Comment by mitkebes
19 hours ago
I also always hear a lot of people complain about cheaters in Valorant, so all of that compromised personal security doesn't actually stop cheaters.
Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
> you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data.
Correct. Unfortunately, what you've just described is a gaming console rather than a PC. This problem fundamentally undermines the appeal of PC gaming in a significant way, imo.
> This problem fundamentally undermines the appeal of PC gaming in a significant way, imo.
Yes, game publishers are trying to turn PCs into a gaming console, which IMO will always be a futile effort, and is quite frankly annoying. I don't game on PC to have a locked down console-like experience.
Just embrace the PC for what it is and stop trying to turn it into a trusted execution platform with spyware and rootkits.
Look at BF6 - for all the secure boot and TPM required anti-cheat they stuffed it with, there were cheaters day 1, so why abuse your users when it's clearly ineffective anyway.
That's what gets me! If these rootkit anti-cheat systems actually stopped cheating then maybe, just maybe, I'd accept them as a necessary evil. But every game that has these things... still has cheaters! So as a user, you're consenting to ripping a security hole through your system, and in return you are still playing games with cheaters.
The game companies keep saying these things are necessary, yet they don't fully do the very thing they claim to do on the label.
2 replies →
How are the cheaters getting around it?
6 replies →
Honestly, if consoles were willing to accept KB+M (and gyro aiming for that matter), I’d be completely proposing that competitive live service titles mostly abandon PC, except for a small “probably infested with cheaters” base.
It’s happening! https://www.dualshockers.com/battlefield-6-will-support-keyb...
XBox consoles do in fact support KB+M, though not all games support it.
1 reply →
Stream console output to pc, use AI to detect enemies, manipulate mouse and keyboard input to aimbot, even consoles aren’t safe
Somehow Xonotic manages to be both completely free/open software and not have cheating problems like this. It's never been clear to me how they've done that although client-side stuff like these kernel anti-cheat things were obviously never going to work.
Combination of niche/low user base, community servers encouraging user-based enforcement of norms, and the lack of a unified ranking system. People don't cheat if it doesn't psychologically reward them. (at least en masse)
This is why (even though everybody hates my for saying this) - the only way to do security is by enforcing root of trust - which is why Windows 11 forcing secure boot and TPM is a necessary change.
The idea that we should allow arbitrary code execution at some point, then we claw back security by running mass surveillance on your PC is clearly insane.
The only way to go forward is what BF6 has done - ensure the PC is in a pristine state, and nothing bad was loaded in the kernel - which is ironically why their anticheats conflicted - they don't allow loading random crap in the kernel.
Not to mention, people who develop these invasive security modules don't have the expertise, resources or testing culture to muck about in the kernel to the degree they do.
As to how dangerous this actually got actually showcased by Crowdstrike last year.
Sounds great! Guess who I trust? Me. The root of trust should be a key I generate. I do not trust this to any government, any private company or really any 3rd party, except perhaps a member of my family or my lawyer. It can just be me and maybe someone I grant a digital equivalent of power of attorney to. For a company like Microsoft to try and get involved is in my view a form of aggression.
> doesn't actually stop cheaters.
doesn't actually stop all cheaters.
We could have a better discussion around this if we recognize that failing to stop 100% of something isn't a prerequisite to rigorously evaluating the tradeoffs.
Doesn't actually stop all cheat developers. If even one person develops and sells a cheat that the kernel-level anticheat doesn't catch, then it stops 0% of cheaters from buying and using the cheat.
It makes the cheats more valuable on the black market. I'm fairly sure the only people cheating in the major competitive games with anticheat are whales and extremely unethical pro players.
2 replies →
I think the problem with this line of reasoning is that it's one-sided. Essentially you are saying "Just trust me bro" on behalf of a self-evaluating company.
I'd argue the potential for abuse is a perfectly reasonable discussion to have, and doesn't have much bearing on the effectiveness of anticheat, but I understand that's not the point you are trying to make.
Sorry, my writing should have been clearer, I put one too many negatives in. :-)
I didn't claim we should trust the company. Whether we can trust the anticheat maker is certainly part of the rigorous evaluation of the tradeoffs I mentioned. My point was that saying "it doesn't stop cheaters" is both incorrect and stifling to a more productive conversation, because it implies anticheat has no value and is therefore worth no risk.
As for me, if Gabe said "now you can opt your Steam Deck in to a trusted kernel we ship with anticheat and play PUBG," I'd probably do it. But that's because I, for better or worse, tend to trust Gabe. If Tencent were shipping it, I'd probably feel differently.
1 reply →
I fundamentally agree with you.
But anti-cheat hasn't been about blocking every possible way of cheating for some time now. It's been about making it as in convenient as possible, thus reducing the amount of cheaters.
Is the current fad of using kernel level anti-cheats what we want? hell nah.
The responsibility of keeping a multi-player session clean of cheaters, was previously shared between the developers and server owners. While today this responsibility has fallen mostly on developers (or rather game studios) since they want to own the whole experience.
A dedicated machine with no other general purpose apps that has minimal private data on it sounds like a gaming console.
Or a virtual machine...
And with PCIe pass through you can get near bare metal performance. You won’t be able to play Valorant though
Anti cheat won't run in a VM
12 replies →
About halfway in the article, there's a brief nod to CS:GO. It uses a tick system and the server controls what is possible, such as physics or awarding kills. Fighting genre games use the same server-based game logic.
Cheating is a big draw to Windows for semi-pro gamers and mid streamers. What else is there to do except grind? Windows gives the illusion of "kernel level anti-cheat," which filters out the simplest ones, and fools most people some of the time.
Fighting games do not use server-mediated simulation, in general. Cheating is actually a huge problem in popular games. And in fact, even running a server-mediated simulation wouldn't help with any of the common cheating in fighting games.
For instance, a common cheat in Street Fighter 6 is to trigger a drive impact in response to the startup of a move that is unsafe to a drive impact. That is recognizing the opponent's animation and triggering an input. There's no part of that which cares where the game simulation is being done. In fact, this kind of cheating can only be detected statistically. And the cheats have tools to combat that by adding random triggering chances and delays. It's pretty easy to tune a cheat to be approximately as effective as a high-level player.
Kernel-level anticheat isn't a perfect solution, but there are people asking for it. It would make cheating a lot harder, at least.
> About halfway in the article, there's a brief nod to CS:GO. It uses a tick system and the server controls what is possible,
As does Valorant and virtually every other first person shooter. The cheats aren't people flying around or nocliping, it's wallhacks and aim assists/bots.
Wallhacks depend on the server giving the client information the client shouldn't have.
2 replies →
> Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
Wouldn't it be sufficient to simply have a minimal system installed on a separate partition or on a separate drive (internal or external). Boot that for gaming, and never give it the password for the encryption of your non-gaming volumes.
Why not dual boot, and keep your files on an encrypted partition?
> Honestly I feel like you should only use kernel anticheat on a dedicated machine that's kept 100% separate from any of your personal data. That's a lot to ask of people, but you really shouldn't have anything you don't consider public data on the same hardware.
Yes, and at that point, you may as well use Windows for that machine.