Games using anti-cheats and their compatibility with GNU/Linux or Wine/Proton
(areweanticheatyet.com)315 points by doener 2 days ago
315 points by doener 2 days ago
I think the moment you accept data from the client as truth you've lost the battle already, everything else is just damage control. Loads of games have realized this and kept checking game rules on the serverside and reveal data on a need-to-know basis. This makes it nearly impossible for cheats to be made because anything you know you should know, and everythin you act is parsed by the backend according to rules already present
Some kinds of cheating can be mitigated that way, but it can't really stop cheats which just play the game more optimally than the user is able to, using the same inputs and outputs that a legit player would use. Aim assistance in shooters, automatic parries in fighting games, economy-breaking levels of automation in MMOs, and so on.
There's also practical limits to how much data you can filter out in complex 3D games, both due to performance constraints, and because culling information too perfectly can cause things to pop into existence too late under real-world network latency. The effectiveness of ESP cheats can be reduced, but not eliminated in practice.
You could probably detect those kinds of cheats heuristically on the server. There are limits to human ability. It’ll take more time to catch the cheaters, but I’m sure it’s possible.
This player is posting 30 auctions per second. Bot.
This player is turning at a rate of 500 radians per second to make perfect headshots. Bot.
I think anything that relies on reflex alone is flawed design. You can design around this, by for example in Dota2 it doesen't matter how fast you click an entity, because the turnrate of your character is limited, so a person clicking reasonably fast and a bot clicking in 0.01ms both arrive there at the same time. Precision also doesn't matter, because a player can click the icon of the enemy instead of trying to match the pixels on screen. MMO scripts that use information already given by the game just seem like the MMO should invest in UX instead of trying to ban people for using the tools the game already gives them.
However, this only solves the cheat problem to a minimal extent. There is a lot of important data that players should not be directly aware of, but which is important for the game. For example, it is important for calculating sounds to know where enemies are nearby, even though you cannot see them, which makes wall hacks possible, etc.
Sounds are core to shooters and very much within the expected abilities of the players to hear them. If anything, I'd incorporate this kind of indicator in the game itself, allowing for deaf people to "hear" footsteps as well
> I'd incorporate this kind of indicator in the game itself, allowing for deaf people to "hear" footsteps as well
That's just discount wallhacks. Fortnite has it and you're basically forced to use it even if you have no hearing issues, because it provides a massive advantage.
Eventually you have to send data to the client and they have to send you back what they did. Assuming you’re running a game server with 240hz updates, on a 120hz monitor with no buffering, on a low latency connection in the same location to your data center, the absolute bare minimum amount of latency you can plan for is about 15ms from server to on screen, and back again) - 8 ms each way, 4ms for the server tick, and 5ms each way for networking. Now move 100 km from the server, or add in double buffering, and you’re closer to 50-60ms. That means at any given time you know there’s a deviance of between 0 and 50ms between your state and the clients - and a client can and will exploit that.
> Doing everything server side does prevent cheating.
No. Server side only protects against some types of cheats, such as telling the server that your bullet in an FPS is actually a grenade.
It cannot prevent snapping your aim to a target on screen.
That only solves half of the cheating problem - illegal inputs from clients.
The other half is much harder to solve. For a simple example - my client knows that there is an enemy player around a corner. It knows exactly where that player is, because that player is walking, and making noise. A cheats could allow the cheater to see his opponent's player's model through the wall.
For a more blatant example, consider cheats in a first-person shooter that just snap your aim to the nearest enemy's head. This involves zero violation of the game's logic, and also makes the game completely unplayable for everyone in a lobby.
You already know where an enemy is if you hear them behind the wall, you don't need a cheat to tell you that there is noise coming from other side of the wall. The server also doesen't need to tell you they are behind it if they're sneaking. A game that allows zero home-in time sounds like a flaw in the game and something solvable on the serverside.
