Valorant

[The Ugly One]

I'm now repeating the same post over and over, and nobody has an argument for it, so one last time -

As attackers get more sophisticated, newer computers and operating systems have increasingly sophisticated anti-malware technology. Some of the most advanced technology looks for malware based on signature behavior. I.e. there's a well-defined set of things that legitimate software & hardware is not allowed to do. It's not probabilistic. It's deterministic.

Old malware defense: If you are this executable, you are not allowed to run.
New malware defense: If you wish to run, you must do X and are forbidden to do Y.

This means that even if what you are doing is technically not stealing credentials, hijacking a computer to mine bitcoin, etc, if your software or device breaks the rules, it will be locked out. Everyone who makes software & hardware knows what the rules are.

The most sophisticated cheat software & hardware behaves exactly like malware. The most sophisticated anticheat software basically rides on the enterpise-grade, system-level anti-malware defenses and tells the system, "Hey, look at this, it's behaving like malware." The system neither knows nor cares why something is breaking the rules. It determines yes, the rule has been broken by the thing, this thing is not allowed into the system any more.

There are some of you arguing, essentially, that it should be against the law for software to alert the system to malware behavior, rule-based malware defense should be illegal, and that it should be against the law for the system to quarantine devices and software that break its rules. What I'm not hearing from anyone is what should be allowed. How do you think computer security should be allowed to work in the 2020s?

e.g.

Anyone that supports this is less than a slave and forfeits their human rights and dignity.

Then stop complaining and explain what you think right & dignity-respecting security looks like.

 

[Judex Meus]

For those who don't know what kernel anti-cheat means, it's that the anti-cheat software runs ring 0 - "as an administrator" for you windows fags. Whenever you see a popup that asks you for your password on Mac or Linux, or asks to run as admin that's typically something running as a superuser/administrator - aka ring 0. Which means that basically gives the AC access to your entire computer and by extension the hardware. If you've ever heard of viruses or exploits causing "privilege escalation," that means a hacker figured out how to get the operating system to grant ring 0 access to a program that shouldn't have it. Every operating system has guardrails in place to ensure that average apps like your grandma's word processor isn't going to do something like format your hard drive. Not so with kernel anti-cheat - it's effectively a virus that you're allowing to run on your computer so you can play vidya.

Aside from the security implications it's also extremely fucking lazy on the developers' part. Most apps and software besides system processes have no need to run at ring 0. There are plenty of anti-cheat and anti-tamper solutions out there that don't rely on having kernel access. For instance - on mobile devices it's usually impossible BY DESIGN for an app to get ring 0 unless your device is rooted or jailbroken, yet most major apps like banking or popular games still have fairly robust protection against hackers and reverse engineering. Kernel anti-cheat is, in other words, the developers saying "nah, we don't want to play by the rules set by the OS, we're just going to do whatever the fuck we want." Which, of course, results in bullshit like this where they're far more likely to fuck up your computer because it's literally running with the same privileges as critical system services.

 

[Justsomecicada]

@The Ugly One have fun when your pc gets bricked for wrongthink idiot boomer

You are a born slave, why don’t you go back to shilling for digital ID

 

[some dumb cunt]

The problem here is that we all know that slopes tend to be slippery.

and all the slopes have to start somewhere, and thats because people tend to agree that certain measures are beneficial even though further down the line they could result in negative consequences.
take niggers for example, things went from gathering cotton to the modern pavement ape - and yet even on the farms i bet some people will say that the abolition of slavery and segregation werent mistakes.

I don't blame people for sperging about the tweet regardless. These faggy PR managers (often specifically people in game development for whatever reason) need to learn that they'll never be the next Wendy's and people aren't going to buy your shit just because you're a smug asshole on a business account.

wendy's brought sass, this is sass and a rather exquisite technical own - i feel more nerd pride from it than i do corpo faggotry.
they are toeing the line for now, if ever Their shit leads to a fuckup - trust revoked, etc. but for now they fucked cheating scum only and from my understanding this level of system access depth is necessary and unavoidable to fuck with literal cheating hardware.

 

[Indrick Boreale]

Serious question, what should Windows be allowed to do when it detects an unsigned device is spoofing a legit device and trying to hijack another program's memory?

It's my problem, not Windows'. Windows can warn me - it does - and I can tell it to go fuck itself. That doesn't seem to be the case here.

And also:

There are some of you arguing, essentially, that it should be against the law for software to alert the system to malware behavior, rule-based malware defense should be illegal, and that it should be against the law for the system to quarantine devices and software that break its rules. What I'm not hearing from anyone is what should be allowed.

