Riot Games Now Requires Kernel-Level Anti-Cheat Software for League of Legends, Following Valorant's Implementation
Vanguard, the controversial anti-cheat software initially attached to Valorant, is now also coming to League of Legends.
Summary:
The article discusses Riot Games' requirement for players to install their Vanguard anti-cheat software, which runs at the kernel level, in order to play their games such as League of Legends and Valorant. The software aims to combat cheating by scanning for known vulnerabilities and blocking them, as well as monitoring for suspicious activity while the game is being played. However, the use of kernel-level software raises concerns about privacy and security, as it grants the company complete access to users' devices.
The article highlights that Riot Games is owned by Tencent, a Chinese tech giant that has been involved in censorship and surveillance activities in China. This raises concerns that Vanguard could potentially be used for similar purposes, such as monitoring players' activity and restricting free speech in-game.
Ultimately, the decision to install Vanguard rests with players, but the article urges caution and encourages players to consider the potential risks and implications before doing so.
Kernal level anti-cheat means I ain't gonna play it
I don't care where the company is based no game should be requiring kernal level access, that's just opening the door for security concerns
I'm wondering if there's a way we can even know they're installing it. Windows just gives that generic admin prompt, I imagine? Tells you nothing of what's happening.
Well if you get asked for sudo, then that's a risk.
Installing almost anything* on Windows requires the equivalent of sudo, same as Linux.
Determining if it's a normal install or adding a kernel driver wouldn't be feasible just by watching the installation. (On either OS if they are not showing terminal output)
EDIT:
My context here (which I should have been explicit about sooner) is: "ordinary user is installing a closed source commercial large game" (with its own installer) and doesn't know if they are also getting a free rootkit.
They are going to just click Next without changing defaults, and are not going to extract and inspect anything.
Most user software should NOT need sudo.
Typically you need "sudo" to use the package installer though, if that's where you're getting confused. But that's because most Linux package managers are built to install software to be available for all users. However once installed that does NOT mean the package always has sudo access. And the way Linux software is typically installed is just putting the executable in a certain folder, unlike Windows where you run a software's custom installer which asks for admin access and then does who knows what.
You usually have the option of installing for just your user, and I think that usually doesn’t require admin permissions.
My context here (which I should have been more explicit about) is "ordinary user is installing a closed source commercial large game" (with its own installer) and doesn't know if they are also getting a free rootkit.
Sure when it's something you compile yourself and you have some knowledge you can ./configure it to go under your home directory and not need sudo to make install later, but a game with a script or binary you need to run is likely to ask for root on launch (Especially on Windows) and maybe asks later or has command line options for a single user install, but we can assume the user does whatever is default.
I didn't suggest that it would (although it Could if it's malicious - on Linux that would be as simple as the setuid bit. Or ...back on topic... installing a kernel driver on either OS)
I feel like you're not sure how system software like
sshand a user's personal game software can install differently in different places, and where one needs no root access to install at all. Go see how mac does it.Macs still ask me for permissions and I have no idea what’s asking to do what.
I get it for Linux and Windows (though I don't know how MacOS does it) my context here (which I should have been more explicit about) is "ordinary user is installing a closed source commercial large game" (with its own installer) and doesn't know if they are also getting a free rootkit.
Sure when it's something you compile yourself and you have some knowledge you can ./configure it to go under your home directory and not need sudo to make install later, but a game with a script or binary you need to run is likely to ask for root on launch (Especially on Windows) and maybe asks later or has command line options for a single user install, but we can assume the user does whatever is default.
You couldn't be more wrong bud. Flatpaks do not require sudo, executables run from a directory (like how Steam games are run) don't require sudo either. You only need sudo if installing from the main package manager like deb, rpm, pacman or whatever your distro uses. Most games on Linux aren't installed from the main package manager though.
If it's a package for the package manager you could download the archive for it and pull it apart to see its contents, it's usually very clear when such software includes kernel drivers or kernel patchers. Most software on Linux uses the package manager to install or a script to unpack, both of which are relatively easy to explore even if the software isn't open source, haven't found too many linux apps with Binary installers, they might exist but if they do they aren't popular or common.
Since this keeps coming up, I edited the post you replied to. TLDR is that we are assuming different contexts.
You can list all the current loaded drivers. You can examine the system event log for service start operations. You can run with a kernel debugger attached and examine any loaded driver. The driver itself is likely correctly signed and will not require additional user acknowledgement beyond what was given when the game was installed.
Unfortunately all of those just tell you it's already installed, not that it's about to install it. If you didn't know, who's going to be constantly checking for new drivers after every software install?
It would probably show up in Autoruns. Maybe even with a background service in task manager.
Kernel level drivers would not be in auto run.
What, why not?
Ask Microsoft
Good cheat prevention needs to be part of the game's fundamental design, not some virus as a band-aid.
While I do agree with you, some cheats manipulate the memory itself so you would need some elevated privilages to dectect them as the cheats themsevles run with these privileges
Can you name one of those games that have no anticheat and also no cheaters?
Anti cheat as a fundamental design does not necessarily mean no anti cheat.
*kernel
Colonel*
Carnal
Kerbal
Cornhole
Cornell
Cornholio
Chernobyl
That's O'Neill, with two 'L's
We totally won't harvest your data.
Ignore the fact that we have political, state, and financial interest to do so, and that you would have no way of verifying or detecting if we did harvest your data, but you can trust us.
Just trust us.
It's not only interests of the chinese government, they HAVE to oblige legally if they are asked to. So even if the company has the best intentions, the government overrules.
And don't make that a chinese bad guy argument, as if western companies aren't doing the same, they just don't do that officially, which one is shadier is yours to decide.
All you can do as a company or anyone is to stop harvesting data and don't plant blackboxes/backdoors in customers systems
Edward Snowden showed that the US is spying on their citicens but nobody seems to care. But when China is doing it, everybody seems to lose their mind.
I don't get why they are so afraid of spyware from a country they don't even live in, it's the US that can prosecute you for anything they don't like on your computer.
Lest we forget when Genshin Impact's kernel-level anti-cheat driver was used by ransomware to kill antimalware applications.
If you ask me, it's best to treat any program requiring kernel level access that isn't part of your base operating system or something you created and have full control over as malware. All it takes is one exploit or something of similar nature and some bad actors taking advantage of it before it can be patched for your computer to become fucked.
Well base operating system or hardware driver. There are exceptions, the pps driver for timekeeping makes sense to be kernel level too.
