• Rusty Shackleford@programming.dev
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      7 months ago

      Noob question: has anyone confirmed that it’s really running in userspace on linux or win gaming tech forums yet? Doesn’t effective anti-cheat require root privileges?

      This is a pretty important thing to validate, in my opinion.

      • Sonotsugipaa@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        11
        ·
        edit-2
        7 months ago

        Unless it actually behaves like malware and attempts multiple workarounds to obtain root privileges that I should know about, it does run in userspace for me.

        Perhaps later today I’ll spin up the game and check lsmod, but if I’m wrong that’s a massive black flag that has absolutely no chance of being legal no matter how many eula roofies they spiked my drinks with.


        Done, no weird kernel module was loaded: unless nProtect is pulling a sneaky, it’s running in user mode.

        • Rusty Shackleford@programming.dev
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          7 months ago

          This is a subject I’ve been meaning to start researching and poking around with a bit. Due to work/time requirements, I haven’t been able to run a profiler on anti-cheat services on either of my Windows or my Kubuntu boxes. Any information that you’re willing to share is much appreciated. Thank you, in advance!

          • Sonotsugipaa@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            4
            ·
            7 months ago

            I’m not using a VM, I don’t think it would work with Windows + the kernel level anticheat; I also haven’t tried poking around with the AC, I guess it does prevent simple memory manipulation with things like scanmem but I’m not willing to risk 40€ just for science.

            I’ll try doing the lsmod thing and edit the comment you replied to, in a bit

        • brbposting@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          5
          ·
          7 months ago

          Thank you for your service

          Without people like you we’d all be relying on hearsay… I mean like even moreso than relying on a stranger’s comment :)

      • AProfessional@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        edit-2
        7 months ago

        It is impossible to run in kernel without being explicitly given that permission.

        Client anitcheat is never perfect, it is slightly better in kernel but that just caused more issues for legitimate customers.

        None of this even makes sense as HD2 isn’t a PvP game.

        • Rusty Shackleford@programming.dev
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          7 months ago

          I suppose that a legitimate argument for anti-cheat could be griefing, but then the host could just boot the player based on a basic voting system. In general I was curious to see “what’s under the hood” of a kernel-level and a userspace-level anti-cheat service and what are the implicit security risks for an average user.

          • AProfessional@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            7 months ago

            In general I was curious to see “what’s under the hood” of a kernel-level service and a userspace-level anti-cheat and what are the implicit security risks for an average user.

            This answer isn’t very satisfying, but the risk is complete and total. A kernel module can do anything and can hide what its doing.

            A userspace anti-cheat has a wider range of risk. For example on Linux you can sandbox it so its quite safe in that case.

            On Windows the most common issues user report are things like kernel crashes, corruption, etc. Things that should never happen in kernel space and potentially break an installation. These are honestly amateur projects that don’t belong there.

          • Jakeroxs@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            3
            ·
            7 months ago

            I think the most compelling for me was something like in MW2 back in the day hacked lobbies fucking up a your stats. Something similar in hd2 could ruin it for some.

            • AceCephalon@pawb.social
              link
              fedilink
              English
              arrow-up
              2
              ·
              7 months ago

              In Helldivers 2’s case, say a cheater forces everyone in that mission to max out samples/medals/super credits, it entirely kills the progression and takes away a reason to keep playing unless it’s reverted safely, which then means that mission was pointless because someone else used cheats.

              • Tlaloc_Temporal
                link
                fedilink
                English
                arrow-up
                4
                ·
                7 months ago

                The solution to that is to rework how rewards are calculated, maybe do some sanity checks with the server, not seize super admin control of personal hardware.

      • MajinBlayze@lemmy.world
        link
        fedilink
        English
        arrow-up
        5
        ·
        7 months ago

        For me, since I use the flatpak version of steam, at no point have I ever provided the admin password in order to install steam or any game. It, like all of my desktop software, runs in it’s own little sandbox that has limited access to the rest of the computer. It would take a somewhat sophisticated attack for an anticheat to actually run in kernalspace on the host os.

        But that’s also why companies like riot have their anticheat block Linux from running the game at all.

        If Linux becomes a populate enough platform, I’m sure cheaters will start using it to get around anticheat and something else will have to be done. Until then, I’m happy knowing this is a problem that I can mostly avoid.