Users can now turn off Valorant's anti-cheat software

Cal Jeffrey

Cal Jeffrey

Posts: 4,178   +1,424
Staff member
A hot potato: Nobody likes cheaters in online multiplayer games. Some cheating programs operate in Ring 0 to avoid detection because most mitigation methods operate in Rings 2 or 3. Valorant's Vanguard software uses Ring 0 drivers to detect these programs. While it is not the only one to do this, Vanguard has recently become a hot topic in the community because of it.

Earlier this month, Riot Games came under fire over its "Vanguard" anti-cheat software. The problem was that the program uses a kernel-mode driver with Ring 0 privileges, which raised issues for some players. Users and security analysts expressed fears that it would create system-wide stability issues and an additional attack vector for hackers, even though several other games use similar cheat mitigation methods.

In response to these concerns, Riot security and privacy teams quickly posted a detailed explanation of the Vanguard software and announced it was increasing the rewards for its bug bounty program on HackerOne for Vanguard-related vulnerabilities.

"Today [April 17], we're announcing that we're creating a special scope for Vanguard vulnerabilities with even higher bounties," said the developers. "We want players to continue to play our games with peace of mind, and we're putting our money where our mouth is."

This week, the company announced on the r/Valorant subreddit that it has since made a few changes to the Vanguard software. Effective immediately, the program will have a system tray icon (after rebooting). From there, users can turn off the Vanguard system at any time. One must keep in mind, however, that this puts the PC into an "untrusted" state, so they will not be able to play the game until rebooting the computer.

Additionally, if players want to keep the Vanguard software off indefinitely (even after a reboot), there is now an option to uninstall it. The anti-cheat system will automatically reinstall when launching Valorant. Users may also turn off the system tray icon through the Windows Notification Area.

It still does not address the fact that there is a driver in Ring 0 (except for with an uninstall) but does at least give players more control over the software, which is never a bad thing.

Permalink to story.

https://www.techspot.com/news/85014-users-can-now-turn-off-valorant-anti-cheat.html

 
Please just let the Chinese keep this game to themselves, that would hopefully reduces the amount of Chinese cheaters in other games.
 
What they should have done is make it easy to disable and still let you play the game but now you get matched with others who have also disabled it.

Then when they're bored of playing with hackers, they'll turn it back on.
 
Burty117 said:
What they should have done is make it easy to disable and still let you play the game but now you get matched with others who have also disabled it.

Then when they're bored of playing with hackers, they'll turn it back on.
Click to expand...
They could make an anti cheat system that doesn't run in the Kernel. I like CS:GO, I like Overwatch. I was going to try this game...not anymore. Sorry, but you don't get Kernel access to my computer.
 
  • Like
Reactions: Fearghast and Sherwoodnt
Axiarus said:
They could make an anti cheat system that doesn't run in the Kernel. I like CS:GO, I like Overwatch. I was going to try this game...not anymore. Sorry, but you don't get Kernel access to my computer.
Click to expand...
And both the games you mention have had, and continue to have, cheaters in-game. You picked two games I have considerable hours on as well and ran into cheaters on both (more so on Overwatch to be fair).

As I said, if you don't like the protection system, all they had to do was let you turn it off and matchmake you with people who don't want the protection. Those of us who hate cheats can be matched with people with the protection still turned on.
 
  • Like
Reactions: Impudicus
Burty117 said:
And both the games you mention have had, and continue to have, cheaters in-game. You picked two games I have considerable hours on as well and ran into cheaters on both (more so on Overwatch to be fair).

As I said, if you don't like the protection system, all they had to do was let you turn it off and matchmake you with people who don't want the protection. Those of us who hate cheats can be matched with people with the protection still turned on.
Click to expand...
I don't like cheaters either. CS:GO I have not played enough to notice any. Overwatch I have only ever encountered like one or two cheaters. However, a Chinese program that has more privileges than System level is a no go for me. User>Admin>System>Kernel. Again, the anti-chat does NOT have to run at the Kernel level to be effective.
 
  • Like
Reactions: Fearghast
Axiarus said:
I don't like cheaters either. CS:GO I have not played enough to notice any. Overwatch I have only ever encountered like one or two cheaters. However, a Chinese program that has more privileges than System level is a no go for me. User>Admin>System>Kernel. Again, the anti-chat does NOT have to run at the Kernel level to be effective.
Click to expand...
Cool story bro, if you could explain that to all the Devs out there exactly how to stop cheats without that access, please do. In fact you stand to make a huge amount of money.

Again, this isn't the only Anti-Cheat with this level of access, everyone's kicking up a fuss purely because the developers are owned by a Chinese company.
 
  • Like
Reactions: Impudicus
Devs may pay bounty, but the gov's surveillance agencies will pay 100x more. Gov has access to thousands of zero days that exist for decades. Media is being paid to repeat "not used wildly" on any revealed zero day to give people false sense of security, prevent target devs from rushing with patch and allow surveillance agencies longer exploitation time. Ofc a lot of times the gov will pay devs to introduce a new feature that also introduces a plethora of new security holes. So, there is nothing to worry about security wise as everything is always compromised. Even Mozilla wrote in one of their articles: a good rule of thumb for web security is "You can never be too cautious. If you made it, double-check it anyway. If someone else made it, assume it's dangerous until proven otherwise." It goes for everything, not just web.
 