You can replace a playermodel with wider "sound coming from around here" if you want to make it even harder for a cheat to pinpoint a sound
A trusted entity (probably Valve) could provide a locked down distro where kernel integrity is enforced through secure boot and TPM attestation, but that would mean giving up some control over your own system. There's no guarantee that anything client-side is impossible to bypass of course, but the goal would be to more or less match what Windows offers, which isn't perfect either.
> giving up some control over your own system
There could simply be a developer option that disables these integrity checks but subsequently breaks online games that rely on them. Valve could also offer a module that allows signed user-space binaries access to kernel space, which would be an improvement over Windows offers in that anti-cheat wouldn't need to live in the kernel.
I think that's a fine trade off.
You don't even need a developer mode. I was looking into making my own image based distro/system which has its bootchain entirely verified and I intend to make any modifications via system extentions[1], which IIRC also get measured aswell (or was at least planned somewhere). To be fair, this is purely additive or overlaying, so no removing of files, at best changing. This all would be signed using Secure boot and after the fact using dm-verity.
Secure Boot in theory isn't even necessary, only TPM2. Secure boot only ensure that you are actually booting into a binary that you expect to boot in this case, so if your binary is actually different it would result in different PCR values in the TPM indicating something is wrong.
Sadly a lot of end user software (flatpak, ...) isn't packaged & signed in a way which would allow for full "only run software I allow by importing public keys" (read Linux IPE[2]), but what can you do, only your best I suppose...
[1]: https://www.freedesktop.org/software/systemd/man/systemd-sys...
You don't need a full distro, you can just run the game in a VM sandbox with trusted computing extensions alongside whatever distro you want. That breaks cheats that rely on network/memory inspection, you can still cheat using the raw pixel output to drive faked input, but I don't think the loop is closeable there.
Has anyone produced a proof of concept for such a system, for gaming or otherwise?
Given that a certain amount of windows gamers have been having issues making sure their PCs complied with the config requirements for the latest COD/Battlefield, it would seem an even higher bar for a consumer targeted bit of software that needs to do more to be running securely (or add a different mode to your distro install and reboot to it), alongside the wider variety of distros/configs. Distros advertising themselves for gaming or getting people to migrate from windows are also trying to keep barriers to entry low or to appear simple.
That wouldn't be sufficient. You'd need a hardware component to verify the OS signature of the specific distro with a trusted (by the game company) asymmetric key, and that enforced driver signing.
Those things are all possible, but really the only entity that has the power to realistically do them is the OEM - Valve could do it for SteamOS, but only on it's own hardware.
Could reboot into secure mode for these types of games.
It doesn’t have to be 100%. The point is to make it inconvenient. The majority of people will not do it if it is inconvenient.
Thats the point to many things in life that you just make it more difficult and most people won’t be bothered to attempt to circumvent whatever it is.
There will still be circumventers but it is will be less than if you just said fuck it.
Sure. That also means it doesn't have to be kernel-level rootkits that fundamentally break the security model of my operating system and risk my bank account. Most people will be stopped by userland anticheat, right? It's inconvenient. So ... put it *there.*
And if someone does the kernel bypass thing, well, rely on server-side heuristics (which are imperfect, but also unknowable to the attacker) and you'll discourage enough of that with account bans.
Helpfully eSports players tend to have video captures of their gameplay, and most of these "undetectable" cheats are real obvious if you actually watch the footage. That catches most of the serious stuff at the upper level. It's why video verification has been a thing in the speedrunning scene for such a long time.
Correct. E.g. you can aimbot by routing the video signal to a capture card on a separate computer and run image recognition software to generate mouse movements spoofed at the hardware level. The only way to reliably prevent cheating is with in-person tournaments played on hardware provided by the organizers.
As someone said about the lack of a Switch anti-cheat: it's a numbers game. If cheating is as easy as downloading a .exe for a few $$$, you're going to find cheaters everywhere. If it requires a complex, and/or fairly expensive setup, the number is going to be very low.
That's assuming there's no money in being a cheater.
> It’s fundamentally incompatible with open source
Yeah, I mean why would they open source their anti-cheats, would defeat the purpose, wouldn't it?
