Valorant's anti-cheat software loads kernel-based driver on system boot

[ZedRM]

Oh dear, Have you not played any modern first person shooters or something? Hacks don't just edit the scores, if cheaters did that, I don't think people would be as annoyed by cheating.

No, I haven't, please enlighten me...?

The reason these anti-cheat systems need Kernel Access is because the Cheat Software also goes that far to control mouse / controller movement and normally gives the cheater the ability to see through walls and what not.

That can be handled server-side as well. The great thing about software is that is very adaptable and dynamic. If you can think about it, you can do it in software. It's only a matter of application. The Devs need to get creative and do things a better way.

I completely get why they're doing this, I just wish there was a more standardized way of doing it like a Microsoft API the games can tap into that can report back what control devices are running and report the driver file hashes back. Then the game devs could deny known cheat software and any unknown hashes are reported back to be investigated.

But that pressumes to require a level of client-side system control that is very unacceptable. They need to run critical functions server-side. Only then will they be able to true get a solid grip on the problems at hand.

And before anyone says it, no game streaming is not a valid solution.

 

[Fearghast]

Riot software in my kernel... Since even their LOL client is not able to run stable (even after so many years of development), I am really not keen on letting riot messing in my OS.
Not to mention my AV Avira would probably, correctly, detected it as a malicious software.

Edit: Not to mention Tencent is owner of Riot, right?

 

[toooooot]

To me the cheating is irrelevant since these games have the most toxic communities ever so I won't be touching any of them.

I like to think of bad people as a price for being able to have good ones. Just like dealing with things like COVID to pay for all the goodies advanced civilization can give me. Yea, I like roads, dentists, and internet. But they come at a price, having bad people too. I like playing with people. Besides, I eventually finds servers moderated by normal people keeping negative players quiet.

I fully and completely disapprove. I hate online cheaters too, but this kind of thing goes too far. Not acceptable on any level. Then there is the following...

..Ta Daa!

Game devs are going to have to out think the cheaters. It's really very simple, keep multi-player stats stored, counted and calculated server-side. If the player client doesn't possess the data, it can not manipulate it. Attempts to do so would be EASILY tracked and kicking a player for trying would be trivial. Too many kicks and a server generated player ban request is sent to admins for review. It could also be set up as an auto ban...

There is always a better way to do something if enough creative thought is put into it.

I doubt stat caclulating can help with such simple thing as aimbot for example.
I am aware of manipulations that adjust abilities or in game currency, I even tested it in one stupid p2w android game. But I think aimbot is not in this category. And aimbot in shooters is the worst thing to play against

 

[candle_86]

No, just no. Anything that runs Kerbal side is a vulnerability. I'm going to stick to my older games, modern of gamers annoy me anyway, that's why I still okay cs 1.6 I prefer guys in their 30's-50's over teens and 20 year olds.

 

[Burty117]

No, I haven't, please enlighten me...?

That can be handled server-side as well. The great thing about software is that is very adaptable and dynamic. If you can think about it, you can do it in software. It's only a matter of application. The Devs need to get creative and do things a better way.

But that pressumes to require a level of client-side system control that is very unacceptable. They need to run critical functions server-side. Only then will they be able to true get a solid grip on the problems at hand.

And before anyone says it, no game streaming is not a valid solution.

Yeah ok dude, whatever, I guess throwing around words like "Adaptable" or "Dynamic" software is the answer...

Do you legit not see the problem or something? I can try and explain the best I can. Cheat software pretends to be a mouse and keyboard (or controller) and reads the games running state that is loaded into memory. When it does this, it can see the locations of other players and can control the player so they have perfect aim, perfect reaction time and are seemingly able to dodge incoming fire.

How do you propose using "Adaptable" or "Dynamic" software is going to help? Do you have any ideas on any mechanisms for stopping the Kernel Access privileged cheat software from reading the game loaded in memory?

