Now if only they could more clearly communicate when games are playable offline.
Any program having kernel level access is spyware. This is getting ridiculous.
FYI - the owner of this site, gamingonlinux, was a mod on the !linux_gaming@lemmy.ml community until they were caught abusing their moderator powers. Then they deleted their account and complained on mastodon that it’s stupid design that mod logs are public. [Screenshot]
Instead, here’s a link to the official post https://steamcommunity.com/groups/steamworks/announcements/detail/4547038620960934857
Wow, mad because you can be held accountable. That’s sad.
Thanks for the steam link!
4 likes on him complaining that modlogs being public is something bad, cowards that only want to be shitty in the shadows.
I’m still fairly new. Where do I go for modlog drama?
There is a sub for sanity checking mod actions, aita-style.
If you keep in mind it is for active unconfirmed situations, and that votes there are not meant to mark the cases of mod abuse, I think it can fill that niche.
He used to relentlessly spam the /r/linux_gaming subreddit and argue with people there too until he deleted his reddit account lol
He’s still on Reddit
I was going to ask why the thumbnail on this post is a hexagon shaped bear, but your comment explains it well enough.
the thumbnail is a hexagon bear because it’s the logo for easyanticheat, the most recogniseable anticheat
Well thats somewhat unnerving.
I imagine the alternative way to combat kernel-level cheats would be asking player for all his game state data, validating it on a server?
Wouldn’t work on peer-to-peer and you’d have to do a bunch of unnecessary compute(recalculating every tick if player-generated data is possible according to game rules) but its the only way I can think of.
Most games already do this lol Cheats usually don’t do anything that is technically impossible to do on a vanilla client, just highly improbable
True, can’t think of how would you combat a cleverly written aim-bot.
Or bring server browsers back and let server mods handle it.
I’ve rarely, if ever, had a bad time using a server browser.
A more modern idea. Put all the chesters into the same lobbies through matchmaking
Or bring server browsers back and let server mods handle it.
How will you handle competitive matchmaking? I agree for casual matchmaking though
A more modern idea. Put all the chesters into the same lobbies through matchmaking
Maybe moderm in relative termy but notnreally. One of the articles I could find on the quick is from 4 years ago: https://www.ign.com/articles/cod-warzone-cheaters-are-being-matched-up-together-as-punishment
That does not detect things like wall hack and aim-bots that don’t modify the game state directly.
Don’t tell the client what’s going on outside its vision, I suppose? Add a small buffer to compensate for latency, so wall hack would be more of a “corner hack”.
Ooh and it’s a giant yellow banner you probably won’t miss, and not some two-shades-ligher-than-the-background nonsense.
Good job, Valve.
They do this with Early Access and people still lose their shit about empty content and unfinished graphics in a game they paid $10 for.
Gamers don’t care
If Valve was against this then they would block them from their store. This is avoiding legal consequences
I’m a gamer, and absolutely fuck these damn things. I still haven’t bought helldivers 2 yet. I refuse to compromise my system for their issues.
“”“gamers”“” aren’t a monolith
Some people clearly care bc they are currently discussing it
Well to be fair, we’re like 1% of all gamers. Most gamers don’t give a flying fuck and will gladly buy these products anyway. So the companies don’t really have much incentive to give a shit.
That’s why it’s a big disturbing banner where most gamers don’t understand the text but know that big disturbing banner is bad. Will it affect the sales? Not at all. But it will raise the problem(mostly Linux anticheat) to the higher standing people in the gaming companies than before because now they require those top level managers to make a decision is it big disturbing banner or Linux anticheat.
I highly doubt this will do anything at all to sales. But I’m just guessing. Maybe it will. Hopefully! But I still applaud the change by Valve. I think it’s great.
I don’t think the point is to do anything on sales. Valve profit from sales. It’s to raise the problem so now the managers have to decide on a scale how much they abuse the players. Before it wasn’t even a problem, now it’s Valve: “maybe you shouldn’t wink wink”
Well yea, I don’t think Valve wants to nuke their own sales, lol. I think they don’t want any devs doing any funny business and abusing anti cheat. That’s my guess.
Another “to be fair” - what do y’all reckon is the proportion of gamers who could define kernel? (not rhetorical)
Edit: maybe not as good as a question as how many have any opinion on kernel-level anticheat, since you don’t need to be able to define kernel to be against the anti-cheat if you’ve heard it slows down games
See, you don’t understand. /s
Nothing ever matters, and nothing ever happens.
“””gamers””” aren’t a monolith
That’s why some people discussing it aren’t going to do anything to dissuade the practice
Games have been buried in negative reviews for less. We can’t tell in advance.
But implying you know, and can speak for all people who play games is just bafflingly ignorant and conceited.
And people not discussing is better how?
You speak for an entire demographic. How do you get that role?
