the problem isn't that anti-cheat exists, its that they are not as secure as they should be and also that they ask for more access than they should have. it would be analogous to a website requiring you to give your phone number and credit card just to load every page so they could verify you're not a bot. the problem isn't that websites exist or that they have anti-bot systems, its that they don't need nor deserve to have that much control over your data just to do what they aim to accomplish.

@kenkensistoso

Жыл бұрын

there's a reason why in IT, we practice least privilege

@-_-_-_-_

Жыл бұрын

The real problem is that these anti-cheat programs are all proprietary. If they were free software, I would have no problem installing them (first obviously skimming through the source code).

@BAGG8BAGG

Жыл бұрын

@@-_-_-_-_ exactly we need open source standards for cheat software, allow the masses to design and counter a massive problem.

@FrazzaJ2000

Жыл бұрын

​@@kenkensistoso haha, why we SHOULD practice it. Usually it's not followed very well by IT...then Security hounds them over it :D

@kenkensistoso

Жыл бұрын

@@FrazzaJ2000 haha, should've said we practice it most of the time

The trade of system security for game integrity isn't a trade that most people make. It's a trade that most developers make on behalf of and unbeknownst to their customers, because let's be honest how many people are really going to read the details specifications of every single 3rd party license when installing a video game they paid for? I'll wager 99 % of users who receive a windows admin pop-up when installing a game simply assume it's because the executable needs admin permissions in order to write to the disc - not because they're perpetually giving the software they're installing permission to run in the background with above-admin level permissions.

@idontcare9041

Жыл бұрын

That's really a big problem. It's the same with accepting EULA's and lawmakers know this so if a company puts something unexpected in it you're not contractually obligated to it. We really need the same for installed software. The business practice to just include shitware in any install process should be illegal, the same for popups and whatever else... for the most part the law doesn't really address any of it

@Human_Decoy

Жыл бұрын

Won't change till a mass exploit occurs and the anticheat software developers get sued. The developers probably won't even lose the lawsuit but if it gets media coverage it'll change the industry perception.

@user-yd5dx5hw4x

3 ай бұрын

if you care this much about system security. You shouldn't download the game, if you suspect the company will steal your info with the anti cheat software, the application is already enough to do EVERYTHING.

@II-se9cr

3 ай бұрын

​@@user-yd5dx5hw4xlol, not like kernel level access 😅😅, its not the same thing. With kernel level access the application and anyone who gain access to it has the permition to do anything on your system, like accessing other aplicantions on memory in real time. Lol i suggest that you search about it before making this comparison

@II-se9cr

3 ай бұрын

With kernel level access even encryption is useless, because the rootkit can read your keys from the memory 😅😅😅

holy fuck that kid shitting in the pool analogy had me crackin up. I almost spat the water i was drinking.

@awal7994

Жыл бұрын

Thank God you didn't shit in the water you was drinking

@artemsheen8064

Жыл бұрын

@@awal7994 amen brother

@semuta2752

Жыл бұрын

POOL DOODY!

@bibsp3556

Жыл бұрын

Teaches you not to drink from the pool

The dirty secret is that many games use anti cheat simply to avoid having to implement proper server authoritative design. Some games like Fps genre have valid reasons to prevent client side cheating, ie aiming and seeing others behind obstacles. Asian games are the worst especially mmo's. Instead of proper client/server design they use anti cheat and/or rely on analytics to catch players after the fact.

@metallibuss

Жыл бұрын

100% this. I can understand people accepting the risk with something like a shooter where you don't have much choice - but even then, it likely doesn't need to be ring 0. But MMOs and other games claiming this is just straight laziness from devs. Most non-FPS games just use it as a cheap off the shelf system to avoid actually building more effective and appropriate solutions leveraging server authority because it saves money and the market has shown that gamers are willing to install ring 0 security holes anyway.