But games developers? No, they have no right to ring 0. I understand they want to protect from cheats, but they're just moving the battleground to a part of the system that results in blue screens/panics when it fails. And cheat developers will follow them there and even move to the hypervisor if needed, trust me on that.
Not to mention MSI releasing a monitor with built-in AI to highlight enemies for you that almost definitely counts as cheating, yet there's nothing they can do except ban the hardware all together.
Please tell me this perfectly plausible stupidest-thing-ever isn't a thing.
This is how I felt about those monitors with crosshair overlays built in. Silly at best, or in games that purposely don't put a crosshair unless you're aiming or something, scummy at worst...
It is. Check 3:44
Here is an alternative Piped link(s):
Check 3:44
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
I find this comment funny, given the link I provided was copied from NewPiped.
NewPipe and Piped are pretty different things
Aaaand there goes linux support
Linux was never supported
Riot games official statement was that they were okay with linux players and actively went out of their way to make sure they didn't get banned unjustly. They didn't support linux as a software platform, which is why wine was required, but they did support linux players.
That's cool
so… they didn't support Linux. Got it.
I gave up League years ago when every update the launcher broke, then required some patches done to Wine. I'd known yhe kermel level anticheat would arrive someday but maybe I'm a little surprised it took as long as it did.
Is this the death of LoL on Linux, then? It was possible to get it working pretty well a few days after every patch, but this will change all that.
For the forseeable future, unless someone is committed enough to making Darling work.
(Mac layer instead of Windowz, the mac version does not and will not have vanguard.)
Yes, if Valorant hasn’t been playable on Linux due to Vanguard then so will LoL.
It's the death of LoL anywhere. Only suckers will play it.
Isn't that basically the entire player base anyway?
Yes unfortunately. Just gotta hope that none of those suckers can be exploited for military advantage. Probably not.
Different software purposes and all, but it vaguely puts me in the mind of the Sony compact disc DRM scandal.
Here's the summary for the wikipedia article you mentioned in your comment:
The Sony BMG CD copy protection scandal concerns the copy protection measures included by Sony BMG on compact discs in 2005. When inserted into a computer, the CDs installed one of two pieces of software that provided a form of digital rights management (DRM) by modifying the operating system to interfere with CD copying. Neither program could easily be uninstalled, and they created vulnerabilities that were exploited by unrelated malware. One of the programs would install and "phone home" with reports on the user's private listening habits, even if the user refused its end-user license agreement (EULA), while the other was not mentioned in the EULA at all. Both programs contained code from several pieces of copylefted free software in an apparent infringement of copyright, and configured the operating system to hide the software's existence, leading to both programs being classified as rootkits.
^to^ ^opt^ ^out^^,^ ^pm^ ^me^ ^'optout'.^ ^article^ ^|^ ^about^
Good bot, if this is how you earn your keep.
That's gonna be an uninstall for me, Tencent.
Another game I'll never play 👍🏻
Eh, probably for the best, everything I've heard about LoL is that it turns you into a toxic hateful shell of a human.
Nope. Take your rootkit and go fuck yourself with it.
There's absolutely 0 reason a game should ever have kernel access. Ie unrestricted access to every piece of data on the system.
Yep, a lot of recent anti-cheat is looking a lot like DRM.
more like intentionally installed malware but yes, 100 % this
Not just looking like DRM, I would say it IS DRM.
Not just DRM, a rootkit which is much worse.
Another reason not to play LoL.
This won’t change much for me considering i already have a dozen reasons not to play this shit ass game
I know two couples who got divorced because of it.
Care to elaborate?
The guys were playing all nights & weekends for years, neglected their wives and in one case children (other couple didn't have any), the childless wife ended up cheating, the other allegedly as well (but wasn't ever proven nor admitted to), both women eventually filed for divorce.
They also neglected their friends and came crawling back once their lives fell apart. I had since moved so didn't really hang out with them again, but from what I hear, both got back into the game eventually and withdrew further.
What a shitty game to throw your life away over...
Alcohol doesn't really taste good and neither do cigarettes.
People often times have illnesses that make these types of things consume their life. It's easy to look down on them but they honestly need help.
And even then, perhaps illnesses aside even, there's so many dark patterns built into these mass-appeal games it can grab anybody potentially. They'll A/B test every little thing to see what holds a second's more attention.
Everything is designed so hard to push players' brains into a simple loop:
While(Alive == True): One_More_Match() Insert_Money()
I'd still consider it an exploitation or mental illnesses. Some people are just predisposed to getting addicted and struggle way harder. Just like some people can't help themselves and gamble their lives away.
I agree that they clearly design games to be as addictive and consuming as possible but it's still an exploitation of mental illnesses. I have never had to struggle with addiction so I feel a bit judgemental if I assume others are just ruining their life by choice.
Damn
Is there an open source MOBA? Players need an alternative, even if it's not as good to begin with.
I mean Dota exists. I guess I'll switch to that. Or maybe I'll just take a shower.
Dota was the OG anyway, LOL coined the term MOBA to shift focus that they stole their gameplay mechanic from one dude, icefrog.
I remember when people used to type AoS-like game (Aeon of Strife) when hosting a similar custom map on SC or Warcraft III
i.e. DotA 5v5 AoS-like
Then after DotA got popular, it became DotA-like
i.e. Naruto Wars 5v5 DotA-like
And then that totally banger BassHunter song cemented DOTA into history forever 🎧
Dota has always been a drastically better game, I see this as an absolute win for Linux. League is cancer.
Uhhhh no. Dota is slow and terrible. Not that I think anyone should touch that CCP spyware of a game League.
I would argue that the pacing of a Dota match is one of the many things that makes it better than League.
I find league is insanely repetitive and has very little room for player creativity or expression beyond "I can hit my skill shots". It's just rote exercise that you can map out to the minute. Dota gives heroes and players space to breathe and flexibility to play in multiple ways, not to mention having a balance team that actually wants to balance the game, not just sell the latest champions.
Whew, I can tell you never got particularly good at league. You're probably right about macro decisions and definitely right about new champions being OP on release, but matchups and micro interactions are where it's at!
That said, I'll never play again.
Nope, I just realize how much better it can be when the dev team has creativity and respect for players.
Not that I know of, the most popular open source games I have heard of are Space Station 13 (and its newer release Space Station 14 on steam), and Beyond All Reason which is an RTS.
If we're talking about RTSs as well, there's 0AD, which I tried out briefly during the period between Ensemble Studios being shut down, and the revival of the Age franchise with the HD edition (over a decade ago now, and it looks like 0AD has been under constant development since then).
