MS had this implemented originally in NT4 then started allowing more drivers.
They tried again with VISTA but McAfee and Symantec cried to the EU and forced MS to back down.
Apparently apple got away with implementing it however.
Microsoft looking to restrict kernel level access after CrowdStrike incident might help us with our current Anti-Cheat dilemma
Submitted 3 months ago by Fubarberry@sopuli.xyz to steamdeck@sopuli.xyz
https://www.theverge.com/2024/7/26/24206719/microsoft-windows-changes-crowdstrike-kernel-driver
Comments
AlternateRoute@lemmy.ca 3 months ago
deegeese@sopuli.xyz 3 months ago
Apple implemented a kernel API for security software and made it good enough that they forced their own tools to use the API.
MS’s own tools depended on kernel access but they tried locking out 3rd party vendors without building a replacement like Apple did.
McAfee and Symantec correctly pointed out how this would be using monopolist powers to block competitors.
Microsoft needs to shut up and do the work to make their kernel secure.
AlternateRoute@lemmy.ca 3 months ago
Apple implemented a kernel API for security software and made it good enough that they forced their own tools to use the API.
I haven’t looked at the Security API in depth but I have looked at the iOS APIs… Apple gets away with their own apps having MUCH MUCH deeper access than what they give 3rd parties… I would be SHOCKED if their kernel API is all they use in their own tools.
Microsoft needs to shut up and do the work to make their kernel secure.
The EU ruling is very broad however, if it has just been security tools YES MS could have just built out the APIs and used them for defender, but the EU ruling makes it so open we have wonderful video game anti cheat and DRM drivers from all sorts of providers playing around in driver / kernel space.
breadsmasher@lemmy.world 3 months ago
Apple got away with implementing it
I have no idea either way - floating a question.
Did apple previously allow kernel access and then restrict it again? It seems the specific issue with MS vs McAfee etc is due to originally being allowed access, but microsoft restricted it, affecting their products?
paraphrand@lemmy.world 3 months ago
If stopping any and all cheating absolutely is your only metric on “stopping cheating.” Then you have a distorted view on the effectiveness of current anti-cheat tools.
Fubarberry@sopuli.xyz 3 months ago
I mean Valorant has a lot of cheaters, it doesn’t really seem like kernel anti-cheat has been more effective than other forms of anti-cheat. There’s also an increasing number of hardware peripherals that offer cheating assistance, and these can’t be detected by kernel anti-cheat because the cheating happens on separate hardware.
My point is that kernel anti-cheat has major privacy and security tradeoffs, which is a steep cost to pay. A steep cost is only worth it if it has a significant benefit to the users, and in practice it doesn’t.
GoodEye8@lemm.ee 3 months ago
Have you considered that the reason cheaters have to go hardware level is because kernel level anti-cheats are effective at what they’re supposed to do?
I’ll also ask this question, what do you are the alternative solutions to client side anticheats?
reddithalation@sopuli.xyz 3 months ago
go look at some forums for cheating, and you will see that they really do not work very well. it may be a cat and mouse game, but there is constant reverse engineering work and development being done (some of which is even paid work for paid cheats), and there is pretty much always a solution for new anticheat measures that someone finds.
the only unbeatable anticheat is a server side one
paraphrand@lemmy.world 3 months ago
Server side is beatable too.
My point is anti cheat will never be perfect, and you just rattled off a bunch of text to say that.
Anti-cheat efforts do make an impact on the pervasiveness and culture of cheating.
deadcade@lemmy.deadca.de 3 months ago
Client side anti-cheat is inherently flawed. These games are asking an untrusted computer whether it is cheating. That’s like asking a known liar whether they’re lying at that moment. The one way to make it harder for the computer to “lie” is by increasing the permissions the AC has, which comes at the cost of privacy for people with the game, and security for every Windows user (not just the ones with a certain game installed).
Client side anti-cheat can be poked and investigated locally, with no restrictions. All it takes a skilled enough cheater is time, and they will bypass it. The only way to test server side anti-cheat is by hopping in the game, trying to learn how it works, and trying to bypass it. That is a much more time consuming and expensive process.
RobotZap10000@feddit.nl 3 months ago
I read dilemma as diarrhea and didn’t think much of it…
warmaster@lemmy.world 3 months ago
if they build a proper API for it, wouldn’t we be in the same place as now ?
Beaver@lemmy.ca 3 months ago
Finally windows get some kind of improvement after going downhill so much.
pewgar_seemsimandroid@lemmy.blahaj.zone 3 months ago
roblox on linux?
lordnikon@lemmy.world 3 months ago
what kills me is Solved Cheating in the 90s and early 00s. It’s called dedicated servers. People would buy a game someone would setup a server and if you were a dick or cheat you would get kicked and reach sever wasn’t like a community just like it is here.
But the companies want control they want to be able to shut download the game on their timetable and get you to buy the next game. A tool or system is never going to fix this people and breaking communities into manageable chunks can.
Hell back in the day servers were hacked in purpose to create new types of games. anyone remember CS Surfing and Sniper only maps in TFC.
the point is people can hack away beak the game beyond recognition but they can do that off in the real own space.
Now I know that breaks global leader boards and other ego driven things but I’m just talking about having fun with games.
Aurenkin@sh.itjust.works 3 months ago
Those were the days for sure. Dedicated servers were fantastic, you’d often run across the same people in the same server as well and get to know folks. A community, like you said.
lordnikon@lemmy.world 3 months ago
yeah remember heat.net?
Rinox@feddit.it 3 months ago
I mean we have entire genres only because people back in the day modded the shit out of game servers. Team fortress and DotA were both mods before becoming actual games.
Landless2029@lemmy.world 3 months ago
I remember those days, but this was before Microtransactions and battlepasses.
Back then when you bought a game it was complete and you owned it…
thisbenzingring@lemmy.sdf.org 3 months ago
There was global leader boards way back in the day. I think it was called the Quake World League, it was one that would count Counter-Strike. I am not 100% but I think it used gamespy to do much of its work. I remember when it showed millions of people active and I was able to reach a top 20 in Counter-Strike one week. I was able to break the top 100 many times before it changed.
lordnikon@lemmy.world 3 months ago
yeah you’re right so it was eventually better than I remembered back then