this post was submitted on 20 Feb 2024
194 points (97.1% liked)

Games

32657 readers
1063 users here now

Welcome to the largest gaming community on Lemmy! Discussion for all kinds of games. Video games, tabletop games, card games etc.

Weekly Threads:

What Are You Playing?

The Weekly Discussion Topic

Rules:

  1. Submissions have to be related to games

  2. No bigotry or harassment, be civil

  3. No excessive self-promotion

  4. Stay on-topic; no memes, funny videos, giveaways, reposts, or low-effort posts

  5. Mark Spoilers and NSFW

  6. No linking to piracy

More information about the community rules can be found here.

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 24 points 9 months ago (9 children)

Off topic. Is the anti cheat as invasive as people make it out to be? I'm no computer wiz but I've stopped playing pvp games with root kits but don't actually know enough. Also anti cheat in a pve game lol.

[–] [email protected] 22 points 9 months ago (1 children)

It rootkits your PC, and some versions have a privelige escalation exploit where an attacker can run any arbitrary code as root.

[–] [email protected] 1 points 9 months ago (3 children)

It rootkits your PC, and some versions have a privelige escalation exploit where an attacker can run any arbitrary code as root.

Hasn't Steam itself had issues with privilege escalation exploits in the past?

[–] [email protected] 5 points 9 months ago (1 children)

Probably? I'm not sure how that's relevant to what I said though.

[–] [email protected] -3 points 9 months ago (2 children)

That makes Steam a "rootkit" then, correct? People should really stop using it.

[–] [email protected] 6 points 9 months ago

Since Microsoft has access to your entire windows system, there's no harm letting every other company have it too then?

[–] [email protected] 5 points 9 months ago (1 children)

No, it doesn't, and you're betraying your ignorance of the topic by making the suggestion.

First of all, when we refer to rootkits, we're talking about the fact that NProtect, by design, gains an absolutely staggering amount of access to the kernel space of your computer. VAC, by comparison, does not demand anything like the same level of access. You're making an apples to oranges comparison, and when questioned on it responding with "But they're both citrus fruit, right?"

No, they're not, and the fact that you think they are means you don't know nearly as much about this subject as you think.

But putting that aside for a moment, suppose one day you went hang gliding. Then, upon telling me about how much you enjoyed it, I immediately demanded that you play Russian roulette with me, and got seriously offended when you refused. That would be insane, right?

So you see how a person consenting to one risk doesn't obligate them to consent to others? It's not an all or nothing state between "My computer is exposed to exactly zero vulnerabilities" and "My computer is exposed to literally every vulnerability ever".

Every single program you install on your computer brings some potential amount of risk, but a) that risk is MUCH higher when the program demands the kind of kernel level access to resources like your memory that NProtect wants, and b) that risk has to be commensurate to the benefits offered, and it's hard to see what benefit I'm being offered by a notably cheaply made kernel level anti-cheat in a purely cooperative gameplay experience.

[–] [email protected] 0 points 9 months ago

I gave a concrete example of an exploit using Steam, and you've provided a hypothetical while arguing that your hypothetical example is much more risky (and compared it to hang gliding vs Russian roulette).

Specifically how much more of a risk is it to have kernel level anti-cheat installed than it is to install software like Steam and games on your system? Since you are claiming in-depth knowledge I would actually like to know more specifics for future reference. I don't find the hang-gliding/russian-roulette example super helpful personally.

...it’s hard to see what benefit I’m being offered by a notably cheaply made kernel level anti-cheat in a purely cooperative gameplay experience.

You don't see how it would affect your enjoyment of the game to have someone insta-killing all the enemies in a match, or generating 1000x more rewards than you would normally receive, breaking the progression permanently?

[–] [email protected] 4 points 9 months ago

For some reason FOSS bros don't have any issues with capitalism or security when it comes to Steam, they think Gaben shits gold or something idk. It's weird. Steam is virtually a monopoly and has had security vulnerabilities in the past but they just plug their ears and ignore it.

[–] [email protected] 1 points 9 months ago

Insert meme of guy sweating over two buttons here

[–] [email protected] 15 points 9 months ago

Don't get pulled in by this bullshit. Some game is not worth a rootkit. Take back out hardware.