An open source and popular MOBA would have an even larger problem with cheating and bad actors.
Edit: people are missing the point, and I didn’t state it fully.
What open source games have moderation teams and support teams? What open source games want to deal with ban evasion? What open source games want to deal with the notoriously toxic MOBA communities?
Security through obscurity clearly isn't working anyway
The creation of cheats would be easier in principle but maybe in knowing than then you wouldn't design a game where you trust the client in the first place. For example; don't tell the client the location of every (unseen/unheard) player on the map in an FPS.
Perhaps there's an alternative to addressing cheating which hasn't been explored. Conventional wisdom was pirates are basically people wanting stuff for free so you should invest in DRM to force them to pay for it - now some treat piracy as a service problem where they instead need to offer a better user experience. I think it's worth investigating if some cheaters would be better satisfied with built-in cheats, and if some non-cheaters would be willing to fight some uneven battles if they knew that's what they were getting into.
By that logic any sever running something open source like Linux would be more vulnerable than say, Windows.
I’m not saying it’s because of the source code. It’s because it’s not a commercial product where there is monetary incentive to police the activity of the community.
How many open source games have support teams and moderation teams?
Is open-source compatible with competitive games? As much as I love open-source in general, I feel like cheating would be a serious problem if the source code is available for everyone. That's not really an issue in single-player or co-operative games (outside of cheating leaderboard positions) but it would absolutely cause problems in a PvP game.
Proving source code would reduce the barrier to entry for creating cheats, but cheats are very prevalent anyway. I do not want to make proprietary games so I have no choice but to find an alternative if I ever choose to make a competitive multiplayer game.
There was a MSI monitor at CES which pops-up a warning when an enemy appears on the mini-map in LoL. Significant cheats may be accessible without going to shading sites (perhaps kernel-level anti-cheat could have some success to figure out what monitor you're using but my understanding is that's easily fooled in software and perhaps undetectable via hardware video splinters). Cheats which do not run on the host machine at all are undetectable by traditional anti-cheats.
I think the end-game of anti-cheat is intolerable. Can one get enough data for machine learning to determining if a player is cheating without a high error rate (banning false positives)? Would players tolerate having cameras recording their inputs like it's a submitted speedrun or an exam during Covid?
Here is an alternative Piped link(s):
very prevalent
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
osu! is a competitive game that is open source, and its arguably the most popular rhythm game right now and there's not much of a cheating problem.
You're right about osu! Although it's probably one of the few competitive games where there's no gameplay interaction between players - if another player is cheating, it hurts the overall competitiveness, of course, but it doesn't directly affect your gameplay experience.
It's not like playing a shooter where someone has an aimbot and wallhacks, or a racing game where someone can ram you off the track without slowing themselves down - those things directly ruin your gameplay experience as well as obviously hurting the competitive integrity. I don't think those kinds of games would work at all if they were open-source and without anti-cheat unless there was strict moderation and likely whitelisting in place for servers.
Chess.
I rest my case.
... No I don't, actually, I have more opinions! Come back!
I feel like being stringently anti-cheat about video games over internet is grasping at wind. Better to be more relaxed, accept that some will cheat and 'earn' themselves a higher elo than they can actually play, and encourage a player base to care about enjoying the game, and to care about winning/enjoying without cheats. If you have to encourage a fanatic player base who would do anything including cheat to get a leg up, maybe you too are forgetting this is only a game.
And for serious competition? Let the tournament organisers provide the hardware on location.
It’s not so much that the source code is available. It’s that there would not be systems in place to ban cheaters, detect them, etc.
It’s open source, why would there be support teams and bans and all that?
In the past people created communities for multiplayer games around specific forums or LAN centers and sometimes hosted allow-list servers. If you didn't play by the rules you'd get banned off the forum, and thus that server which it was tied to.
I'm not a fan of needing an account to play online and if I created a multiplayer game I don't want to host that information in a centralized server. Perhaps there are more ways than I know but I'd be more interested in finding an alternative to this arms race of banning vs avoiding bans.
That’s fair. But I don’t think the MOBA scene as it is would switch to small communities like that .
Also, for people wanting to cause trouble, bans are meaningless sadly. Unless you also have some rigorous system for sign up. And I guess a small community could have that. But something at scale like a popular game with millions of players can’t.
And rigorous only goes so far, before it’s impinging on privacy.
It’s a tough issue to crack. Popularity and a large scale is always the reason foe all the cheaters and trolls to come around.
Do you know if the network delay is tolerable to play with almost anyone, anywhere in the world for casual and competative MOBA games?
I see no answer to stop trolling but perhaps there is another way worth investigating for cheaters. Some companies treat piracy as people simply wanting the game without paying and would invest in DRM. Some consider it as them providing a worse service than the piracy sites so they should improve the service. Maybe cheaters are unsatified customers?
Would some cheaters be satified with in-game cheats and not look for more extreme 3rd party cheats? Suppose cheaters were provided servers as a choice (in a friendly way instead of shadow banning) which let them play against willing non-cheaters. This supposes regular players could be encouraged to fight with some level of handicap as a challenge.
Could allow people to curate their own blacklists if they don't want to play in groups like that, then they would have the option to play in public and online, it would be more rough and they would have to keep it up but having those tools would allow them to play publicly without needing to join a forum or group while still curating their experience. Obviously would be more work but it would be a good fallback.
If that's too hard they'd still have the option of joining one of those groups.
An issue of users having blocklists is that they may use it against people that are merely good at playing the game.
I suppose an open source game would have no choice but to have whatever feature users are willingly to addon to their local game.
I can definately see that being a problem, all systems have their downsides. A system like that though I feel is necessary in a game with decentralized online play.
For centralized ones it doesn't make as much sense since those already have anti-cheat (automated or human run) and bans from the service, which aren't perfect either, innocent people often get banned when they didn't deserve it, it's just not as apparent because in those communities anyone banned is witch hunted afterwards, there's a lot of appeal to authority in those communities.
All user crowd control systems, even the lack of one is going to have negative effects to their usage, even if they aren't apparent at first.
I was gonna care until I read league of legends. Clearly people already hate themselves and despise sensible choices and alternatives. Otherwise they wouldn't play lol.
Everything bad about LoL is it being a MOBA. I think you can't prevent toxicity in a MOBA.
In a team with randoms, if you start losing you're stuck in an unfun game where you get crushed by the ennemi for half an hour.