Not sure why you bring up OSS here, it isn't relevant in the least, plenty of non-OSS runs on Linux even though Linux and more is OSS.
Yes and no. I agree the only thing that can be reliable is server side.
However that means that anything based on reaction times and such is impossible to protect against (under reasonable conditions). At the end of the day you can always have a robot sitting at your desk. But there is steps to that. You can have something that highlights enemies, etc., you can have something that controls keyboard and mouse (maybe inside a VM, so you don't need hardware) and so on. You can reverse engineer packet encryption in a debugger (in most situations) and have something on the network messing with stuff and so on.
So in that regard, yes you can prevent everything you can prevent on the server, but you cannot prevent every sort of cheating on the server.
Everything that has rounds basically can be prevented (other than again a bot playing).
Everything that is complex to automate is better, but might just make cheating more "worthwhile".
The other thing you can do on the server is "dumb cheat" detection. Eg. the odds of someone being consistently as good at a game and such. Statistics like that is widespread and doesn't need any change on the client.
I did a pretty deep dive into this recently, although haven't yet started any implementation work. As far as I can tell, the best strategy that preserves Linux's open-source and user-empowering ideals as much as possible:
- The game obviously needs to run as root, at least until large amounts of this stuff gets upstreamed into the kernel.
- We're going to be leaving the kernel and boot as untrusted, but injecting a hypervisor underneath the running kernel that is responsible for protecting most pages of game memory. This allows users to still run whatever kernel they want.
- The hypervisor sets up two sets of page tables, one that's only active when the game's thread is running and in userspace, one that hides protected pages and is active when the kernel or other threads are running. Note that game code itself needs to get decrypted into protected ram.
- The TPM of the system gets involved when we jump into the hypervisor to attest that the hypervisor is actually running, and the hypervisor then provides attestations to userspace that certain memory regions are protected from kernel or other thread access.
- Any syscalls will fail if they require the kernel to read or write pages that are protected. The game needs to allocate data that should be shared with the kernel into non-protected pages.
- When the game is closed, we can remove the hypervisor and Linux will be back to bare metal operation. This should be unobservable to the rest of the system.
This architecture preserves the ability of users to run arbitrary kernel modules, but does mean a hypothetical attacker can observe data that passes through the kernel (like draw calls/pixels). It's likely that a more complete implementation would also want some way for the hypervisor to attest to the accuracy of keyboard/mouse input and interface with iommu configuration like Windows KAC does.
There’s just no way to stop cheating client side despite what devs love to think. But server side anti cheat is much harder and requires more work; it’s much simpler to just install spyware / rootkits on the client and call it a day.
You can’t prevent wall hacks with only server side anti cheat. The client needs that data locally before the enemy is rendered on screen.
As mentioned in another comment, you can’t do this on the server without expensive checks for every single player that is always checking line of sight, because it’s not just your session running on a single server but multiple sessions.
And let’s say you did this, now you have a latency problem because most modern games to make them feel fluid has client side prediction with server reconciliation. This is what makes your modern games feel more responsive, if you put a constant server check there you have lost this.
No matter what people say online, it isn’t just move all of it to the server, there is data the client needs to know and can’t be spoonfed by the server.
I think it’s an organization accountability issue.
Why would a company pay for anti cheat infrastructure when they can outsource it to some company and blame them if there are cheaters or upset users? Windows is the status quo too, so it’s very easy to point to everyone else when justifying your choice to the execs.
It would be great if steam deck+box start costing studios quantifiable amounts of money that can be used to justify fixing this instead of outsourcing and hand waving.
I think the most stringent types of Windows anti-cheat rely on remote attestation of the operating system. It's theoretically possible to design a Linux-based OS that supports such a capability, but the sort of people who choose Linux are unlikely to accept a third party having the final say over their computer.
I, for one am disappointed that anyone has accepted it. Once it's widespread, service providers can demand it, as we're seeing with mobile banking apps and game anticheat.
I also strongly dislike requiring remote attestation for any kind of software I want to run. But what I also dislike is cheaters in my online games and I genuinely do not have a better suggestion on what to do.
