Running in the kernel let’s anti-cheat see everything on your computer, let’s devs take screenshots or videos of your screen, and let’s the anti-cheat reinstall itself if the user tries to remove it. It also lets the developers secretly install additional software if needed for some reason. Overall it’s pretty effective at being able to catch user space cheat programs, the catch is that you’re permanently compromising the security and privacy of your computer, and nothing short of a full disk purge will guarantee it’s actually been uninstalled.
The other catch is it’s can still be defeated by kernel-level cheat programs, which are now widely available thanks to the rise of kernel anti-cheat. It also can’t do anything about cheat programs that run on external hardware, such as aimbots that just look at your video feed and simulate mouse inputs to aim.
So it really comes down to how bothered you are by cheaters in your games, and if you’re willing to give up your privacy and security to make it slightly more inconvenient for those cheaters to cheat.
Fubarberry@sopuli.xyz 3 weeks ago
I should probably mention some notable downsides to kernel anti-cheat as well:
Because kernel anti-cheat has full access to your PC, if any virus/etc can take advantage of a security vulnerability in the anti-cheat program, it gains absolute access to your PC.
Kernel anti-cheat needs special signing keys to get access to the kernel, but the more companies that get access to the keys the more likely it is to have compromised keys. Genshin impacts keys were compromised and used to sign ransomware, giving it full kernel access on any computers it was able to get on.
Devs have used kernel anti-cheat to secretly install Bitcoin miners on users machines
Kernel anti-cheat can be compromised and used to directly gain control of a users PC. Some apex legends streamers had their PCs compromised and cheats installed remotely through their anti-cheat during a tournament.
A lot of anti-cheat programs are created by Chinese companies or companies that are mostly owned by Chinese companies. China is well known for spying on users, and there’s a ban on a lot of Chinese hardware due to spying concerns and backdoors that the Chinese government requires to be in their devices. I think the invasive nature of kernel anti-cheat makes it an obvious spying platform, and I think it’s absurd to think that any anti-cheat coming from China isn’t actively spying on you.
A7thStone@lemmy.world 3 weeks ago
Think it’s absurd to think any anti-cheat coming from China isn’t actively spying on you.
Our data has proven to be very lucrative. The companies that make anti-cheat are also the types of companies that would want to cash in on our data.