What's not to love?
tl;dr: Was never toxic or angry, and was consciously trying to not blame others but focus on my performance, but eventually gave up on DOTA, because it's too complex to play seriously and captain a team. Switched to Starcraft2, and realized how mentally taxing and depressing it is when you don't have a team to blame, and that you unconsciously blame teammates because it's a powerful mental defense mechanism. I've never felt worse, stressed and anxious, than after a loosing spree in 1v1 Starcraft.
I've spent hundreds of hours playing DOTA in highschool, and eventually I've reached the conclusion that unless you play with (and ideally are a captain) in a premade team, there's not really a point in playing - you will never get better alone, and you will unconsciously always blame other teammates, making it harder to learn your lessons and improve. (I'm deeply flegmatic and forgiving in regards to others, a archetypal support main, so i never was getting angry or toxic, thankfully. So I was usually more focused on my own performance and didn't care that other fuck up - or so I thought)
I've also quickly realised that the knowledge required to be a captain is something that even after thousands of games, and hours of research, I'll never be able to get. There's so many variables you need to know just to pick a team comp and get through the ban and pick phase, and then you add itemization to the mix, knowing what your team should do based on the current minute, hero picks, and items chosen by your and enemy team.. I really respect any pro player due to that, because its isane how many variables they have to work with.
And so I switched to Overwatch, because there, the meta is a little bit easier to follow and there's not that many variables in play, to be able to lead your team.
I wasn't able to get a stable team willing to take the game seriously, and eventually I've also noticed that I still tend to subconsciously focus on what my team did wrong, instead of my own gameplay.
So, I switched to StarCraft 2. And oh boy, those were the worst few months of my gaming life. The meta was eaiser to grasp, I knew what to do, the issue was building the muscle memory to execute it correctly. But there are plenty of resources, from training maps to The Staircase method, so I was making a pretty good progress.
However, the Ranked. Here, I've realized how much blaming others in team games is a necessary defense mechanism, because in this game, you have only yourself to blame for every loss. Hitting that play button in Ranked was terrifying, I was regularly depressed and felt terrible after every loss. It was so taxing to my mental well-being, because most of the games you play, just end with: "You suck. That was a beginners mistake. You'll never be good at this game, and you have only yourself to blame. Just give up.".
There's no blaming teammates, theres no " I've made a few mistakes, but my team also...", which as it turns out, being able to do that is a tremendous help in regards to your mental health.
I still had fun, it was a great challenge and I enjoyed learning the game and slowly getting better, but the losses, and especially loss streaks, were so stessfull and taxing, to the point where I was literally anxious to the point of almost having panic attacks every time I wanted to hit that fucking Find Ranked Match button.
But the wins, oh boy I've never felt better in my life. But, you know - as an average player playing at your rank, you should hover around 50% win rate. And that's a lot of losses.
I'd recommend this experience to everyone who keeps playing competitive games with random players. It was eye opening in regards to how you handle losses, and a great introspection into how I subconsciously handle losses in team games, even though I never got angry.)
I've found on StarCraft 2 you can just blame the enemy. You can say "omg you cheesy 10 pool garbage" or "you just mass mutas all day congrats" or "making roaches is a good skill to have" or "congrats you made siege tanks" etc. I was very competitive at one point but now I just don't really care much for it anymore. I'll still play ARAMs with friends but maybe not after this kernel-level anticheat lol unless it works through Geforce cloud then I guess I could keep playing it.
Generally though, I've started out gaming with single-player games and I've mostly gone back to single-player games, other than playing RuneScape (OSRS and open-source RSPS) games etc ofc.
Oh, definitely. Blaming the opponent is something that I've also started doing, but also quickly found out that it doesn't really work as well as blaming teammates in regards to your mental state.
"My noob teammates kept feeding the enemy, so there's not much I could've done even if I played better." shifts your guilt almost entirely on them. "The noob enemy chose an ease cheese strat" always has the slight problem that you always have to add (consciously, or you just know it subconsciously) "that I didn't recognize in time and I didn't manage to counter". And that feeling will nag you :D
While it wasn't 100% free from hate, Heroes of the Storm had significantly less of it. Similarly, GW2 has a far friendlier community than WoW, because game design does matter.
So much this.
GW1 was better
i mean, that's not Moba specific, Counter Strike, you get 1 griefer and it becomes a slog fest.
it's the people that suck, lots of raging and griefing at the slightest setback by people who have no life.
Quit that shit a long time ago, have not played multiplayer games in years.
Arent CS games a faster turnaround tho?
I don't think so, CS games can go to up to 90 minutes theoretically, unless the game is really one-sided then the game lasts somewhere between 40-60 minutes, which I would say is a reasonable estimate for Dota 2, never played LoL so not sure how it is there.
Huh, I thought they had a max of 45. Maybe Im mixing that up with a different game
yeah probably, though CS is kinda ambiguous what the max is, but well that's the max, unlikely to happen, this guy does a calculation of it:
https://www.youtube.com/watch?v=v8CmJ9namK0
Here is an alternative Piped link(s):
https://www.piped.video/watch?v=v8CmJ9namK0
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
MOBA is possible to be good and have come back games but LoL is entenched in shitty game design choices from 15 years ago and largely survives because its free to play and anyone interested in MOBAs has heard of it and played it. I'd argue games like smite or monday night combat do the MOBA genre better and advance from crippling rts controls on an action oriented game, but those never caught on cause the moba crowd hates change and innovation.
You must not have paid attention to the smite "pro" scene if you believe that game is in a good spot.
It really confuses me why people would want to play a competitive video game that is balanced around profit. Riot openly admits to buffing and nerfing based on skin sales and champion releases.
Addiction, I suppose.
Really? Source? I'm intrigued.
If you uninstall is there any guarantee that the kernel level anticheat gets removed, too, or are they in there forever?
And today we read from the Book of Sony, Chapter 2005, verses 10-11: Sony BMG quickly released software to remove the rootkit component of XCP from affected Microsoft Windows computers, but after Russinovich analyzed the utility, he reported in his blog that it only exacerbated the security problems and raised further concerns about privacy. Russinovich noted that the removal program merely unmasked the hidden files installed by the rootkit but did not actually remove the rootkit. He also reported that it installed additional software that could not be uninstalled. In order to download the uninstaller, he found that it was necessary to provide an e-mail address (which the Sony BMG Privacy Policy implied was added to various bulk e-mail lists) and to install an ActiveX control containing backdoor methods (marked as "safe for scripting" and thus prone to exploits). Microsoft later issued a killbit for the ActiveX control.
