Comment by Rohansi
1 day ago
> They could be doing literally anything and you know it. There's no way for you to know unless you reverse engineer the software
Literally anything you run on your computer (running Windows) can take screenshots of your desktop, pull passwords saved in your browser, etc. without running in kernel mode. Even applications that aren't running as Administrator.
That was never in dispute. The point is they cannot be trusted. Not even the "but they wouldn't do that" argument is valid: they would and they have.
Knowing and accepting these risks is a big reason why we run Linux with free and open source software sourced from trusted software repositories.
We put effort into this because we want to control everything that happens on our machines, so that we are not affected by stupid nonsense like that.
Recall what I said in my original comment:
> You want their nonsense absolutely contained and isolated, not deep in your kernel.
We don't want unknown uncontrollable proprietary idiocy running on our computers, least of all in kernel mode.
Ideally that stuff would not even exist to begin with, but since it does we move on to the next best thing: containing and isolating it to the fullest extent. The ideal setup is a VFIO configuration where the host is a Linux system where we have full control and the virtual machine is fully isolated and controlled.
As such we really don't need idiotic "anticheat" software taking issue with perfectly good technologies like virtual machines and hypervisors. Cheaters are using this stuff? I don't care. Just accept it.