• Rusty Shackleford
    link
    fedilink
    English
    4
    edit-2
    6 months ago

    Noob question: has anyone confirmed that it’s really running in userspace on linux or win gaming tech forums yet? Doesn’t effective anti-cheat require root privileges?

    This is a pretty important thing to validate, in my opinion.

    • Sonotsugipaa
      link
      fedilink
      English
      11
      edit-2
      6 months ago

      Unless it actually behaves like malware and attempts multiple workarounds to obtain root privileges that I should know about, it does run in userspace for me.

      Perhaps later today I’ll spin up the game and check lsmod, but if I’m wrong that’s a massive black flag that has absolutely no chance of being legal no matter how many eula roofies they spiked my drinks with.


      Done, no weird kernel module was loaded: unless nProtect is pulling a sneaky, it’s running in user mode.

      • Rusty Shackleford
        link
        fedilink
        English
        5
        edit-2
        6 months ago

        This is a subject I’ve been meaning to start researching and poking around with a bit. Due to work/time requirements, I haven’t been able to run a profiler on anti-cheat services on either of my Windows or my Kubuntu boxes. Any information that you’re willing to share is much appreciated. Thank you, in advance!

        • Sonotsugipaa
          link
          fedilink
          English
          46 months ago

          I’m not using a VM, I don’t think it would work with Windows + the kernel level anticheat; I also haven’t tried poking around with the AC, I guess it does prevent simple memory manipulation with things like scanmem but I’m not willing to risk 40€ just for science.

          I’ll try doing the lsmod thing and edit the comment you replied to, in a bit

      • @[email protected]
        link
        fedilink
        English
        56 months ago

        Thank you for your service

        Without people like you we’d all be relying on hearsay… I mean like even moreso than relying on a stranger’s comment :)

    • @AProfessional
      link
      English
      8
      edit-2
      6 months ago

      It is impossible to run in kernel without being explicitly given that permission.

      Client anitcheat is never perfect, it is slightly better in kernel but that just caused more issues for legitimate customers.

      None of this even makes sense as HD2 isn’t a PvP game.

      • Rusty Shackleford
        link
        fedilink
        English
        3
        edit-2
        6 months ago

        I suppose that a legitimate argument for anti-cheat could be griefing, but then the host could just boot the player based on a basic voting system. In general I was curious to see “what’s under the hood” of a kernel-level and a userspace-level anti-cheat service and what are the implicit security risks for an average user.

        • @AProfessional
          link
          English
          4
          edit-2
          6 months ago

          In general I was curious to see “what’s under the hood” of a kernel-level service and a userspace-level anti-cheat and what are the implicit security risks for an average user.

          This answer isn’t very satisfying, but the risk is complete and total. A kernel module can do anything and can hide what its doing.

          A userspace anti-cheat has a wider range of risk. For example on Linux you can sandbox it so its quite safe in that case.

          On Windows the most common issues user report are things like kernel crashes, corruption, etc. Things that should never happen in kernel space and potentially break an installation. These are honestly amateur projects that don’t belong there.

        • @[email protected]
          link
          fedilink
          English
          36 months ago

          I think the most compelling for me was something like in MW2 back in the day hacked lobbies fucking up a your stats. Something similar in hd2 could ruin it for some.

          • AceCephalon
            link
            fedilink
            English
            26 months ago

            In Helldivers 2’s case, say a cheater forces everyone in that mission to max out samples/medals/super credits, it entirely kills the progression and takes away a reason to keep playing unless it’s reverted safely, which then means that mission was pointless because someone else used cheats.

            • Tlaloc_Temporal
              link
              fedilink
              English
              46 months ago

              The solution to that is to rework how rewards are calculated, maybe do some sanity checks with the server, not seize super admin control of personal hardware.

    • @MajinBlayze
      link
      English
      56 months ago

      For me, since I use the flatpak version of steam, at no point have I ever provided the admin password in order to install steam or any game. It, like all of my desktop software, runs in it’s own little sandbox that has limited access to the rest of the computer. It would take a somewhat sophisticated attack for an anticheat to actually run in kernalspace on the host os.

      But that’s also why companies like riot have their anticheat block Linux from running the game at all.

      If Linux becomes a populate enough platform, I’m sure cheaters will start using it to get around anticheat and something else will have to be done. Until then, I’m happy knowing this is a problem that I can mostly avoid.