Personally, I run Windows purely for gaming and don't let it near any important data. For the latter, I boot into Linux with separately encrypted disks.
>But what I also dislike is cheaters in my online games and I genuinely do not have a better suggestion on what to do.
You can't suggest "run online games as close-knit social groups, with social exclusion punishments for cheaters", which is how most online games used to be run. How old are you?
Game vendors used to be happy letting us host and run our own multiplayer games, until they realised they could get more money out of us -- "battle passes", microtransactions, ability to forcibly turn off multiplayer of older game when newer remake comes out -- and now they've made themselves a mandatory part of your online experience. You have to use their matchmaking and their servers. So now it's down to them to solve the problem of cheaters, enabled by their centralised matchmaking... and their only solution is remote attestation of your machine and yet more data collection?
If you use secure boot and don't let your keys near Windows, you should be fine even if your Windows install is compromised. Unless you don't trust Microsoft themselves, in which case you'd need to re-enroll keys whenever switching operating systems, which is possible, but very tedious.
Linux is resistant to rootkits, which is what these things are, and allows you to remove them, yes.
The correct solution is to verify everything server side, or actually have humans watch replays and ban cheaters, but both of those would reduce profits, so will obviously never happen.
You see cheaters banned in real time in Valorant, and the match is canceled, at least you used to.
IMO the real solution is back in community servers and votekicking.. It works on old games with no anticheat measures..
Maybe add some blatant detection for people teleporting and doing other absolutely impossible things serverside, but I don't understand why my team has to ruin their 'reputation' teamkilling a cheater so he doesn't ruin the game completely in most current games when the anticheat only catches free, old cheats. Just let people votekick and find someone else in the matchmaking queue who's willing to join halfway through.. Once votekicked enough times you can escalate to the AI (always indians) for automated (manual) review.
Also, you don't even have to ban cheaters. Just isolate them to play with each other. Some might find it fun and keep away from the normal players.
Edit: The 'issue' with community server manual review and votekick is you can be kicked for being cracked or garbage at the game legitimately, but TBH at this point you're ruining the fun of everyone else, so you should probably get in another server/match.. Also that premades can have majority, but that's easily solved by reducing their vote weight.
I mean not really, as someone that had been votekicked from many games. Servers with admins does solve this, but has it's drawbacks. But you also cannot have the matchmaking type of game that are popular today.
Back in MW2 if you were the host you could kick players from your game using a cli tool that adjusted firewall rules.
For lobbied ones votekick is great as long as you remove majority vote from premades. So in a 5v5, a 3 man premade isn't able to kick any of the 2 randoms alone.
I remember the misuse of it but it was better than having your only option be teamkilling, which is now punished in all games via reputation systems.
The only thing I don't see this as a solution for are games like Planetside, with massive lobbies. I know they used to have automated detection and manual review by admins teleporting and flying around, usually invisible to sus players. Once we found a bug and got inside the map able to shoot through the ground and in like 15 minutes an admin came, asked us how we got in there and to get out nicely, before he gets us out forcefully :D
Yeah. It’s an erosion of rights that doesn’t solve the problem. You only need one cheater to make a game feel bad and DMA devices or pixel tracking can’t be stopped with these anti-cheats.
Server-authoritative games. Basically the client does stuff, gives the list of moves to the server along with a checksum/end result. Then the server runs the same commands on the same starting state and checks if it got the same result.
If a==b, then everything moves on as normal. If not, the client gets a synchronisation error and has to rewind back to the last known good state.
Completely unfeasible for anything real-time pretty much.
Having done modding for some older shooter games built on the server-authoritative model, it's still possible to create a "pingless" experience, but it requires more calculations and compromises on client/server trust to make it work. For shooters specifically, you want the client to provide instant feedback when the gun fires, and ideally when they hit an enemy. You can achieve this by telling the server "I was at position A and shot my gun at position B and hit enemy Bob." The server will validate all of this before informing the client who fired and the client for "Bob" that Bob was killed. The compromise here is that the server must trust that the client isn't sending forged data, or the server must do additional computations to validate it.