That's not how the law works. Anything that the law doesn't explicitly prohibit is allowed. And it should be illegal for any game, Valorant or no, to have the same level of privilege as your O.S. so it can do whatever it wants to it because the players may do X or Y shit the devs don't like. It's an anti-consumer practice, and devs that do this should be hit with the book to its full extent.

 

[some dumb cunt]

on mobile devices it's usually impossible BY DESIGN for an app to get ring 0 unless your device is rooted or jailbroken, yet most major apps like banking or popular games still have fairly robust protection against hackers and reverse engineering. Kernel anti-cheat is, in other words, the developers saying "nah, we don't want to play by the rules set by the OS, we're just going to do whatever the fuck we want." Which, of course, results in bullshit like this where they're far more likely to fuck up your computer because it's literally running with the same privileges as critical system services.

thats the benefit of android youth and development guidelines, and also the rarity of hardware cheats.
windows is well known to everybody on the planet to be a piece of shit, so the cat and mouse game that android contained by design escalated on windows over twenty years ago, with drm next to cheating, and the modular pc system allows for hardware attack vectors far beyond usb which would require constant vigilance and competence from microshit - lol, lmao even.

 

[Spud gun]

So if I understand correctly it's not as bad as bricking and mainly done by triggering a flag that already exists on Windows.

It is far from as dramatic as people are making it out to be, Valorant's anti cheat snitches on the cheat card to Windows, and its Windows own built in software that is disabling it.

1. Anti cheat sees the cheat card pretending to be a normal NVME drive, which is how it bypasses normal detection.
2. Tells Windows security that the card doesn't look legit
3. Windows checks and realises the anti cheat is correct
4. Windows prevents the cheat card from operating.
5. Because Windows has "blacklisted" the cheat card it requires removing from the PC, then flipping a setting BIOS and reinstalling windows.
   
   Anyone spending 6 grand to cheat in an online game is a massive nigger.

 

[Psyker]

Then stop complaining and explain what you think right & dignity-respecting security looks like.

It's always the same argument, isn't it? Someone is bending the rules or abusing something and that's the valid* excuse for everyone suffering some new, invasive rule as a consequence. It doesn't matter if it's the Patriot Act, gun control or allowing a video game company to zap your PC like a wizard for suspected cheating.

Would you like to know the "solution" to cheating in online games?

1. Make everyone realize matchmaking ranked MMR bullshit is gay, manipulative and pointless.
2. Allow players to host community servers where they can ban people (like cheaters) and foster communities.
3. Ban places like Russia, China and India who wouldn't allow you to sue people developing harmful software.
4. Sue people who develop harmful software.

*retarded

 

[False and Misleading]

explain what you think right & dignity-respecting security looks like.

No company should not be able to determine legitimacy based on what's running on MY machine, only via data reaching their servers.

Kernel-level anti-cheat is bad enough, but now it's a serious issue where a piece of malware can simply report an arbitrary device in your PC and blacklist via Valorant. Crypto ransom? Whoops! IOMMU will blacklist your main drive except for a partition to display the ransom screen.

Of course this can all be solved by not being a Windows cuck or playing Chinese malware games, but I still have sympathy to those people.

 

[The Pulverizer]

W CS:GO. W DOTA 2. By the way, Riot fags will keep playing on that garbage platform anyway.

 

[fml]

What if next time it's not even a jeetcode error? I can't think of a much better way for a bad actor (state-sponsored or not) to get access to a bunch of high-powered PCs for malicious purposes at once than managing to hijack anti-cheat software for a game.

Spoiler alert: it has already happened

Google Summary:
Genshin Impact's kernel-level anti-cheat driver (mhyprot2.sys) suffers from a severe local privilege escalation vulnerability (CVE-2020-36603) that allows unprivileged users to execute arbitrary code with maximum SYSTEM privileges. Because the driver is legitimately code-signed by Microsoft, threat actors and ransomware operators have weaponized it to kill endpoint protection and antivirus processes from kernel mode.

All of these drivers are a ticking time bomb waiting to go off. If Riot starts doing shitty Jeetcode or releases a bad update that's exploitable, it will be exploited.

RE: Crowdstrike

1:18

 

[MetokurGroomedMe]

People here saying "It's not a big deal," are essentially relying on the idea that some major game dev won't also just go full nuclear one day and program their game with that kind of access to also, say, do a screen grab to read chat logs if it detects discord is open and if the game thinks you're a racist chud, it does whatever it can to do the most damage, potentially more damage as more and more people allow further and further invasice anti-cheat.

In the name of security, many people rush to hand over their ability to to do what they want with their hardware. I'm of the opinion that cheating in a fucking video game is nowhere near a justification, in any universe, to even CONSIDER touching hardware. I don't care that in these cases it's hardware bought to cheat.