[–] [email protected] 14 points 9 months ago (2 children)

Setting aside that there really shouldn't even be an anticheat in a PvE game (unless progression allows you to unlock items that are real world currency based on which I could see why they'd want to stop people from accessing it without one of their two methods) the concept of a rootkit doesn't equal "software with admin privileges."

A rootkit is a package of different (specifically malicious) programs that are designed to hide themselves from your system.

Is the anticheat designed to be invisible when installed or running? No. Is it designed to specifically be malicious? No. Therefore it's not a rootkit.

There's a difference between software designed for malicious purposes and software that has the ability to be hijacked for a malicious purpose. These two aren't the same and everyone with even a smidgeon of actual IT security knowledge would acknowledge that at the bare minimum which no one in this thread seems to have done yet.

This isn't just semantics, rootkits are defined by their purpose not their permissions. Bunch of script kiddies in this website pretending their ability to install Arch makes them professional Comp Sci degree holders.

[–] [email protected] 11 points 9 months ago

Setting aside that there really shouldn't even be an anticheat in a PvE game (unless progression allows you to unlock items that are real world currency based on which I could see why they'd want to stop people from accessing it without one of their two methods)

I can think of another reason. It's a live service game where it's the community vs the game masters. They want to tell a story within the game and direct us with community challenges. Right now there's a challenge to protect planets from automaton invasions. We lost the first planet, won a few but it's not looking as much of a clearcut victory like the first challenge was. There's a real chance we fail this challenge and maybe that part of their plan?

So what would happen if you let cheaters run amok? Now you can't tell a story where the community fails, because cheaters can guarantee wins. If you make it so hard cheaters can't win you're going to make it completely impossible for the community and that's just not fun. So what can you do to make it fun for the community? Crack down on cheaters.

I just don't see another rational reason to have anticheat. Even the real world currency isn't that useful because it's mostly for buying armors for cosmetic purposes. There's really not much to gain from circumventing the real world currency.

[–] [email protected] 10 points 9 months ago (1 children)

unless progression allows you to unlock items that are real world currency based on which I could see why they'd want to stop people from accessing it without one of their two methods

This is the reason I believe. There's a premium season pass that has some later game unlocks which they probably want to incentivize. That, and there's a meta-game that depends on the community making concerted efforts to progress the story. I'm assuming that they don't want a modder to unbalance that.

[–] [email protected] 3 points 9 months ago

Yeah, it's definitely getting difficult to identify the difference in PvE and PvP from a security and financial standpoint in the modern live service landscape. Games that don't include direct competition still have aspects of them which can be messed up by other people with cheats.

A somewhat similar concept is how easy it is to stop at the space anomaly in NMS and get handed a stack of Starship AI valves that will immediately skip you past early-mid game progression in a lot of gameplay loops. It has nothing to do with paid currency which is why they don't stop it but the idea is similar I guess.

[–] [email protected] 12 points 9 months ago

Yes it is. Its literally a free for all rootkit on your system. Anything you run can exploit it. Its an open invitation to take over your system. The only way I'd run this, would be under linux with proton emulation layer.

[–] [email protected] 7 points 9 months ago

Bonus point, it doesn’t even work, judging from the videos I’ve seen of people cheating ammo counts or resources

[–] [email protected] 7 points 9 months ago (1 children)

I think it's roughly as bad as EAC or Battleye. The big difference is it's by a less known company.

[–] [email protected] 5 points 9 months ago

EAC and Battleye, to my knowledge, demand significantly less access to your system. Because they're made by people who know what they're doing.

Rootkitting the whole computer is basically the "Getting rid of the possum under the porch with dynamite" approach.

[–] [email protected] 6 points 9 months ago

Not really, it opens and scans the PC when you launch the game and then closes itself once you quit the game.

[–] [email protected] 2 points 9 months ago

Off topic to the off topic. OS masterminds out there, does rootkit anti-cheat translates to Linux over Proton? I assume not? If Proton is not originally run as root, it shouldn't be able to elevate its privileges, correct?

[–] [email protected] 1 points 9 months ago

By nature root kits are invasive. But they probably don't collect all that much