[News] EA expanding EA Anti-Cheat - bad news for Steam Deck / Linux

Fubarberry@sopuli.xyzmod to Steam Deck@sopuli.xyz – 140 points –
EA expanding EA Anti-Cheat - bad news for Steam Deck / Linux
gamingonlinux.com

EA anticheat is a kernel level anticheat, which are generally bad for consumers due to them giving malware new targets to get full control of an infected system. Genshin Impact's kernel anticheat is famously targeted by ransomware as an easier way to gain control of user's PCs for example. They also don't work on Linux, which is an obvious problem for Steam Deck users.

28

Guess I'll just keep avoiding EA games...

It's not just EA unfortunately. Plenty of multiplayer titles that could run on SD are prevented to do so because of anticheat.

Hell even Roblox used to work until they broke it with anticheat a few months ago. My kid was not happy with that.

I don't understand how this hasn't been solved yet. The new Texas Chain Saw Massacre game has had massive cheating problems. How is it 2023 but people haven't figured out anticheat yet? Also, how are game companies just not banning these users permanently when they are caught?

I've heard all kinds of rumors about how the server side doesn't do any client traffic validation, et al. I'm a dev by trade so I'm not new to code, but game dev is all a black box to me.

I wonder if it's the cost of data processing the inputs on servers. The ongoing costs of having software handle it on the client machine is close to $0.

Though it feels like democratizing the checks could work. Like, everyone within a match together is checked by everyone else in real time since they're all handling the objects moving around anyways.

Though there are probably many good reasons why that doesn't work or is extremely hard to implement consistently. The idea just came to me

Computers are very fast these days, and if the only thing that computer is doing is data processing it seems like it should not be an overwhelming task. It honestly seems like the perfect use case for something like Kafka. Data stripped of its schema and encoded to be the smallest size possible. Encrypt that if necessary, maybe using some kind of session only encryption beginning at client server handshake, based on some value that's generated inside the game binary.

I'm sure it's difficult to engineer, but it shouldn't be impossible. I'd love to understand what the current processes are and why things are failing horribly.

They fail because you can't trust a machine that an adversary has in their physical possession.

Software running on an untrusted computer can have code and memory injected or modified without modifying the executable files. Binary executable files are by necessity readable and someone with enough time can parse through them to fully deobfuscate and figure out what they are doing. Anti-anti-cheat systems basically perform the same code as the anti-cheat but slightly modify the result to hide the cheating. This can be done either by code swapping in the anti-cheat or at a higher level. If the anti-cheat system is looking at which processes are running then have the system feed it the real list of processes with the cheat processes removed... etc.

Trusted computing requires hardware level monitoring, validated certificates, and zero vulnerabilities since the time the certificate was provisioned. In addition, current technology would also require those base certificates to be regularly rotated and device decertified if it didn't rotate in time to prevent physical offline hardware attacks on the certificate data. Even game consoles don't have this level of platform trust and are often physically modified to enable cheating/piracy.

The only successful way to prevent most cheating is to run the simulation entirely server-side and then only send data to each client according to what they should know. Even then you won't be able to prevent assisted cheating like aim-bots or texture replacements.

I guess if you want to accurately want to do the checks on the server side you'd have to run the complete game on the server. You can cheat just by making a texture transparent so that you can see enemies behind it. To prevent that the server has to render the frames itself and to ensure that really only approved things are seen by the players the easiest would be to just send over the rendered frame instead of letting the players render it themselves. By that point you have basically invented game streaming again.

Still, I wonder what Blizzard games are doing. They work fine on Linux and I haven't heard much about cheating on there.

You don’t have to send over the frame to fix it a bit, just less information. Minimize the info needed. One thing you can do is occlude to determine which entities should be rendered. Even applied, they could still get an advantage - being able to see an entire character instead of just the exposed part of their foot - but it would at least limit it more.

Well, good news on Roblox: apparently they fixed it for Linux today, just saw a headline about it.

How invasive do you have to be to ask your users to install a Kernel driver just for a stupid anti cheat that will still get bypassed within a week.. like... I only see negative points with this. Cheaters still exist on Valorant and they won't go away any time soon. Even if one day they ask you to change your CPU to an anti cheat approved one, it will still get bypassed.

These Kernel anti cheats are useless because they run on the client side. As a developer, anything that doesn't run on your computers is out of your control.

Which raises the point, why don't they just improve their server side cheat detection? Something like sending the mouse movement data + accuracy etc. in between each round and scan it. If it comes out positive then have the community review the footage. CSGO does this very well IMO. Especially since now we have AI and people have made pretty good cheat analysis models for server side anti cheats

How invasive do you have to be to ask your users to install a Kernel driver just for a stupid anti cheat that will still get bypassed within a week.

Oh, don't worry attestation is just around the corner.

Attestation is basically every software companies wet dream: it allows software to cryptographically verify that *everything" from the software to the hardware is legitimate and unmodified. Android has been rolling this out for years (making it difficult to run your banking app on your rooted phone) . It's the same concept that Google wants to use to know if you've been blocking ads in chrome.

... fun times ahead.

If people keep buying that crap, what's going to stop the companies doing that? I'm at a point where I don't care anymore to be honest. I have so many games on my library that I haven't played yet olus all the emulated stuff, that's going to be sufficient for the rest of my life. There will be really good AAA games by nice companies once in a while, like Baldur's Gate 3 right now. Then there are really good indie games like Stardew Valley, Minecraft (in the early days), and so on.

More work needs to be on the server side.

A ton of cheating can be stopped dead in it's tracks if you spend some time filtering out data being sent to the clients, that have no business knowing about.

Companies need to stop with this shit already. Although, I suspect some of the push towards kernel level anti-cheat actually has more to do with governments pushing for backdoor access to everything. Operating Systems have mostly shut them down, so now they may be turning to anti-cheat systems to weasel their way in there.

I don't find it surprising that several of the main companies pushing for it (Riot and Mihoyo) are chinese owned. I don't have any faith that a Chinese owned country won't be required by the Chinese government to have some sort of backdoor in kernel anticheats.

Actually i've seen a lot of posts (mainly for competitive games) where people just don't want to buy a game without a kernel anti-cheat. Mainly care more about their games being fair than security.

Same reason i didn't install Valorant

Same tbh. I have a history with league, and always wanted to try getting into CS. If Valorant had less invasive anticheat I would have definitely gotten into it.

Most anti cheat and anti piracy software solutions are behaving like viruses.

Not for me. I haven't bought an EA game since DA: Inquisition & see no reason to change that.

Titanfall 2s multiplayer has returned. Thankfully it works well on Linux

This is the best summary I could come up with:


EA (Electronic Arts) are continuing to expand their home-grown EA Anti-Cheat, with an announcement that Battlefield 2042 is also moving over to it.

This isn't actually something entirely new though, as it was given a Deep Dive back in 2022 and released with Fifa 23 that same year, and it's also in the newly released EA SPORTS FC 24.

Part of the problem is that it doesn't work on Linux / Steam Deck, with it being blocked by EA.

So if they got Respawn to switch over to it, this would kill Apex Legends on Linux / Steam Deck too.

Fifa 23 and EA SPORTS FC 24 are rated Unsupported on Linux / Steam Deck due to it, and while Battlefield 2042 previously used Easy Anti-Cheat, they never bothered to hook up support for that on Linux anyway (even though EAC supports Linux), so it's just going to continue to be Unsupported.

We can only hope that Valve are keeping an eye on the situation and speak to EA to eventually get support for it on Linux / Steam Deck with Proton.


The original article contains 242 words, the summary contains 182 words. Saved 25%. I'm a bot and I'm open source!