish
      6·
      1 month ago

      Also, the most games that don’t work in linux is for this reason (and steamdeck works in linux)

    • mrvictory1@lemmy.worldEnglish
      21·
      1 month ago

      Imagine a game having higher privileges than what you get with “Run as administrator”

  • corroded@lemmy.worldEnglish
    228·
    1 month ago

    Why is kernel-level anti-cheat even a thing?

    If I was trying to prevent cheating, I’d hash the relevant game files, encrypt the values, and hard-code them into the executable. Then when the game is launched, calculated the hash of the existing files and compare to the saved values.

    What is gained by running anti-cheat in kernel mode? I only play single-player games, so I assume I’m missing something.

    • kevindqc@lemmy.worldEnglish
      391·
      1 month ago

      Because there are kernel-level cheats

      What you proposed can very easily be bypassed without even needing kernel access by just editing the executable code that checks hashes to always return true

    • Maalus@lemmy.worldEnglish
      91·
      1 month ago

      And then a game gets updated so the hashes don’t match and uh oh, everything is fucked. Oh, but we can change the hashes of the files in the executable! Yeah, so can they. People modding shit into the executable is basically a given. Let alone the fact that you’d need to sit through a steam “validation of files” length of time every time you’d need to launch a game (because validation works exactly as you have described).

      What is gained is that it has access to more information. Some cheats use an entirely different program / process that reads memory and outputs info that is available to the game but hidden from the player. Like a client needs to know where a person on the other team is to be able to draw their model. So you read that, you put a little box over where they are, and bang you have wallhacks.

      • unalivejoy@lemm.eeEnglish
        31·
        1 month ago

        I think the popular thing now is to mod your mouse so it clicks on the enemy player’s head.

    • ampersandrew@lemmy.worldOPEnglish
      71·
      1 month ago

      They can prevent you from running cheats that other anti-cheats can’t detect. For instance, they could modify the value in memory so that your calculated hash always succeeds even when it’s modified. This doesn’t stop cheating though; it just means cheaters have to use cheat hardware that exists at a layer that even kernel anti-cheat can’t detect.

  • MyNameIsAtticus@lemmy.worldEnglish
    7·
    1 month ago

    This will be helpful for discerning if a game can run on the Steam Deck. There’s not many games that don’t have verification (Either by Valve or ProtonDB) but for newer games with anticheat it will serve as a good rule of thumb i imagine

  • Riccosuave@lemmy.worldEnglish
    3·
    1 month ago

    Not to be annoying, but can someone please ELI5 how kernel level anti-cheat software actually works, or link good resources where I can read about it.

  • sp3ctr4l@lemmy.zipEnglish
    1·
    1 month ago

    However, it’s only being forced for kernel-level anti-cheat. If it’s only client-side or server-side, it’s optional, but Valve say “we generally think that any game that makes use of anti-cheat technology would benefit from letting players know”.

    I will always love Valve for their ability to use corpospeak against corpos.

    Your game has anti-cheat?

    Wonderful!

    I’m sure that always only results in an improved experience for all gamers, lets let them all know!

    =D

  • x00z@lemmy.worldEnglish
    54·
    1 month ago

    I wish Valve would just ban them. It’s weird to have something that looks like pure malware in a Game store.

    • pressanykeynow@lemmy.worldEnglish
      101·
      1 month ago

      Luckily Valve seems to believe in freedom of decision for their users so they won’t do this. There are kernel level cheats so there are kernel level anticheats. Obviously anticheats are mostly lame in what they do so it would probably be better for them to not be kernel level. Still there are “pure malware” anticheats and Valve thinks it’s up to the user to decide if they want one, their job is to inform the user. And that’s the best approach here in my opinion.

    • ILikeBoobies@lemmy.caEnglish
      0·
      1 month ago

      Gamers don’t care

      If Valve was against this then they would block them from their store. This is avoiding legal consequences