- cross-posted to:
- steam@lemmy.ml
- cross-posted to:
- steam@lemmy.ml
Steam store pages received a new Anti-cheat field. Disclosure is mandatory for kernel-level anti-cheat solutions. And recommended for other anti-cheat solutions (like server-side or non-kernel-level client-side).
The field discloses the anti-cheat product, whether it is a kernel-level installation, and whether it uninstalls with the product or requires manual removal to remove.
- atro_city ( @atro_city@fedia.io ) 50•11 days ago
Don’t they mean malware?
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 15•10 days ago
No
- averyminya ( @averyminya@beehaw.org ) 28•10 days ago
I’m assuming the user meant all kernel level anti-cheat is malware
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 15•10 days ago
I’m sure they did and it’s not. Malware isn’t defined by its privileges but what it does.
- Saik0 ( @Saik0Shinigami@lemmy.saik0.com ) English20•10 days ago
Malware isn’t defined by its privileges but what it does.
Correct… and anything that intercepts all system calls and forces closed applications that it deems “not safe” even if I the user specifically run it is malware. You bet your ass they feed back information to the mothership too.
And btw, if you’re accepting the “Spyware” moniker from the other comment chain. Spyware is a form/category of malware.
Definition from Malwarebytes:
Hostile, intrusive, and intentionally nasty, malware seeks to invade, damage, or disable computers, computer systems, networks, tablets, and mobile devices, often by taking partial control over a device’s operations.
Hostile - it’s not meant to help you at all. If you’re doing something deemed “unsafe” in their eyes. They will take action up to and including stealing your money that you paid for the game. intrusive - embeds itself in the kernel Intentionally nasty - Well it’s not accidentally nasty.
invade - attached to games with little to no input on what you’re installing. disable computer systems - specifically the software you paid for Taking partial control over a device’s operations - the whole fucking kernel.
I’d say meeting the VAST majority of the definition and at least one portion of each category is sufficient to call them all malware.
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 11•10 days ago
No it’s literally not what malware is. Otherwise anti virus would be. And anti malware haha
It’s literally none of those things mentioned.
You are doing massive mental gymnastics. Intentionally nasty for an anit cheat is just stupid. You 100% know that’s not what that means.
It also doesn’t invade, damage, disable or take control of the system.
Just because you don’t like it doesn’t make it malware.
- Saik0 ( @Saik0Shinigami@lemmy.saik0.com ) English11•10 days ago
Taking kernel level actions to stop processes on YOUR machine is absolutely taking control of the system.
Kernel level anti-cheats meet every requirement. Just because you think there’s gymnastics going on doesn’t make it so. It’s actually well established in the security field that they count.
Have kernel-level anti-cheat systems ever stopped processes? Unrelated to the anti-cheat and the game itself?
I would imagine they would kick and ban you, not control other processes.
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 2•10 days ago
Source
- blind3rdeye ( @blind3rdeye@lemm.ee ) 4•10 days ago
Anti-cheat software is very clearly and explicitly spyware. That’s the entire purpose of it. It spies on how you use your software in the hope that if you cheat you’ll be seen by the spyware watching you.
This spyware is generally not something people want on their computer - as evidenced by people complaining about it. So effectively whats happening is that people are being spied on against their wishes. Spyware is a common category of malware.
So I think it’s pretty easy to see why people might describe anti-cheat software as malware.
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 3•10 days ago
Nah words have meaning. I get you don’t like it but that doesn’t make it spyware or malware.
Spyware isn’t about watching your system or memory it’s about stealing personal information.
These anti cheats specifically comply with privacy laws or they wouldn’t be allowed. You won’t find any breaking any laws.
Anti virus and anti malware applications do the same. Doesn’t make them spyware.
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) English2•7 days ago
antimalware is literally worthless as has been for at least a decade. not even once did I get a spyware (or other) alert for the software of any commercial data harvester company. they are literally bought out and even the blind can see this
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 1•7 days ago
Yeah for sure. Used to be absolutely critical back when things like java in websites was a thing haha
- Vilian ( @Vilian@lemmy.ca ) 10•10 days ago
Spyware steal your data, look the same to me
- GetOffMyLan ( @GetOffMyLan@programming.dev ) 5•10 days ago
How do they steal your data? They also said malware
- Sl00k ( @Sl00k@programming.dev ) English5•10 days ago
I’ve been a heavy competitive gamer for 10 years now, kernel anticheat has been an incredible blessing developed these last few years despite every non-player calling it malware. Meanwhile all the consistent players rejoice and newer players don’t have to deal with constantly wondering if someone’s hacking every single lobby.
You can see just how much this has directly impacted high elo League of Legends players via Riots dev blog after their implementation. The most notable:
more than 10% of Master+ games had a cheater in them.
- filcuk ( @filcuk@lemmy.zip ) 3•10 days ago
Does anyone actually have a suggestion for a less intrusive alternative?
Do you realise how difficult and ineffective server-side anti-cheat can be?
Although it would be the only way to actually try and detect someone using a second machine for hacking/inputs.
All of this will become an increasingly uphill battle for the devs.- pokexpert30 ( @pokexpert30@lemmy.pussthecat.org ) 6•10 days ago
Server side AC is hard, yes, but it’s not less effective than client-side… As it’s security by obfuscation. If you can’t genuinely detect from server view the difference between an human and a cheater, that means a cheater can create a cheat controller (either hid spoof or even mechanicallly moving a mouse) that will spoof the client side too.
NEVER TRUST USER INPUT.
- Matt ( @DieserTypMatthias@lemmy.ml ) 5•10 days ago
Write it in language that obfuscates code by default (Rust does that) and then it obfuscates again. Or do it the Valve way. Even though is very easy to crack their anticheat (the hacks and DLL injectors are basically for free both on Windows and Linux), they have other measures in place. E.g. Votekicking players, Overwatch and matchmaking against other hackers.
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) English1•7 days ago
where did you read it that rust obfuscates the code?
you want vmprotect and such for that
- Matt ( @DieserTypMatthias@lemmy.ml ) 1•7 days ago
If security analysts have issues decompiling Rust malware, then it’s obvious that it obfuscates the code. All they could get was an ugly Assembly. You can try it yourself by downloading Ghidra/Cutter/any other compiler.