An elaborated version of this idea is called "rollback" where you let the local client predict and execute the game state at time t+1 and will "roll back" the state of the game if it received another game state than the one predicted. Extremely popular and state of the art for 2D fighting games (most of the time the prediction is correct and it greatly reduce the perceived lag) , but probably harder a bit harder to do with 3D games.
You can run a VM using trusted computing extensions for the game. If the VM encrypts traffic, that stops network level cheats. You can still fake inputs/outputs to the machine if you put the work in, but then you can also use a vision model and faked input with actual consoles, so that hole is never going to get patched.
You are looking completely wrong at this. There is no anti-cheat that cannot be bypassed. Period.
You can always run things in a VM, you can always replace your keyboard and mouse with a different device, you can always have your a camera instead of human eyes and have something that recognizes enemies.
Even cheat detection in the real physical world (sports, chess, etc.) is not a completely solved topic.
You can connect computers to other computers so other computers will always be able to control them.
The idea that any (currently realistic) cheat prevention is unbypassable is silly.
> The idea that any (currently realistic) cheat prevention is unbypassable is silly.
The idea that anti-cheats don't make sense because they don't catch 100% of the cheaters is what's silly, who believes that? Not even the people writing these anti-cheats believe catching 100% of them are possible, why are you under the assumption that others think that's possible?
If it removes 80% of the cheaters from the game, the experience goes from "Holy shit lets leave" to "Ok, bothersome, but fine", this is what they're reaching for, not some fantasy utopia that you seem to be under the impression is the target.
I don't think the comment you're responding to is trying to claim that. They're responding to the parent comment asking if there's any way to actually make a Linux anti-cheat method that isn't bypassable and pointing out that this framing isn't really useful because there's no way to make one on any platform that's actually impossible to bypass. Their point isn't about whether it's useful or not to have imperfect anti-cheat but that there's nothing fundamental about Linux that changes the fact that the anti-cheat is going to be imperfect anywhere.
> If people will leave, cheaters will play only with cheaters - problem solved.
Yeah, but it's a bit like the ultimately solution to climate warming; getting rid of all humans on the planet. Fine, it solves the problem, but who is staying to enjoy the solution?
Linux explicitely allows you to do things that makes cheating *really* easy.
There is also complete lack of secure boot and a way to validate that your kernel hasn't been compromised.
I mean seriously, making a cheat for a proton supported game that no anticheat has any hopes of detecting are in 100 lines of a kmod driver and 1 console command: insmod.
On windows you at least need to use scuffed tools like KDU to bypass signature verification requirements and every anticheat can detect you with a simple physical memory scan.
Unfortunately right now SteamOS does not support secure boot or measured boot.
well lack of secure boot is bad wording, lack of vendor defined secure boot.
The worst thing about League was that Riot added it retroactively after years of effort to patch Wine to work with League's weird quirky code. It was the only game that I always remember having a custom Wine build in Lutris even as far back as the early 2010s.
It also would be completely unnecessary if they fixed their servers.
I'm playing through wine (kegworks) on OSX but its no fairytale over here. TF2 over wine literally performs worse than native TF2 on my old dual core 2012 mbp. I'm having to use low resolution configs again. CS2 works OK but there are severe lagspikes that ultimately ruin the gunplay (a little more tolerable when it happens in tf2 but its there too). About the only game that works well in this setup for me is Mount and Blade: Warband. But I mean its a 2010 game... I can't even play bannerlord because of anticheat. Can't play chivalry 2 because anticheat. Can't play cities skylines 2. Most games that do work seem to struggle to get 40fps even on m max series macbooks. I'm not sure where the incompatibility is but its got to be in the software layer software given the specs on those max macbooks.
I just wish someone actually cared about this stuff at Apple. GPTK is not that useful. Rosetta 2 has some serious performance throttling going on somewhere in it (why is native macos cities skyline fps locked at 40fps...). Former mainstay native macos game devs from 10-15 years ago have zero interest publishing for the platform today, valve included.