Observation
Not enough observation to read this room aye.
That’s fair: most probably don’t.
I appreciate a ‘this won’t work in Linux no matter what you do’ banner on things, though.
However, it’s only being forced for kernel-level anti-cheat. If it’s only client-side or server-side, it’s optional, but Valve say “we generally think that any game that makes use of anti-cheat technology would benefit from letting players know”.
I will always love Valve for their ability to use corpospeak against corpos.
Your game has anti-cheat?
Wonderful!
I’m sure that always only results in an improved experience for all gamers, lets let them all know!
=D
How does vac play into all of this then …
VAC is not kernel level, because surprise you don’t actually need kernel level to do anti cheat well.
VAC games would just get the standard AC message banner, not the scary yellow kernel level warning banner.
… I am pretty sure VAC games have indicated on their store page that they use VAC for well over a decade.
you don’t actually need kernel level to do anti cheat well.
I’m sure you’re right, but VAC is one of the worst examples for that… I think whatever Blizzard does with Overwatch 2 is a better example.
It doesn’t run at the kernel level?
I do everything important like banking etc on a separate device that isn’t my gaming PC. This has been quite liberating since I worry less about invasive anti-cheat, drm etc. I realize not everyone wants to do this but it’s been a nice compromise.
For me anything important is done in the browser (very rarely) and mostly on the phone.
That’s one way to do it, but I worry less about those things by not supporting them with my time and money.
That’s awesome! GTA V just screwed everyone on Linux! What a rug pull.
Adding kernel malware after the fact should entitle every single owner who requests one to a full refund no matter how long has passed.
That’s exactly what Valve did. The automated refund system wasn’t available, but you could request a manual review and cite the added anti cheat; Valve was refunding those who did so.
I’d really like Valve to take an official policy on post-release changes that break games, but for what it’s worth they have not given me any hassle with refunds in these scenarios.
Yup. If it’s important enough that devs now have to add a disclaimer on the store page, surely devs shouldn’t be allowed to circumvent that by adding it later. Since SteamDeck customers are affected by this the most, it’s weird that this isn’t already a rule, particularly for games that are SteamDeck verified.
Full agree. I do want some kind of policy for games that introduce anti-cheat both during early access and after release. Bricking a game you paid for should offer some sort of recourse.
Valve was giving refund when riot added the anticheat
Are there Riot games on Steam?
They publish their single player games to steam. Don’t know about any of their multiplayer ones though.
That should be any update if you can’t play the previous one
I don’t think that’s fair. I “own” GTA5 and don’t really care for the last… 8 years? what they add. I had the full content of my purchase. Why should I be able to gain money for this?
Don’t be pieces of shit and you won’t owe refunds.
In a just world people would be going to prison for it.
Can someone explain like I’m stupid on kernel level anti cheat and why I should watch out for it? Not a dig at all, a genuine question!
Also, the most games that don’t work in linux is for this reason (and steamdeck works in linux)
Making it super simple, it runs with full access on your machine, always. It can fuck anything up, and see everything. It can get your browser history, banking details or private messages you enter, activate your webcam or mic without you knowing, or brick your computer even.
And you can’t even check what it’s really doing on your computer because it’s a crime under US law.
Finally, it can get hacked and other people than the creator can do all these to your computer as well,as it already happened once.
And you can’t even check what it’s really doing on your computer because it’s a crime under US law.
Is this specifically for kernel level anticheat? Because this isn’t a thing for software in general right??
To put it very simply, the ‘kernel’ has significant control over your OS as it essentially runs above everything else in terms of system privileges.
It can (but not always) run at startup, so this means if you install a game with kernel-level anticheat, the moment your system turns on, the game’s publisher can have software running on your system that can restrict the installation of a particular driver, stop certain software from running, or, even insidiously spy on your system’s activity if they wished to. (and reverse-engineering the code to figure out if they are spying on you is a felony because of DRM-related laws)
It basically means trusting every single game publisher with kernel-level anticheat in their games to have a full view into your system, and the ability to effectively control it, without any legal recourse or transparency, all to try (and usually fail) to stop cheating in games.
More importantly, if traditional anticheat has a bug, your game dies. Oh no.
If kernel level anticheat has a bug, your computer blue screens (that’s specifically what the blue screen is: a bug in the kernel, not just an ordinary bug that the system can recover from). Much worse. Sure hope that bug only crashes your computer when the game is running and not just whenever, because remember a kernel-level program can be running the moment your computer boots as above poster said
And it’s worth noting that trusting the game developer isn’t really enough. Far too many of them have been hacked, so who’s to say it’s always your favorite game developer behind the wheel?
Or, even better, when you let a whole bunch of devs have acces to the kernel…
… sometimes they just accidentally fuck up and push a bad update, unintentionally.
This is how CrowdStrike managed to Y2K an absurd number of enterprise computers fairly recently.
