Vanguard, the controversial anti-cheat software initially attached to Valorant, is now also coming to League of Legends.
Summary:
The article discusses Riot Games’ requirement for players to install their Vanguard anti-cheat software, which runs at the kernel level, in order to play their games such as League of Legends and Valorant. The software aims to combat cheating by scanning for known vulnerabilities and blocking them, as well as monitoring for suspicious activity while the game is being played. However, the use of kernel-level software raises concerns about privacy and security, as it grants the company complete access to users’ devices.
The article highlights that Riot Games is owned by Tencent, a Chinese tech giant that has been involved in censorship and surveillance activities in China. This raises concerns that Vanguard could potentially be used for similar purposes, such as monitoring players’ activity and restricting free speech in-game.
Ultimately, the decision to install Vanguard rests with players, but the article urges caution and encourages players to consider the potential risks and implications before doing so.
I’m wondering if there’s a way we can even know they’re installing it. Windows just gives that generic admin prompt, I imagine? Tells you nothing of what’s happening.
Well if you get asked for sudo, then that’s a risk.
Installing almost anything* on Windows requires the equivalent of sudo, same as Linux.
Determining if it’s a normal install or adding a kernel driver wouldn’t be feasible just by watching the installation. (On either OS if they are not showing terminal output)
EDIT:
My context here (which I should have been explicit about sooner) is: “ordinary user is installing a closed source commercial large game” (with its own installer) and doesn’t know if they are also getting a free rootkit.
They are going to just click Next without changing defaults, and are not going to extract and inspect anything.
Most user software should NOT need sudo.
Typically you need “sudo” to use the package installer though, if that’s where you’re getting confused. But that’s because most Linux package managers are built to install software to be available for all users. However once installed that does NOT mean the package always has sudo access. And the way Linux software is typically installed is just putting the executable in a certain folder, unlike Windows where you run a software’s custom installer which asks for admin access and then does who knows what.
You usually have the option of installing for just your user, and I think that usually doesn’t require admin permissions.
My context here (which I should have been more explicit about) is “ordinary user is installing a closed source commercial large game” (with its own installer) and doesn’t know if they are also getting a free rootkit.
Sure when it’s something you compile yourself and you have some knowledge you can ./configure it to go under your home directory and not need sudo to make install later, but a game with a script or binary you need to run is likely to ask for root on launch (Especially on Windows) and maybe asks later or has command line options for a single user install, but we can assume the user does whatever is default.
I didn’t suggest that it would (although it Could if it’s malicious - on Linux that would be as simple as the setuid bit. Or …back on topic… installing a kernel driver on either OS)
I feel like you’re not sure how system software like
sshand a user’s personal game software can install differently in different places, and where one needs no root access to install at all. Go see how mac does it.Macs still ask me for permissions and I have no idea what’s asking to do what.
I get it for Linux and Windows (though I don’t know how MacOS does it) my context here (which I should have been more explicit about) is “ordinary user is installing a closed source commercial large game” (with its own installer) and doesn’t know if they are also getting a free rootkit.
Sure when it’s something you compile yourself and you have some knowledge you can ./configure it to go under your home directory and not need sudo to make install later, but a game with a script or binary you need to run is likely to ask for root on launch (Especially on Windows) and maybe asks later or has command line options for a single user install, but we can assume the user does whatever is default.
You couldn’t be more wrong bud. Flatpaks do not require sudo, executables run from a directory (like how Steam games are run) don’t require sudo either. You only need sudo if installing from the main package manager like deb, rpm, pacman or whatever your distro uses. Most games on Linux aren’t installed from the main package manager though.
If it’s a package for the package manager you could download the archive for it and pull it apart to see its contents, it’s usually very clear when such software includes kernel drivers or kernel patchers. Most software on Linux uses the package manager to install or a script to unpack, both of which are relatively easy to explore even if the software isn’t open source, haven’t found too many linux apps with Binary installers, they might exist but if they do they aren’t popular or common.
Since this keeps coming up, I edited the post you replied to. TLDR is that we are assuming different contexts.
You can list all the current loaded drivers. You can examine the system event log for service start operations. You can run with a kernel debugger attached and examine any loaded driver. The driver itself is likely correctly signed and will not require additional user acknowledgement beyond what was given when the game was installed.
Unfortunately all of those just tell you it’s already installed, not that it’s about to install it. If you didn’t know, who’s going to be constantly checking for new drivers after every software install?
It would probably show up in Autoruns. Maybe even with a background service in task manager.
Kernel level drivers would not be in auto run.
What, why not?
Ask Microsoft