Cheats aside, are there any competitive games that include Uber-like rating system? Meaning that you'd need to provide feedback whether you'd play with your opponents/teammates again after a game.
Overwatch (1) had something like that. Not sure if Overwatch (2) still has it, or how it functions now.
In higher ELO, people would target good players with "avoid player"^1, effectively soft-banning those people from match making because the pool was small enough. They would still get put in matches eventually but their queues would blow out a lot.
From memory it did not have an explicit "match me with this person" button, but you could thumbs up players in the post-match podium as well as endorse them which may have soft-factored into matching you with them again.
\1 I think it was called this. It was a general "bad attitude" marker, not a "bad team mate" or "bad opponent" marker.
Overwatch (1 and 2) had/have an avoid system, but it only avoids as teammate. Overwatch 1 use to at the very beginning have a system to avoid a player as a whole and they wouldn't be matched in your game at all, but that was remove really early on, as it is easily abusable against good player (I don't want them on the enemy team, they are too good so just get rid of them entirely) and there was a report system anyway for other kinda bad stuff.
Then there is just the endorsement system, which is just a level from 1-5 and you can endorse people you liked playing with. It doesn't really do much in matchmaking but you can't do certain things if you are below a certain level (I forgot what all it was but you can't make (public?) custom games if you are too low and I think text and voice chat could also get disabled if you are too low).
Overwatch 2 has a simplified endorsement system. It's just an optional thumbs up instead of endorsement for 1 of 3 reasons (roughly something like sportsmanship, good teammate, or good leader).
The avoid system is now more flexible. You have 3 pin slots for people you never really want to see on your team again, plus 12(?) regular avoid slots to avoid people for a week at a time like usual. In situations where too many avoid conflicts occur and the matchmaker struggles to create a match (e.g. high ELO), it will start to ignore people's avoid slots in order of (last regular avoid > first regular avoid > pin slots), i think.
Dota 2 comes to mind, they have the commend system. If I remember correctly they added something like this to CS: GO too.
While some anti cheat supports Linux they're mostly useless as you can much more easily bypass them on Linux compared to windows. I guess enabling them for competitive games is one way to increase Linux users.
Main problem with highly competitive games is that you can run them inside a container and have full access to memory.
Most games will share all the data with every client which makes it trivial to display positions of every enemy on the map. It's just convenient for developers.
In games like Tarkov, once you spawn in, your client gets all the information that possible - positions of players, their names, equipment, contents of every single container on the map.
Tarkov is not the best example, because the netcode is terrible, and the architecure is a joke - you can loot everything on the map with a keystroke, and kill anyone with another, but other games are not better.
Even in Valorant, which makes an extra effort to only send data relevant to the player - ie. data about player that you are about to see - you can use that to see around the corners.
The framing of this is, in my opinion, wrong. I'd like to be able to play unranked matches in spite of the anti-cheat system (which is probably a an anti-piracy enforcer) not working. I play games to have fun; yes, cheaters suck the fun out of matches, but so does anti-consumer "anti-cheat" software that impedes playing the actual game.
It will be interesting to see how this evolves. It used to be that game developers could safely ignore Linux. But with a growing number of Steam OS, Steam Deck, and Linux + Steam users gaming, it's going to get increasingly more painful in terms of revenue to be telling those users "our game only works on Windows" and just miss out on the revenue and deal with the angry users, forums full of users complaining the game doesn't work, etc.
It might only be a few percent of overall users. But a few percent of a billion $ is a couple of tens of millions. That's a steep price to pay for anti-cheat code.
Most game devs can continue to ignore linux and trust that proton will work it out.
It's only the highly competitive online games that have this issue. While they make up a lot of playtime, they're worked on by a tiny minority of developers.
> They are still ignoring Linux, hence why Valve is using Proton...
Eh, maybe?
I'd put forth the notion that game devs might be caring how their game works on both Windows and Proton. That is, that they're still using the Microsoft-provided APIs to build their game, but care about how it runs on Linux just as much as how it runs on Windows.