@ferinzz

Жыл бұрын

@@metallibuss so much this! They'll have an anti-cheat in their game, but make it possible to deposit a negative amount into your bank account, which just gives you free resources because... removing a negative ads to your stack. But the goal has always been less about preventing in-game cheats rather than preventing users from having multiple accounts running at once.

The issue here is that the game companies are putting clients at risk in order to prevent a problem on their end. The anti-cheat developers should use a different method that doesn't make user's vulnerable to begin with. The developer's are the ones responsible for maintaining the games, and they can't do it at the expense of the players, protecting the game from hacker by making the players vulnerable to hackers is ridiculous.

@dieSpinnt

6 ай бұрын

This type of anti-tamper/cheat protection is a root-kit. A root-kit. IT IS A ROOT-KIT!!! A debate is just superfluous. YOUR choices are the important part here: This technology is not transparent (by design ... obviously). If you have problems with that ... don't play the game. Also by design this piece of software has more control over YOUR HARDWARE than the administrator account. If you have problems with that ... don't play the game. The software is controlled, updated (for good or the worse) and operated remote, from someone you don't know from afar. If you have problems with that ... don't play the game. (list goes on and on and on, you get it) BY DESIGN this type of technology shares the same problems as anti-virus snake oil: It is always a race between malware(here cheats) authors versus security engineers. The "bad guys" are ALWAYS (by design) one step ahead. THE DESIGN of giving the potentially "bad guy" FULL ACCESS to the protection device/software, behind the "bad guy's" closed door, in his mad villain laboratory (comedic vibes intensify), to tamper with is comedic enough in itself:) That the root-kit is produced by a third party (from the view of the game developer) is seen as a quality feature by them, while in reality they just know nothing, like the consumer, about anything. It's the industry-proven "Out of sight. Out of mind." seal of quality. Hehehehe A big problem is of course that you 12 year olds (hey you ... 30 old cave-crawler ... you are addresses, too:P ) think that you are entitled to play that game. You are not. And no one hatches a conspiracy against you, if you cannot play a game for whatever reasons. For example it is out of any debate that I install a piece of software that gives arbitrary strangers control over my intimate, personal and private actions and data. Does it hurt that I cannot play the newest graphical, hyped, better than a slice of bread BS game? Yeah, maybe a little. But that's LIFE! There is a decision you can make: Install the root-kit, or not. One side will maybe hurt you ... with consequences for the rest of your lifetime. The other path of choice will hurt the right ones, at the only level they understand: the quarterly figures of the company. Maybe the NEXT game then will be without snake-oil and the money for this highly problematic "protection system" will be invested into making the game better. But that is wet dream of us gamers and probably -science- management fiction. Have a gg! P.S.: A well proven mitigation against cheaters in-game is moderation. This will cost money (Oh, and this is an ongoing item that costs money) for the company. Well, that simply contradicts the goal of getting the most out of us players, i.e. maximizing profits. We are figures. Just figures for them. Hey and I do not talk about the honest game developer or the enthusiastic artist and writers. Somewhere up the food-chain in that company (and in no doubt from the view of investors) you are just a number in their income books. Oh, and we all voted for exactly that. We deserve how the environment for games, publishers and developers is nowadays, because we enabled it to be exactly this way. But in the exact way we can change it. Vote with your purchase ... and please ... do not think with your guts. There is too much BS in it, hehehe! Gamers Unite! Fight against StarForce!!!