On November 18, 2005, Sony BMG provided a "new and improved" removal tool to remove the rootkit component of XCP from affected Microsoft Windows computers.
courtesy wikipedia: https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal#XCP_rootkit
Depends on what you uninstall. Your OS? Yes. The game? ¯_(ツ)_/¯
You dropped this \
I don't know but if you get a law degree then spend 3 months reading their extremely long and intentionally complicated user agreement I'm sure you'll find out that they have the right to keep it installed whether they currently choose to or not.
This really saddens me. LoL is a game that will forever connect me to some of my best friends, I played hundreds if not thousands of hours, even through I have not played nearly as much over recent years. We even did go to public viewing of the world's finals.
If they force this on us, then it will mean that my last game of lol was played months ago.
I'm rooting for Smite 2! Very different perspective from League, but if it's successful at fixing some of the ancient jank of Smite's current decade-old engine, I think it's one to keep an eye on as an alternative. It's different enough to not feel like a pale imitation while translating a lot of that core game flow.
I guess the shame and expense Sony learned the hard way in 2005 has faded and now kernel invasion has become acceptable.
They can fuck all the way off.
I've been playing League casually from time to time on Linux, and it's just a shame that they're adding Vanguard to the game since that kills any compatibility it had under wine. Though, knowing League community, a lot of players on Linux are so addicted to the game, they'll switch their operating systems for it or buy a second computer just to play.
The TPM 2.0 (and secure boot) requirement is only enforced if you’re running Windows 11.
Thanks for the correction, I've removed the section from my comment.
As if I needed another reason not to ever use Windows 11.
I don't fully know how these kernel level anti cheats work, but is it possible to setup a VM or some other container solely to run games like these?
In theory yes, in practice, it's a great way to get banned if they want to crack down
To add to this, if you VM, you have to find a way to hide the fact that your VM is a VM. Often, the GPU is the number one problem doing this, so a passthrough is enough.
That's another problem. So few will vote with their wallets because they're so addicted to the game they'll just deal with it.
Gaming (compatibility) is the only reason I'm not on Linux. I have tried it before and if all my games were possible to play on it I wouldn't even look back.
It's pretty close right now, especially since steamdeck and proton. Take a look at protonDB, see if there's a critical mass of your main games to try again?
Thanks, I'll take a look but AFAIK Valorant still doesn't work properly and smoothly on Linux.
The Chinese government wants to install a root kit on your PC
If you meet someone playing these games then they are the dumbest people you have run into
Hello, nice to meet you. I am trying to get away from it, but it's hard. Sunk cost fallacy and all that. BUT I am playing at lot less. Having to dual boot to play one damn game is gonna help too.
Dual boot would only protect you if have your other side encrypted or are monitoing it to make sure the other partition is never mounted.
What you need to play games like this is a side-piece computer on its own LAN.
If you believe the game to be malware you should not play it. Even if it doesn't have a kernel-level anticheat.
A binary on Windows can do pretty much whatever it wants.
Agreed. But I was more highlighting what lengths you need to go to protect yourself from a rootkit. I thought the parent mentioned dual booting as a sandboxing measure. I could have been mistaken.
2024 still on the red scare, for an american company nonetheless, lmao.
China isn’t leftist or communist
Tencent isn’t an American company
To be fair, there is a small but real chance that we may be going to war with them someday in the future, over Taiwan.
Do you really want an adversary that can disable a large portion of your populations computers in one fell swoop?
Says the guy with a username as primitive as boobies lmao
Or they dont give a fuck what the chinese government thinks about them
Respectfully, I have to correct you. This argument is not correct way to think about privacy.
For Example :- You don't care what I think about you but if I ask where do you live, what is your bank ac, what messages and email you send and to whom, etc. You will not provide me those details even though you don't care what I think about you. Similarly a player might not care what they think about them but the mere collection of user data is bad for the player.
No, they might be ignorant of how bad this is though
It is at a level where you would write to your representatives to ban it. I assume you are ignorant of rootkits since you mentioned “what they think about you“ rather than “owning your pc”
After studying operative systems this semester, it's crazy that developers are really out there giving level 0 privileges to an application program.
Get that shit far, far away from my machines
I assume that anyone that actually cares probably doesn't play LoL to begin with.
I just mentioned the other day how scary that is if a third party can crack it and just got blasted about how Microsoft wouldn't put an OS out with vulnerabilities like that lmao
Microsoft literally took government bux to put in NSA backdoors into windows that are still there to this day.
Edward Snowden showed that the US is spying on their citicens but nobody seems to care. But when China is doing it, everybody seems to lose their mind.
If the group doing the spying is ideologically in the same "tribe", people don't seem concerned. It's both a survival mechanism and our Achilles heel.
Better the devil you know than the devil you don't, and all that.
For me it's the opposite, they are so far away from me I couldn't care less what Xiaomi does with my info.
In the case of rootkits, your "info" could include anything. Keylogging your passwords and financial data, compromising your machine as part of a botnet...
The worst part is that it doesn't even have to be the original installer. If this malware turns out to have an exploit, your computer could be botted and sold to the highest bidder.
The only person with kernel-level access to a computer should be the owner.
I mean, I care.
Can you run games like this in a virtual machine? Would that eliminate kernel level general invasiveness concerns because it's a...virtual kernel I guess? Does that virtualization require too much overhead to run demanding games?
Yes you can, but at the cost of performance and the risk of permanent ban. I believe there is a sizeable community of Valorant Players on Linux, which means all of them are using virtualization to bypass the anti-cheat.
The LoL is only for windows installs rn
I didn't realize Riot even made any Linux distributions period.
They don't, Linux players have to use wine. And it will be impossible afaik to play lol on Linux once vanguard is added.
As someone else said, there is no plan to add vanguard on macs
They didn’t. Only mac and mobile
I mean...that stupid university "anti cheat" rootkit browser called "lockdown" can detect if it's in a virtual environment and say "this won't run. Plz put me on bare metal so I can read all your secrets."
I imagine this program wouldn't find that hard to do either sadly.
There's ways in which a program can detect if it is running in a VM. If Riot made a kernel-level anti-cheat program, they'll surelly also implement this.
They did implement this from my knowledge. I think SomeOrdinaryGamers made a video where he showcases hardening a VM to beat the detection.
Well, that's the end of TFT for me.
If you still enjoy the game, I believe mobile won't require Vanguard.
Mobile is such a bad experience though.