One day it will be worse, because none of this shit in the arms race existed 20 years ago, and I can promise you there are ways to punish effectively punish cheaters in shooters without needing to affect their hardware.

 

[I HATE THE ANTICHRIST!]

Can't we hate both riot and the fags using hardware level cheats?

This feels like two different specicies of vermin fighting.

Yes but no
Yes, people cheating in video games are subhumans.
But by saying "well yeah their PCs got bricked but it's because they cheated!" you are implying that there are situations where a private company bricking you computer for breaking their TOS is justified, there aren't.

 

[Gobermental Supervisor]

I 100% support bricking cheat hardware.
Anyone claiming that "there will be a big lawsuit and they have to pay millions!" is totally retarded.

Destroying your own hardware, by running software that explicitly prohibits the use of that type of hardware, is karmic justice.
If you do not want to be subject to the TOS, do not play the game. Easy.

 

[StacticShock]

I don't know, chinks. Doesn't seem like it was very secure.

no lefunds gweilo.

still, this is fucking gay but nothing will be done because chyna, you can't sue a chink company in china and expect it to work, riot might get a class action due to privacy shit alongside the IP leak? probably, but probably on EU courts since US jewdicial system is more about the money rather than being right.

you are implying that there are situations where a private company bricking you computer for breaking their TOS is justified, there aren't.

this, same shit as south korean niggatry where companies ordered the arrest of a few cheat developers, not goberment, companies.
no power like that should be granted to them, ever.

 

[Gobermental Supervisor]

privacy shit alongside the IP leak

Nothing will happen. The user can change the IP.
If he lives in Europe he will usually get a dynamic IP on dial-up and anyone having that means nothing.

I can click the reconnect button on my router right now and get a new IP.


If you do not want your machine to die, don't install shitty chinese cheat hardware. It is this hardware that bricks your machine.

 

[quaawaa]

I have a friend who plays at mid to high elo and his games still have cheaters and looking at his replays I'm inclined to believe him, granted it's slightly less compared to other games with weaker ACs. All this dick measuring that riot does on social media is just a distraction. People like to claim that everything is fine but there is still firmware out there that's undetected (to my knowledge) if you are willing to shell out the cash for it.

If they ever stop DMA devices, cheaters will just move on to small computers that take in an HDMI feed (HDCP is supposed to stop this but it's been cracked forever and you can always just use a camera instead), run an computer vision model on it, and pretend to be a USB keyboard and mouse. That sort of aimbot is completely undetectable outside of behavioral analysis, which doesn't require an invasive anticheat.

 

[Indrick Boreale]

Ban places like Russia, China and India who wouldn't allow you to sue people developing harmful software.

Feels like the videogame industry everywhere is now catering to China and India.

No amount of money is worth bowing down to pajeets or giving the Chinese access to your data.

 

[fml]

If they ever stop DMA devices, cheaters will just move on to small computers that take in an HDMI feed (HDCP is supposed to stop this but it's been cracked forever and you could always use a camera instead), run an computer vision model on it, and pretend to be a USB keyboard and mouse. That sort of aimbot is completely undetectable outside of behavioral analysis, which doesn't require an invasive anticheat.

Idk what it is with val specifically, but people go insane lengths to cheat there and it's always some dogshit chinese device rebranded and sold for 1000s of dollars. Like if you want to cheat in a game that badly just download legit any other PVP game other than BF6 and just pay 5$ for an external (It's chinese anyways).

 

[StacticShock]

Nothing will happen.

nothing will happen because china, not because it's something so fucked up that a game company shouldn't fucking do.
the rest of your post ignores the point of fucking video game companies needing to have a new asshole tore on them for doing that.

If they ever stop DMA devices, cheaters will just move on to small computers that take in an HDMI feed (HDCP is supposed to stop this but it's been cracked forever and you can always just use a camera instead), run an computer vision model on it, and pretend to be a USB keyboard and mouse. That sort of aimbot is completely undetectable outside of behavioral analysis, which doesn't require an invasive anticheat.

it's a eternal cat and mouse game, still, going back to dedicated servers so shitters and cheaters get B& would be so much better but no, we need the faggoty server centralization of modern gayming for some gay reason.

Feels like the videogame industry everywhere is now catering to China and India.
No amount of money is worth bowing down to pajeets or giving the Chinese access to your data.

i mean the western video game industry is focused on idpol shit, something chyna and india don't give a shit about, not to mention 1b+ people which translates to alot of sales but yeah you are right....

Idk what it is with val specifically, but people go insane lengths to cheat there and it's always some dogshit chinese device rebranded and sold for 1000s of dollars.

valo is chyna basically, similar to genshin chinkpact in a way, CS2 and DotA2 is for the ruskies even though embargo o algo.