Burty117 said:
Cool story bro, if you could explain that to all the Devs out there exactly how to stop cheats without that access, please do. In fact you stand to make a huge amount of money.

Again, this isn't the only Anti-Cheat with this level of access, everyone's kicking up a fuss purely because the developers are owned by a Chinese company.
Click to expand...
No, everyone was kicking up a fuss because it constantly ran in the background. Game running or not. Now you have to restart your computer to play the game if you turn it off? Funny.
 
  • Like
Reactions: Fearghast
Burty117 said:
Cool story bro, if you could explain that to all the Devs out there exactly how to stop cheats without that access, please do. In fact you stand to make a huge amount of money.

Again, this isn't the only Anti-Cheat with this level of access, everyone's kicking up a fuss purely because the developers are owned by a Chinese company.
Click to expand...
Running in kernel is no miracle remedy, though. It makes anticheat's job easier, but nothing is really granted there and it's not free lunch - it does make development more convoluted, bug prone and inherently decreases product's security. And cheaters can get into kernel, too - they can even run as a hypervisor, while anticheats can't.

BTW it's not the first time people get pissed off because of ring 0 anti-cheats - it's just more prominent this time. Partially because it's a Chinese-owned company, but also because it's a broadly marketed, quite highly hyped title from a developer of one of the most popular games in the history.
 
  • Like
Reactions: Impudicus
>because most mitigation methods operate in Rings 2 or 3.
There is no ring 2 in modern x86-based PCs. AMD64 architecture offers only two regular privilege levels: 3 and 0. Rings 1 and 2 were present in 32-bit x86 architecture, but 64-bit extensions got rid of them, because they weren't used at all. The naming remains unchanged, though, hence 0 and 3 instead of 0 and 1.
 
enemys said:
And cheaters can get into kernel, too - they can even run as a hypervisor, while anticheats can't.
Click to expand...
Finally, someone on Techspot who gets it. All these Cheat engines need Kernel access, that's how they work, read direct from memory and unless the application has Kernal access, will never know it was being read. The cheats that run as a hypervisor can be stopped by the Anti-Cheat having Kernal access as it now has the ability to detect what's reading it in memory.
enemys said:
Also because it's a broadly marketed, quite highly hyped title from a developer of one of the most popular games in the history.
Click to expand...
I was referring to Easy Anti-Cheat, used in Fortnite, also one of the world's most popular games. Hence why I'm pretty sure this is only in the news because Riot is owned by a Chinese company.
 
  • Like
Reactions: Impudicus
Burty117 said:
The cheats that run as a hypervisor can be stopped by the Anti-Cheat having Kernal access as it now has the ability to detect what's reading it in memory.
Click to expand...
Not necessarily. Detecting that some hypervisor is present is trivial, detecting what exactly it is doing is not. And as for "detecting what's reading it" - I don't really get what you mean. Hypervisor can read arbitrary kernel memory without kernel ever detecting it. It's got comparable (though not the same) power over kernel to the one that kernel holds over userspace.

Burty117 said:
I was referring to Easy Anti-Cheat, used in Fortnite, also one of the world's most popular games. Hence why I'm pretty sure this is only in the news because Riot is owned by a Chinese company.
Click to expand...
Partially - sure. Only? I don't think so. Valorant is the first (at least first broadly spoken of) anticheat that requires loading on boot and that brought some attention to it, as well. As for EAC - it has been present before Fortnite existed, so I suppose people got used to it. And like every kernel-based anticheat, has received some criticism in the past - though I'm sure you're right it would have got more if it was tied to Chinese companies.
 
Burty117 said:
I was referring to Easy Anti-Cheat, used in Fortnite, also one of the world's most popular games. Hence why I'm pretty sure this is only in the news because Riot is owned by a Chinese company.
Click to expand...
Because Fortnite is only 40% owned by a Chinese company. The same company that owns Riot. But I guess it's not enough to get on our radar.
 
Pubg used EAC first then Fortnite got it. A year or so later Epic would buy EAC. Which is also used in the very popular Apex Legends game.

What's the point of uninstalling the anti cheat if it is required? Did I just not read that the anti cheat installs when launching the game.

All games have cheats and cheaters, nothing stops it all but it can be controlled.
 
You must log in or register to reply here.

Similar threads

midian182
Activision Blizzard investigates hacking campaign linked to cheat software
Replies
5
Views
177
Uncle Al
Uncle Al
midian182
Samsung unveils the All-in-One Pro: A sleek alternative to the iMac with a 27-inch 4K display
Replies
10
Views
175
Bobbydpue
Bobbydpue
Daniel Sims
Star Wars Battlefront II (2017) receives new dedicated server browser, mod launcher, and other features from fans
Replies
1
Views
101
MakeMSGreatAgain
M

Latest posts

Back