It's the only way I play TFT lol
I think the main issue here (I haven't seen it mentioned in the top comments) is that LoL doesn't even have a cheating problem honestly. I've been playing since 2014, off and on, and I think I might have met maybe one scripter (I'm not really sure). Lol has definitely a toxicity problem, but I honestly don't think it has ever had a scripters/cheaters problem, so I really don't understand this. Is it because of bot accounts? Whose games are these bots ruining (never seen them between gold-diamond)? Does it justify a kernel level anti cheat? Honestly, the real problem with this is not the kernel level anti cheat (because I guess that might be useful for games like valorant), it's the fact that this was never really even close to be necessary
Edit: interestingly enough, riot games itself was reporting in 2020 that cheaters and scripters were ruining a very minor fraction of the games. Ref: https://www.leagueoflegends.com/en-us/news/dev/dev-anti-cheat-in-lol-more/
Kernel level anti-cheat is never justified.
Other than that, true!
Scripters and cheating was a pretty common complaint in both r/lol and also on inven and in Chinese forums.
Bringing some data in, riot games itself was reporting that cheating was not that much of a problem really: https://www.leagueoflegends.com/en-us/news/dev/dev-anti-cheat-in-lol-more/
According to the plot we see there, a very very very minor percentage of games was affected by cheaters in 2020, and I honestly doubt the situation has changed. So, until we see new data from riot, I'm calling bullshit on this whole vanguard thing
I don't even consider scripting and macros to be cheating tbh.
Auto dodging, perfect skills hots, staying at max range at all times, instant item usages to maximize potential.
Yeah, nothing illegal officer.
I so wish you had a game with enemy Zeri using scripts. You'd change your mind very quickly.
As a geopolitical side note to all this, there is a small but real chance that we may be going to war with (Edit: China) someday in the future, over Taiwan.
Do you really want an adversary that can potentionally disable a large portion of your populations computers in one fell swoop?
Edit: Because of Tencent's ownership of Riot, which is a Chinese company.
I believe it’s much more than a small chance, war over Taiwan is going to happen. Question is when, not if. https://www.nbcnews.com/politics/national-security/us-air-force-general-predicts-war-china-2025-memo-rcna67967
But I agree, trading his computer control to China just to be able to play a game is ridiculous. Hopefully those who agree aren’t people that would matter anyway.
Even if none of those machines matter, a botnet the size of all valorant + LoL players has a lot of ddos potential.
Yeah you’re right
If a security researcher finds and reports a vulnerability without permission, you would hope the company with the vulnerability would get in trouble, but instead the researcher gets in trouble and is and hassled by the government and the courts. Our government has already decided to sacrifice national security for the convenience of companies when it comes to security.
Just saw a Netflix movie about this a month or so back. Obviously the writing was a little embellished, but it was fucking terrifying to imagine something like that happening on a real scale.
Riot? I don't see a war with Riot being likely.
/picardfacepalm
If something won't run with core isolation enabled, it's probably malware
The kernel-level cheats would fall into this category I guess, but cheaters will still be running them. Could anything without the same level access identify them?
It doesn't matter. Nothing should ever need to get that deep into your system...ever.
You need human moderators watching all the players to see if anyone's cheating and then you manually ban the cheaters
No thanks, I'll stick to dota 2 and cs2. Everyone else should do the same, this kernel level anti cheat doesn't even work. Well, no anti cheat is perfect, but vanguard isn't any better than any other anti cheat. All it's doing is collecting data about your computer and running at an insanely invasive level.
What about dead by daylight’s easy anti cheat?
Data collection is the least of your concern with a kernel level anti cheat
What could go wrong with chinese rootkits on leading global games?
Wait so the not being able to completely get rid of the Riot client and all their games and it still popped up on my desktop wasn't me going crazy? It might be Chinese malware in the end? This is just a whole new meaning to that now
There is a chance that it has something to do with the Xbox app, maybe
On a side note im delighted that someone with the username rooty is talking about unrooted things.
Am I a simple man who enjoys simple things.
Im also okay with this
By the replies, I almost assumed this was 4-chan. It's either some bold bravado, or generic out of touch shaming people foe allowing kernel level access.
There are interesting conversations to be had around this topic. For example, Riot in the article rises the following points, can we address those?
and what is their endgame? "Developers are releasing cheats that emualate a mouse. Therefore Riot needs to use a camera to record your hand"?
If everybody is jumping off a roof, so should Riot?
Isn't the whole point of anti-cheat to survey the computer? If you aren't getting anything new, then why even use a kernel-level anticheat?
Because the one thing they want to find, cheat software, can hide if it's running in kernel mode and the anti cheat isn't.
You could also run software in the kernel that hides vety sensitove data
Don't put games on a classified system.
Dont make games a risk to whatever data I personally treat as equivalently classified. I cant own multiple computers to keep my private info on one and game on the other, unless youre offering to buy me some new tech
They already are a risk. You think Minecraft is incapable of uploading your My Documents directory? I can write that code in less than 20 lines and add it to any existing, working game.
Lethal Company is more of a risk than Riot and Vanguard, at least for now. If Riot LA does lose control of the source code, I expect US authorities will be notified.
If you wanna be truly safe in Windows, this is what you have to do. In Linux, it's almost possible (but difficult) to manage all your permissions well enough, but if state actors are finding four zero-days at a time in iOS and Android I don't doubt that they can get into your Linux system if you're running untrusted executables.
It's an interesting thought because everyone's concerns here are valid, but they didn't start with Vanguard or Riot. They started well before. If you have League of Legends or any Steam game installed, you're already compromised, and Vanguard doesn't really move the needle there.
People here are raising alarms about a bald tire while they're already driving on 3 other bald tires. The problem isn't at all solved if you "fix" the one.
You mean a device that physically operates the mouse? I don't know, I don't work for riot, but this is done in online chess - to participate in some tournaments with money prizes you need 2 webcams.
No, the question is if this discussion also cover all other anticheats that use kernel mode, or is here anything that is League-specific?
This is just splitting hairs on semantics, isn't it? From the moment the app is running in user space, it could collect a huge amount of user info, but it can't look for kernel-level cheat software.
Note that I don't play league, I could care less about the game or the developer, I'm just interested in the privacy vs cheating aspect of the conversation.
The most basic form of anticheat already spots this.
You are so far in the past it's clear why you don't understand it.
So, you read "we already have these surveillance capability" and you're fine with it? Interesting.
