• Fizz@lemmy.nz
      link
      fedilink
      arrow-up
      18
      ·
      10 months ago

      There was a security vulnerabilitiy in the genshin impact anti cheat awhile ago.

      • Lmaydev@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        10 months ago

        That’s exactly the sort of source I was asking for

        Edit: the driver file was used after gaining access to the pc. So quite an involved attack but still really bad.

        Edit 2: so actually it’s nothing to do with having it installed. As the attacker installed it.

        • Fizz@lemmy.nz
          link
          fedilink
          arrow-up
          6
          ·
          10 months ago

          Yes it requires access to the pc but it’s still a huge vulnerability. Many things can gain access to your pc but lack the permissions to do any damage. In this case simply having genshin impact installed put you at significantly more risk.

          To your 2nd edit yes it is to do with it being installed. The user or the attack installing the anticheat is still the anticheat being used to exploit.

    • Empricorn@feddit.nl
      link
      fedilink
      English
      arrow-up
      6
      ·
      10 months ago

      As mentioned, cheaters can already bypass it, so what’s the point? As for security, by definition it infects your whole system and has access to everything. That’s what kernel-level is.

        • Russ@bitforged.space
          link
          fedilink
          English
          arrow-up
          10
          ·
          10 months ago

          Seems like a bad faith argument, seat belts are so that your skull (hopefully) doesn’t detach and fly through the window if you get into an accident - a life and death safety measure. It’s way more dramatic to make a fuss about that. However, in both cases you can choose to just not drive (or play the game) which people are choosing to do.

          Then again, none of your comments here seem like they’re in good faith, so I guess I shouldn’t be surprised.

          • ampersandrew@kbin.social
            link
            fedilink
            arrow-up
            1
            ·
            10 months ago

            Cars are actually a great analogy here but probably not in the way that user intended. The way we use them and the scale at which we use them are inherently unsafe, but seat belts and air bags are an illusion sold to make us believe that we solved the problem as best we can, even though we didn’t.

            • demonsword@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              10 months ago

              seat belts and air bags are an illusion sold to make us believe that we solved the problem as best we can, even though we didn’t

              As someone who has been in a few accidents (both as driver and as passenger), seatbelts saves lives. I wouldn’t be here typing this if they didn’t.

              • ampersandrew@kbin.social
                link
                fedilink
                arrow-up
                1
                ·
                10 months ago

                Having seat belts is objectively better than not having seat belts. It doesn’t mean that the way transportation is structured around cars in the US, for instance, is safe enough. Having kernel level anti-cheat may result in fewer cheaters or less obvious cheaters, but it doesn’t mean it’s worth giving that company such deep access to your computer, as the video shows.

        • HuntressHimbo@lemm.ee
          link
          fedilink
          arrow-up
          6
          ·
          10 months ago

          More like my aunt pointed a loaded gun at the back of her seatrest and it went off when she hit the brakes too hard

        • Chewy@discuss.tchncs.de
          link
          fedilink
          arrow-up
          5
          ·
          10 months ago

          Actually, a driver can be an infection, just like any other program can be malicious. But I do agree that from a system access standpoint, running the Vanguard kernel driver is not much different than using kernel-level EAC/BattleEye. Except the annoying starting at boot part.

          A program without elevated privileges already has access to almost all important things on your computer anyway. Luckily flatpak supports sandboxing which protects from exploits in online games.