Comment by Too
14 hours ago
> The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation.
That would require essentially turning it into a console or Android.
14 hours ago
> The best Valve could do is offer a special locked down kernel with perhaps some anticheat capabilities and lock down the hardware with attestation.
That would require essentially turning it into a console or Android.
Not really. Measured boot and remote attestation are a thing. Couple with reproducible builds to address security and privacy concerns.
Hardware support would inevitably be somewhat limited but that's still better than the situation with either consoles or kernel anticheat.
Sure you can secure boot the kernel and the game binary itself but then you have all the surrounding support from the OS that also need to interop without being tamperable. Screenshots, network and input devices for example are routed through user space before reaching the game, and they can be used to make cheats. Now some of those layers are getting more isolated, for example with Wayland. Even so, that means your secure boot chain must go all the way up to include a non tampered window manager too, taking you closer and closer into reinventing a Android like console OS.