@timothylloyd4625

5 ай бұрын

@@dieSpinnt Moderation isn't the solution for all games and is generally only applicable to games where third parties/players/clans host the servers (Minecraft, Valheim, Battlefield 2, COD before they got rid of hosting) and front the cost of moderation, and subscription games where the cost of active moderation is offset by player subscriptions. Free-to-play games like Fortnite and Apex Legends can not put all their eggs in moderation as it is too expensive and they will eventually go into the red without a predictable flow of income to pay for moderators. I wish more games had player/clan hosted servers like back in the day so moderation is done by the players who are invested in the game and the health of their server, but this isn't possible right now given companies want to sell you their microtransactions so they need a way to secure it. So really the root cause isn't lazy developers, it is the publishers who want to continue to sell you stuff and make sure you can only use the stuff you purchased. Protecting against cheaters is just the message they want you to chew on and forget about their stake in ensuring users don't modify code to spoof in-game purchases. Why is it you think once microtransactions started happening that self-hosted servers just up and disappeared for games? Publishers are way to big and you won't be able to get enough clout across their catalogue of games to actually make them rethink their strategy. What it will take is some hacker who'll blow up everyone's systems with these kernel level anti-cheats which will get people's attention about the issue OR players can't play anymore and the publisher's quarterly reports take a nose dive because microtransactions can't be bought. Or both! Or none of this will ever happen and we'll always have kernel level anti-cheat systems and something worse will happen, who knows!

This is exactly why I've gone to play more single player lately. It's simply way more calming, and I don't have to worry about cheating.

@Sharticus94

Жыл бұрын

Yet some single player games do in fact have this bullshit looking at you doom

@SleepyFen

Жыл бұрын

@@Sharticus94 Some do, yeah. Plenty don't, though, thankfully.

@midian879

Жыл бұрын

This is why I skipped Fallout 76. Also cause it’s crap lol

@maramba32

Жыл бұрын

Anything PvP related will always have cheaters. For consoles, idk if their are cheaters

@mstke5031

Жыл бұрын

@@maramba32 if you watched the video, close to the begining, Echelon is at an article telling that there are cheats on console

Anticheat should've stayed on the server side and it shoul have never even been considered installing it on the client! Rule no. one in networks is always "don't trust the client" for a reason.

@reimu8454

Жыл бұрын

@@GENKI_INU stop talking about stuff you dont know shit about

Security is less of a cat-and-mouse game and more of a desperate chase after the hackers and attempts to find vulnerabilities before they are exploited. The hackers are usually ahead - many of the vulnerabilities are found and no one knows for how long they might have been exploited, others are found after someone exploits them and gets found out. With anti-cheat, the problem is that the people who write the kernel-level stuff for the anti-cheat are possibly (maybe even probably) not people who should write anything that runs in ring 0 ever.

@sirkana

Жыл бұрын

true

@neotower420

Жыл бұрын

what is ring 0

@Ralki

Жыл бұрын

@@neotower420 When the Kernel loads. Before the drivers, OS, Apps, etc.

@Operational117

Жыл бұрын

@@neotower420 To put it simply: Ring 0 is basically the key to the castle.

@aitakaitov7312

Жыл бұрын

@@neotower420 The general idea is that when you have an operating system that runs user applications like web browsers, you don't want the user applications to be able to access parts of the OS. There are actually 4 rings in total, 0 - 3. Some older operating systems used more of them but now they mostly use only 0 and 3 - 0 being privileged and 3 being unprivileged. This is also supported on a hardware level in the processor. The processor checks the privilege level of the process (program) that's currently running and if it tries to access for example OS memory and does not run in ring 0, the processor does not perform the operation and throws an exception, which the OS can detect and react to. This whole mechanism provides protection to sensitive stuff on your computer. The problem is when a vulnerable piece of code runs in ring 0. Then this code can be exploited and the attacker can obtain ring 0 privileges through it. Anti-cheat software is not the only kind of software that's problematic. Device drivers can pose a similar security risk - since drivers usually interact directly with hardware such as SATA disks they have to run in ring 0 in order to be efficient (this is not a rule, drivers can run in ring 3 as well) - switching from ring 3 to ring 0 takes additional instructions that take time to complete and you want your SSD to be as fast as possible. The difference between device drivers and anti-cheat is that I'd trust a person who codes device drivers more than people who code anti-cheat software. Many drivers are open-source as well (on Linux, at least) which makes finding vulnerabilities easier as they can be peer-reviewed by anyone with enough expertise to understand them. I don't think anyone would open-source an anti-cheat software as that would defeat its purpose.