The whole point of "user mode" is that it is possible to separate things. Even on Windows, assuming proper handling of your storage and settings, one account can be barred from accessing another account data it should not have access to. Granted, most people won't care, but you can do it, and run separate windows accounts for games and personal stuff for example. You can even do it without constantly switching between them.
Not only kernel mode "anticheat" will allow snooping on the current account, but on others too, that's the key difference here. As a user/customer, it removes the possibility of having private stuff on your computer at all.
That's kind of a big deal.
As someone who has previously argued that user/kernel-level distinction is pretty pointless (along the lines of this XKCD), the multi-user aspect is something I haven't considered before and actually quite important.
You could drop the flamebait, but all good.
Can't this already be achieved by elevation? Why would a kernel driver be necessary?
Someone woke up on the wrong side of the bed it seems 🙄
I could point out the ad hominem, but even worse, emojis?! You have zero credibility, scram.
You could drop the flame bait
Windows: $ insmod < "http://shady-ring0-blob-from-internet.sys.cn" What could possibly go wrong?
They want you to be digital slaves
I find it contradictory how Riot's own explanation contains the following two statements:
If the first statement was true (which it's not), then they shouldn't need any additional capabilities offered by running at the kernel level to surveil the system to detect cheats. As they admit in the second statement though, it is exactly because cheats abuse the OS security model to gain capabilities to both monitor and interfere with the game in an invisible manner that they need to get those additional capabilities to invisibly monitor and interfere with other programs too. The best they can do is a pinky promise that they won't abuse this power, but they don't even give us that promise and instead insist they don't actually have that power. That's super suspect to me.
I hope people using cheating software understand the dire security consequences of installing and running that type of software too, especially in that it comes from very shady sources.
Anticheat software, sure that's what it is. Totally not a excuse to steal total control of a player's machine, nope not here
I mean I'm not going to jump to the conclusion that they are definitely actively doing this, but more that if they openly admitted that their anti-cheat software has the ability to invisibly monitor everything on your computer from your browser to your password manager, then people would be way less accepting of it just because of the potential risk.
Also, it doesn't even remove the capability of cheating. A virtual machine can hide things from the kernel. I'm not sure if there's an existing implementation that makes it completely transparent to the guest OS that it's running on a VM, but it's technically possible to do that if it's not already being done.
A VM-based cheating system would be more complex than a kernel-mode one, but it's just the next step in the arms race, unless there's an even easier one I'm not aware of... I suppose hacking their anti-cheat system itself so that the games think it's working properly might be possible depending on how it's done, though that can be defeated by an even bigger security hole: giving it the ability to run arbitrary code from the server in kernel mode.
Another way to cheat that might not be defeatable is to run a hacked version in parallel to a completely legit one. You use the legit one for all server communications and the hacked one to render an overlay over top of the video from the legit copy.
IMO, the way anti-cheat should be going is behavior analysis of players. Do players behave as if they are aware of information they shouldn't be, like the location of other players that shouldn't be visible? Is the player less effective if the server feeds them fake invisible data about non-existent opponents? Is there a correlation between how difficult shots should be and how likely the player is to make them? Does the player's performance drastically change from time to time, more so than someone getting into the zone or having a bad day? Does the player ever talk about cheating in the game's text or voice chat?
Though that's assuming the cheating is the reason and not an excuse for this.
Yup, very true. There's even the possibility of hardware level cheats, just like that new MSI monitor that analyzes the screen with AI. Imagine that but instead it's a KVM switch like device that can "see" everything happening on the screen as well as the keyboard and mouse inputs. You could train it to recognize and track enemies in an FPS then add in some extra inputs to correct the aim every time you fire, or activate abilities in a MOBA automatically in response to enemy actions. I think this is what Gameshark might be trying to do. Short of requiring cryptographically secure input devices, the only way to detect this type of cheating would be behavioural.
Another commenter linked a video that goes in to detail about how actual cheats are doing it (my comment was just speculation about what's possible based on what I know about computers work), and they are doing stuff like that. They use raspberry pis and/or arduinos to analyze the screen (or a small square around the centre where the reticle is). Then they intercept clicks and when one is made, add in the corrections to centre the target and then pass on the click. In this case, the Arduino would have a the mouse and usb/network for the image stream as input and it outputs as if it's a mouse.
And as a man in the middle, it would just make the secure connection itself and pretend it's just a mouse (spoofing whatever IDs it needs to), so I don't think cryptographically secure mice would make a difference unless the market is willing to accept only buying approved mice that add their public keys to some database. It would just be another front in the arms race.
Ultimately cheaters have the advantage of having physical access to their device. The scheme we're talking about would even work on cloud gaming platforms as it's only using the same information that is already being displayed to the player.
Oh yeah, and for behaviour detection of this, it's kinda annoying they don't detect it because I don't think it would be difficult to do this (either from a problem solving perspective or the amount of computational power that would be required).
Just track the x and y deltas and their derivative over time (in this case, the derivative is just the difference between the current sample and the previous one, so no calculus required, just a subtraction per sample). Then check if they are continuous. X and y deltas are velocity, which must be continuous because the mouse is a physical object and subject to inertia. Acceleration should also be continuous because of the limitations of our muscles (though if your mouse bumps your keyboard or your hand is moving and bumps your mouse, you can see natural acceleration that isn't continuous, but these wouldn't directly preceed a successful shot at a target).
Then just watch for spikes in either of those. A better cheat program could smooth the spikes, but it slows down the capability of the aim bot.
Bye gamers! Excelsior!
The decision to push Vanguard upon League players is a baffling one, especially since hacking, scripting and botting are nowhere near as prominent in MOBA games.
I can only see one potential upside to this and that is Riot being able to more effectively hardware ban serious rule breakers.
My problem with Riot is that their Customer Support is almost Blizzard levels of shit.
I see you haven't been in a Master queue that gets an obvious scripter every 2-3 games, even more so near the end of the season (1 per game at least).
I'm hardstuck Iron, so I just get paired with morons and professional inters.
@ForgottenFlux @technology HAX!
Does anyone know if this affects mobile yet?
I don't think either of the main mobile platforms allow users or developers on unrooted devices to install software at this level.
I think on iOS it's technically possible (or at the very least was at one point) but apple would nuke your app from the store if you tried, so I'm doubtful they would try pulling something like this for apple users specifically.
On android barring a Rooting exploit in the OS (which would also get your app nuked) it just isn't possible, and Rooted users don't really need to worry because they should know better than to grant a game Root access if it asks.