Its also why its … you know, generally bad practice to have your kernel just open to fucking whoever instead of having it be locked down and rigorously tested.
Funnily enough, MSFT now appears to be shifting toward offering much less direct access to its kernel to 3rd party software devs.
Not all anti cheats run at startup. Some only run when you play a game. I think vanguard for valorant ran all the time at first and people were pissed. Meanwhile easy anti cheat runs only with a game. So it depends. It all sucks though.
That’s definitely true, I probably should have been a little more clear in my response, specifying that it can run at startup, but doesn’t always do so.
I’ll edit my comment so nobody gets the wrong idea. Thanks for pointing that out!
Thank you! Really clear and appreciate you taking the time to explain!
Easy, a bug in battle eye forced me to reinstall windows, this kernel access has to go.
I feel like they’re doing this because they are going so hard with steam deck. Regardless, good on Valve for doing this.
Common valve W
Meanwhile at Epic…
“Uhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhhh”
That’s quite a generous interpretation. If we’re being real about it, it’s going to be another “you assholes” email from Timmy.
Why is kernel-level anti-cheat even a thing?
If I was trying to prevent cheating, I’d hash the relevant game files, encrypt the values, and hard-code them into the executable. Then when the game is launched, calculated the hash of the existing files and compare to the saved values.
What is gained by running anti-cheat in kernel mode? I only play single-player games, so I assume I’m missing something.
Because there are kernel-level cheats
What you proposed can very easily be bypassed without even needing kernel access by just editing the executable code that checks hashes to always return true
Boo freaking hoo.
It’s not like there are so many other ways to cheat, actually used in many games with anticheats.
We should all stop pretending it’s necessary to put malware into your computer just so some company can claim they have no cheaters, which is never even true.
The point of anti-cheat is to create a substantial barrier for cheating. If you have to go the extra mile to run an external hardware cheat so as to be “undetected” then surely this means the anti-cheat is working. If it were as ineffective as you imply, cheaters would be cheating on their main accounts.
Modern cheats for multiplayer games don’t modify local files (or attribute values in memory), since the server validates everything anyway. They’re about giving you information that’s available but not shown in the game (like see-through walls, or exact skill ranges), or manipulate input (dodge enemy damage, easy combos). Those cheat can run in kernel mode (or at least evade detection from user mode), so the anti-cheat needs kernel mode to be more effective.
since the server validates everything anyway
Oh you sweet summer child.
The server doesn’t validate shit, because that takes up CPU cycles on THEIR hardware, which costs them money. A huge part of kernel level anticheat is forcing YOU to pay the cost for anticheat, so they can squeeze a few more pennies out of it. And if your computer gets owned because they installed insecure, buggy malware on your system…? Well, they’ll just deny. After all, it’s kernel-level, how are YOU going to prove anything?
They can prevent you from running cheats that other anti-cheats can’t detect. For instance, they could modify the value in memory so that your calculated hash always succeeds even when it’s modified. This doesn’t stop cheating though; it just means cheaters have to use cheat hardware that exists at a layer that even kernel anti-cheat can’t detect.
And then a game gets updated so the hashes don’t match and uh oh, everything is fucked. Oh, but we can change the hashes of the files in the executable! Yeah, so can they. People modding shit into the executable is basically a given. Let alone the fact that you’d need to sit through a steam “validation of files” length of time every time you’d need to launch a game (because validation works exactly as you have described).
What is gained is that it has access to more information. Some cheats use an entirely different program / process that reads memory and outputs info that is available to the game but hidden from the player. Like a client needs to know where a person on the other team is to be able to draw their model. So you read that, you put a little box over where they are, and bang you have wallhacks.
I think the popular thing now is to mod your mouse so it clicks on the enemy player’s head.
You don’t need to modify the files to modify data in memory.
I wish Valve would just ban them. It’s weird to have something that looks like pure malware in a Game store.
They will be gone with time, but not because anything that Valve does. Microsoft is locking down the kernel after the CrowdStrike debacle. In a few years it will be impossible to run any custom kernel code.
Luckily Valve seems to believe in freedom of decision for their users so they won’t do this. There are kernel level cheats so there are kernel level anticheats. Obviously anticheats are mostly lame in what they do so it would probably be better for them to not be kernel level. Still there are “pure malware” anticheats and Valve thinks it’s up to the user to decide if they want one, their job is to inform the user. And that’s the best approach here in my opinion.
Probably a pessimistic take, but I don’t expect this to have any discernable impact on sales, or any other effects that would discourage publishers from these practices. The average user doesn’t care about or understand how these things work; they’ll see an anti-cheat warning on the store page and think “Okay, tell the colonel I’ll be on my best behavior then” and continue to buy the game.
It will benefit those that care and won’t negatively impact the experience for those that don’t.
Win, win.
god damn right!