The only way they could make everything server-side is game streaming! If the game is being rendered on your local PC, then cheat software can read it from memory and manipulate it.

Hence why I suggest something more reasonable like an API from Microsoft and not just "dynamic" software...

 

[ZedRM]

I doubt stat caclulating can help with such simple thing as aimbot for example.

It can if the client is required to report certain criteria about player movement. No human no matter how skilled can see through walls like aimbots can. So if the client is polled to report what the player is looking at and the server determines that the player should not be able to see what is being targeted, a player kick and/or ban can be employed. Cheaters succeed by thinking outside the box. The devs can defeat them using the same methods.

Do you legit not see the problem or something?

I see and clearly understand the problems at hand. It is you that is failing to see the possiblity of solutions that do NOT require what is little more than a root-kit. See above.

 

[BadThad]

I have ZERO problems with developer doing this. I've paid thousands of dollars for games over the decades only to find many cheaters online. Cheaters completely RUIN any online game essentially taking money right out of my pocket. They are no different from pickpockets or shoplifters and there should be legal penalties for cheating inline with those crimes. Should I personally ever catch a cheater - that would be the end of them! THEY ARE THIEVES!

 

[Burty117]

It can if the client is required to report certain criteria about player movement. No human no matter how skilled can see through walls like aimbots can. So if the client is polled to report what the player is looking at and the server determines that the player should not be able to see what is being targeted, a player kick and/or ban can be employed. Cheaters succeed by thinking outside the box. The devs can defeat them using the same methods.

No but games have surround sound, you can hear through doors, and you can shoot through doors as well. Otherwise devs would have implemented something simple like this. Have you ever seen Shroud play? His response times and aim is incredibly impressive. How could you gear this criteria to allow extremely good players like Shroud play but not the cheaters if you're monitoring such basic information?

I see and clearly understand the problems at hand. It is you that is failing to see the possiblity of solutions that do NOT require what is little more than a root-kit. See above.

No sorry, you've not come up with anything even remotely close to a solution or even an idea. You clearly do not understand the problem if you think, and I quote "adaptive and dynamic software" will magically allow everything to run server-side with absolutely no latency penalty's and you're seriously not understanding how these cheat programs work. They don't interact with the game directly, they interact at the highest level they can, they read directly from RAM, they take control of the input devices directly. How can you not understand that?

The possiblity of solutions that do NOT require what is little more than a root-kit.

Again, I also don't agree with anti-cheat systems having that sort of access, Hence my idea of a Windows API games can tap into to monitor input controls, It still doesn't fix the cheat software's ability to read the games load state from RAM though!

This is something game devs have been battling with for 20 years now, some extremely talented devs at that and they haven't come up with a fool proof way. These are people where it's their job. Day in and day out they're looking for ways to stop cheating in their games.

As the article explains, several Anti-Cheat mechanisms that already exist and are being used in popular games have this higher level access and after a bit of googling, it does seem worth the risk if you want to at least lower the amount of cheating happening in-game.

 

[Capaill]

There should be a game where if you don't cheat you can't play...well you could but you would lose

There is. It's called the Tour de France.

 

[mbrowne5061]

"One of them even performed "black box" attacks against the system with no success"

They do this even before this came out. Security patches come out daily for stuff they have missed. How do they know 100% it is secure?

What keeps this company from reaching into your OS at any time with this? We can trust them, right? Kinda like how we can trust Nest?

I've never even heard of this game, but thanks for the heads up for another game to wave as my wallet drives by.

Plus, all "black box" means is "attacked from the outside, without knowing what is going on inside". Its a pretty standard security test, generally speaking. Now, if they said "white box" (attacked from the inside, knowing what is going on), then I would have been impressed. But 'white box' tests generally takes a kind of programming called "formal verification", where the code is structured and planned like a mathematics proof. Which is very difficult and still an area of research.