Well thats good news as i only really play tft anymore and can do that on my phone then. Will need to confirm this but it makes sense
I wonder what is dead by daylight’s easy anti cheat?
Cool, PC gaming sucks now anyway.
The only good thing to come out of RIOT are the animations. Those don't require exposing myself to the CCP.
Oh, so the company which changed groovy Zilean into a cranked out meth head to please the CCP, because they're legally obligated to serve them, now wants kernel level access to every computer playing the most popular PVP game?
Fuck everything about that. China's openly stated goal is world domination and they control every facet of their citizen's lives, AND STILL HAVE MORE VIDEOGAME CHEATERS THAN ANYWHERE ELSE!
This has nothing to do with anticheat.
o7 OpenSuse you will be missed. This has been a great blow to the Linux gaming community. Sad I cannot be a part of it after this change.
Wait, are you saying you're giving up Linux? Seems like you're saying OpenSUSE will be missed. Really? For LoL???
People who play League are a different breed bro
Yeah. This comment section just looks like a bunch of people who have played league once half a decade ago. Easy to quit something they weren't doing in the first place.
Just like that?
Are you the one that calls the surrender vote at the 15:00 mark? :|
C'mon, don't let em have their way with you and the rest of the playerbase like that. This move is a gross breach of trust on their part.
--Fellow OpenSUSE (Tumbleweed) community member
I actually wish valve did something this catastrophically stupid when I was wasting 5 hours a day on fucking Dota. Would've made it so easy to quit.
I don't understand the Vanguard hate. Its one of the best anti cheats and unlike EAC it doesn't take screenshots of your desktop.
Just use a separate OS install for games.
"just" :D More like hitting the uninstall button hard.
We could go through the hassle of partitioning our drives, installing another OS (and possibly paying for it), maintaining that OS, and rebooting to play this one game. Or we could just not install this game and say fuck that hassle.
Meanwhile counter strike players are wanting valve to install kernel level anti cheats because it works so well in valorant.
It's because VAC kinda sucks. People will rather have a functioning anti-cheat with more access than play with cheaters.
Vanguard is being bypassed as well, but users have now a compromised system to the lowest level possible.
So that isn't the solution, i would somewhat understand it if no one is able to cheat anymore, but as long as there are hacks available you can give up on kernel level anti-cheat.
I don’t even think the being able to cheat part is the problem. It’s their response time that is great. On the VERY rare occasions I’ve seen hackers in Valorant they were always banned either by the end of the match or within a few hours. Most games can’t say the same.
this
How do you know they got banned? Do you report them and then get notified they were banned?
Presumably they just buy another copy of the game, so reports of fast banning isn't ultimately a sign cheaters are being removed forever but hindered.
If you report them they tell you whenever they get banned or if they are in your game it says then
https://youtu.be/XKE1vbJY2VA?si=0THIBS2vZcWtVYvJ
Here is an alternative Piped link(s):
https://piped.video/XKE1vbJY2VA?si=0THIBS2vZcWtVYvJ
Piped is a privacy-respecting open-source alternative frontend to YouTube.
I'm open-source; check me out at GitHub.
I understand people here are not that big of a fan for kernel level anticheats, but if cheaters are able to easily bypass a non-kernel level anticheat, what other choice do they really have?
Edit
January 20th, 2024 7:03 PM (19:03) EST: While all of you have good points, I'm not backing down on this. Yes, I get the privacy concerns but have we thought about the application could possibly only be sending/receiving data for updates to the anticheat, maybe sending data only when the game is open (or the launcher), or something like that? Again, I'm not backing down, I said what I said. I'm fine with all of you disagreeing with what I said, but I won't back down.Edit2
January 20th, 2024 7:11 PM (19:11) EST: I did not realize until now that Tencent has a stake in Riot Games. I see your concerns now, but I'm still not backing down.For the company its the best solution.
If you don’t care about your entire computer except for gaming its fine.
If your computer has any meaningful data then its just depressing that you as a user have lost control of your device to play LoL.
I thought server side anti cheat was the most effective. Since it can't be modified by clients and tracks clients for impossible behaviour.
It is but history has shown it’s not easy and locked down clients do help (see consoles).
Because it just moves the fight to kernel level where the stakes aren't task crashed, but blue screen instead.
Is there a reason to think kernel-level anti-cheat isn't (easily) bypassable? The next step is recording users and their input devices like a speed-run substitution or an at-home exam, which I presume could become (easily) bypassable too.
Are there any companies which have even tried to explore other options?
Valve basically does that with their overwatch system.
For anyone else trying to find info on this like me and just getting a ton of Overwatch 2 in the search results.... here's an article about Valve's Overwatch anti-cheat in CS:GO: https://www.rockpapershotgun.com/csgo-overwatch-guide
Super helpful thank you! That's pretty neat.
There's a company that has AI powered anti heat and they claim it is amazing, but also claim very few companies people wanna work with them. A hint that they know their player count would suffer.
I struggle to imagine how they get training data for games and specific cheats, and data for just good players using Intuition from experience.
For CSGO it's trivial - the "Overwatch" system literally provided demos of players cheating that the AI could learn off of. I think Valve themselves were looking into something called VACnet that kinda did the same thing.
What determines if the video is the player cheatering? The fact it was mass reported or is someone paid to confirm? Some cheats are obvious to see but many are not. Is it not true that good players can appear to be cheaters to other players lacking experience or information? There will be some false positives.
The system works by having players vote on whether a clip is cheating or not - the guidance is to vote yes if the player is cheating "beyond a reasonable doubt". Players are weighted with a trust score (how much the majority agrees with them), so you can't just spam "innocent" on every clip and avoid bans that way, because the system will start ignoring your votes. You must first trip something in order to get into the overwatch queue anyway, which is what VACnet is about, increasing the amount of cheaters that end up in the overwatch system.
I mean I'd believe everything is bypassable, but I also believe that the Kernel Level Anticheat makes it more difficult to bypass, if that makes sense.
I know what you mean: a barrier to entry reduces cheating while a work-around is unknown, or yet implimented and shared.
The kernel manages interactions between software and hardware: simply it has total control of your computer. Cheaters ruining my game during my time off are annoying but a company having that level of power over millions of computers is a concern on the level of society.
I also understand your point.
Wouldn't it just mean the cheat tools also move into the kernel space and keep doing what they're already doing? Whether people will trust that or not I have no idea but I'll wager people willing to use cheats in an online PVP game probably won't care that much.
I mean that would make sense I guess, but it would mean they'd have to spend time and resources to figure it out. I get your points entirely.