Not really, otherwise you would be getting SteamOS native builds.
It is up to Valve to sort it up, they are the ones that care, otherwise they will need to pay Windows licenses, which is really what this is all about, while pretending to be some kind of white knights.
I don't understand why multiplayer games don't run more on the server. If the server runs the game, then sends to client only what it needs to display the game and play sounds, the client doesn't have more information than necessary and a whole class of cheats is eliminated. There is no need for a client to know where an enemy player is if the player won't be shown on screen (wall hacks). I think World of Tanks runs this way, and I've never encountered much cheating on there.
Some do, but its much more expensive for game companies and adds latency to some elements. Its generally a much harder problem for first-person shooter games - an enemy might be hiding behind a wall but the game needs to know the position of that enemy anyway because the player might move around the corner and see that enemy before the server updates or their game client might need to play noise that enemy is making faintly even if they are far away.
Players of these games are sometimes running their games at high framerates like 240fps which is much higher than the tick rates of these games too.
Plus it doesn't solve all the possible cheats that are out there, as there are some like aim-hacks that don't need any server information to work.
Anti-cheat is a necessity for an enjoyable game experience. If you are a casual who doesn’t care about game integrity, you probably aren’t the target audience.
I don’t want any cheaters in my games. I don’t care if a rootkit is required. Riot has a kernel level anti-cheat and it’s _really_ good. It’s so good in fact that it deters most cheaters from even trying. This is the dream for anyone who wants fair games.
I agree with you, but I think the best solution is just to let people run the game without anti-cheat, but they can only play with other people who also opt-out of anti cheat (or choose to allow themselves to be matched with people who opt-out).
Then people can choose to either accept they have to install a rootkit anti-cheat, or want to risk facing cheaters in return for not having to install the anti-cheat.
> If you are a casual who doesn’t care about game integrity, you probably aren’t the target audience.
Friendly reminder. 90% of games are not competitive multiplayer and don't need any anti cheat to be enjoyable.
My main entertainment is video games and books (no TV) in equal proportions so I'm far from "casual". I play zero competitive multiplayer due to the "communities" being invariably toxic.
Last time I played something like that it was Starcraft 2 when it was new. Enjoyed being called a stupid noob when I won.
Yeah. I've found a nearly 1:1 correlation between "Does it try hard to be 'competitive' or an 'e-sport'?" and "Is a huge section of the playerbase just godawful toxic assholes?".
As the years ground on, I've learned to avoid games billing themselves as an "e-sport" or indicating that they are extremely focused on the "competitive" scene, unless there's something very compelling to offset the asshole players that will inevitably be pulled in.
I wouldn't be able to enjoy life with the knowledge there's a rootkit installed on my machine, developed by the same people that make video games, and hate all levels of accountability, riddled with vulnerabilities that could grant an attacker the same ridiculous level of permissions.
Between Windows being so unbearably bloated and no way to make anti-cheat really work on Linux, it looks like the consoles win!
On Xbox at least Keyboard / Mouse support is decent. I played Fortnite and Minecraft this way for a while.
Personal preference, but I'd far rather have a separate device dedicated to gaming than my kernel hacked by anti cheat.
https://www.purexbox.com/guides/all-xbox-games-with-mouse-an...
On my PC I can play basically every game ever made in all of human history, minus maybe 7 that use kernel level anti cheat, and a couple PS5 and PS4 exclusives.
Other than that I have emulation plus a steam library. I'll take that over a locked in console that can only play 2 generations of games any day!
Edit: I'm not sure why the person who replied to me asking about emulators was nuked, emulators are still legal everywhere as far as I know. Anyway tldr go check out emudeck's GitHub repo to see a good list of emulators for basically every platform.
This is a big, missing piece for sure. I suppose for competitive games though, it's okay to not be able to mod, and for everything else, we have PC's.
But can it run Crysis? No. Not on Linux :-(
I actually really liked Crysis for its open maps where you can approach a goal using different tactics. It had a lot of flaws and I hated the alien ship along with everything after as it was way too linear. Though I really want to play it again but alas, no more Windows for me.