 

[LNCPapa]

This seems like one of those instances where if you are serious about playing this game or this type of game you will dedicate a machine for this purpose and do nothing else of importance on that machine. Otherwise I could never approve of this... but if you are serious enough about this type of competitive gaming then you should have a machine for it.

 

[Cycloid Torus]

@LNCPapa Totally agree. Allowing games into Ring0 is like keeping your checkbook in your mailbox.

 

[ShagnWagn]

Plus, all "black box" means is "attacked from the outside, without knowing what is going on inside". Its a pretty standard security test, generally speaking. Now, if they said "white box" (attacked from the inside, knowing what is going on), then I would have been impressed. But 'white box' tests generally takes a kind of programming called "formal verification", where the code is structured and planned like a mathematics proof. Which is very difficult and still an area of research.

Yep. It also only going to detect known vulnerabilities. It has no idea about ones already there but nobody commonly knows about... yet. Such as Windows vulnerabilities they just now find out about from 10 years ago. lol. I mean I guess this is better than nothing? In short? They should not be doing Ring0.

 

[m4a4]

It can if the client is required to report certain criteria about player movement. No human no matter how skilled can see through walls like aimbots can. So if the client is polled to report what the player is looking at and the server determines that the player should not be able to see what is being targeted, a player kick and/or ban can be employed. Cheaters succeed by thinking outside the box. The devs can defeat them using the same methods.

I see and clearly understand the problems at hand. It is you that is failing to see the possiblity of solutions that do NOT require what is little more than a root-kit. See above.

No you don't. If it was as "easy" as you're suggesting, we wouldn't have cheaters!

With your "suggestion": Either you over-determine what's happening and ban legit players, or you under-determine and you still have that problem of cheaters. And then suggesting that somehow the client lets the server know that the cheat software is showing players through level geometry? Ha! Good luck getting the cheat software to notify the client it's doing that (because it's not meant to be detected lol). Seriously, it just looks like you have no experience developing applications to even suggest this "fix".

There's a very good reason why this is still a problem; it's pretty much impossible to develop against (without controlling 100% of the game remotely). People smarter than you and me have determined that this is a more viable way (for good reason).

 

[AS692313]

Am I the only one who thinks that the dude on the right in the top picture looks like Troy Calypso from Borderlands 3 without closer inspection?

 

[joeblow99]

HAHAHA. Nope. Hard pass. Plenty of other games out there to play. I don't give a fack how fun of a game it is....you're not getting kernel access on my system.

 

[Yppah]

Amazing - love it. If you laugh this off or similar, I'd say pretty much you're just exposing yourself as a scummy cheater, a skill-less wonder, a piece of trash etc. You don't deserve to play games in multiplayer. All should be made to adhere to the rules. You are disgusting and worthless. You honestly don't deserve to play multiplayer. I hate cheaters of all kinds and think everyone should feel the same. No excuse for it.

A game with this kernel type loading anti cheat software should load on game run; you run the game and it reboots your system and straight into game. Sandboxed to avoid the dangers. Saves to cloud. When you exit, machine reboots back to normal OS. Simple. Needs to be implemented so these scummy cheater types can die out. Sickening. If caught and proven cheating ever you should be banned for life on all platforms etc. Details shared on a database so they are excluded forever.

The futures coming you cheaters! Gutted! Eventually you wont be able to cheat! HAHAHA. It will happen. I'll wait. And you will cry cos you cant win any other way. Get mad bro etc!

 

[Yppah]

@LNCPapa Totally agree. Allowing games into Ring0 is like keeping your checkbook in your mailbox.

No. No it aint. Not one bit. Cos a game is a game. And your mailbox is 1000 times more valuable.

 

[Daniele 00]

Hi I have a noob question.
Once I have unistalled Valorant, will it remain any trace of their kernel based anti/cheat program?

 

[ZedRM]

@LNCPapa Totally agree. Allowing games into Ring0 is like keeping your checkbook in your mailbox.

Exactly right. Games and related runtimes should never have ring0 rights, not for any reason.