Actually, ProtonDB indicates Crysis runs just fine on Linux.
As someone who never plays online games with randos - mostly single player, or multiplayer with friends -
I cannot stress enough how much I do not give a shit about anti-cheat, and how thoroughly fed up I am with poorly conceived and ill executed malware being installed on my computer, holding games I own hostage in the name of stopping cheaters that I don’t care about it.
Anti-cheat should be opt-in.
One would hope that Microsoft will eventually revoke kernel access to these companies (see, Crowdstrike incident) eventually forcing game developers to support Linux for many popular online service games and actually stop being so lazy with anticheat. Somehow a smaller studio like Embark managed to make Arc Raiders compatible with Linux. I have 95 hours into the game and have not encountered 1 cheater. Yet a mega corp like EA can't possibly afford to support BF6 on Linux because of kernel anticheat. I put only 10 hours into bf6 and got killed by aimbots three times.
Are they? Cheats for games like Fortnite, CS (Faceit), Rust, LoL have become very expensive (100 USD per month are not unheard of) or require you to purchase special hardware.
And I have yet to come across an anti cheat driver of the big publishers (EAC, Faceit, Javelin, Vanguard) being exploited and allow access to r/w kernel memory. It is more likely that the driver of some hardware is being exploited for, rather than anti cheat drivers.
Personally, I only remember the ac driver of Capcom ever being exploited. Compare this to the dozen hardware/av drivers which were exploitable, like the Intel LAN utility driver, ASUS IOMap64, MSI NTIOLIB or that one Razer driver. Oh, and CPU-Z and the Avast Hypervisor driver were exploitable too and allowed r/w on kernel memory. These drivers are way more likely to be weaponized than ac drivers.
I remember the anti-cheat of Valorant being exploited where basically the hackers could turn a bug in the game code into full kernel-level root access via the anti-cheat.
Video games are not engineered to withstand sophisticated hacking attacks which is fine mostly since the bad guys can only use their access to cheat - in this case they could fully compromise your system thanks to the kernel access of anti cheat
The thousands of RGB drivers from the various manufacturers that are just copy+paste jobs on RWEverything is actually disgusting and Microsoft letting that just happen is a serious problem. Ah yes you added AES to your IOCTL very secure! I'd say the only reason that these drivers haven't been exploited is because of the insane bug bounties in place. There are also other big issues in games, see the whole hack with Apex Legends lmao
It's a perfect litmus test as far as I'm concerned. If a company believes it's ok to put things like that on my machine, I don't want them anywhere near it, even if they were to "compromise" to work on Linux. Relying on a users machine to snitch on them is dumb at every level. Fix your hearts or die.
Well, that's just silly. Hook up a Raspberry Pi as your keyboard, mouse input and video output and all the anti-cheat fails. Same (largely) for VMs, same for many emulators.
And if nothing works you can always build a robot pushing mouse, buttons, etc.
Of course you can raise the bar, but if anything has been shown it's that cheating is not something that anyone has been able to prevent yet.
In many situations you can also interfere on the packet level. Of course maybe you need to extract some key, but in many situations that's not exactly hard. And then you can hook something into network.
They already do this. Including peripherals which appear as an actual mouse, but they are there only so that cheat software can take control of the input without modifying the game memory. There are cheats which run on a separate machine and access the game memory via a dedicated DMA card (which itself presents itself as an innocent piece of hardware). Note, this can still be detected either via detecting the DMA card itself, or eventually these shenanigans will be killed off by IOMMU.
Unfortunately, there are also plenty of offerings which do not touch the game memory or process at all, and work purely based on image recognition and these days they actually use AI that is trained on specific games. I have no idea how they plan to detect these. All the cheat needs is the video feed and the ability to provide input via mouse and keyboard, and as you say this is trivial to do in a way that is entirely undetectable.
Is there really no way to make anti-cheat on Linux that can't be bypassed? I don't know much about this, but it seems very difficult to make an anti-cheat for a platform where you can make changes in the kernel.