I had halo 1 for the pc, i still remember it till this day i had a geforce 3 at the time and my graphics card would make the person with stealth match the color of the skybox so they so i could see them across the map as plain as day i alway found it fun sniping them. When i explained the situation and the graphics card limitation got called a cheater... I remember when gaming card manufacters werr behind cheating cause some would let you go into wireframe mode which were essentially wall hacks

@Ralki

Жыл бұрын

My own experiences: TNT2 + Flyff = Some wacky form of wallhack. Asus x800 + Rising Force Online = Detect incoming enemies because the game froze a second to load some textures.

@Akary999

Жыл бұрын

@@Ralki That happen with Dark age of Camelot for me you new the enemy was approaching cause you would get an fps dip

My main issue with anti cheat is that a lot of the time I've found that it takes up extra CPU power for little to no benefit as even with games that have multiplayer modes (Dragon Ball Xenoverse 2 for example) I play predominantly in the single player mode so the anti cheat is taking up resources for no benefit. I also do not like software like that having higher access to my PC than me, in fact I'm of the opinion that once you buy a pc you the end user should have access to everything in your pc which includes kernel access.

@ASDASD-zh7vx

Жыл бұрын

The end user can have acces to everything. Only normies don't have full access because they don't understand how their operating system works as well as those who use a very limiting OS.

@diablobaal8738

Жыл бұрын

It's good as it is, people who don't know the system shouldn't have access to all its potential. Imagine guys updating their expensive motherboards with the wrong bios version. So now all those expensive motherboards have dual bios just in case dumb gets to the core.

@brodude9208

Жыл бұрын

You can self-sign a driver and run it on your system if you want to. You can also disable signature enforcement. You can abuse a vulnerable driver to run code in the kernel. The anticheat doesn't have higher privileges than you do. Also, you wouldn't have the same issue with graphics drivers or antimalware software which also run in the kernel. That being said, the negligence of security is a big problem for anticheat software, especially with the ones that aren't distributed with many games. For example, there was a driver shipped with the Brazilian version of Faceit (can't remember what it's called) that allowed read/write of physical memory. It wasn't really even an exploit, it was just how the driver was designed.

i feel like most people don't realize that the moment they connect themselves to any kind of network, they are opening themselves to risks and abuses, it's doesn't matter if you use the best products for your usage, there will always be vulnerabilities, it's just a matter of how determined the hacker is

@wochda429

Жыл бұрын

True... It's like with door locks, it's only there to prevent easy access, but if someone really wants to get in there, he will

@1LuvMLPFiM

Жыл бұрын

The only 100% way to be risk-free, is to NEVER use the internet at all. I guess...

@metallibuss

Жыл бұрын

@@rasmachris94 That's definitely an exaggeration. A home is a physical space and there are enough physical tools to break through any home materials. They can just brute force their way in. Tech doesn't work the same way. If I setup a desktop and don't connect it to the internet, try as they might, a hacker can't just will their way in. Connecting it to the internet and installing an OS can open some doors, but not all doors are created equal. A system with things like EAC installed are just hands down much more vulnerable and more likely to have holes that can be exploited than ones that do not. It's not like once any one hole exists, the whole system is compromised - the more holes you put in, the more hacks you are prone to - not all holes/hacks are created equal.

@odisious4784

4 ай бұрын

​@@metallibussI will reiterate. The only safe pc is one that is not connected to the internet and behind a locked door. Even then sneakerware could be a concern

Isnt the genshin just false, it was a discovered vulnerability through a complex and convoluted workaround that would be hard to achieve. And it was found at a cyber security convention, not used

@mrjones2928

Жыл бұрын

the guy in the vid did not do his research good enough lol. There is a vunerability yes, but it was found by a researcher and so far there hasnt been a big case with i yet as far as i can see

@sadpepe9256

Жыл бұрын

It is false, he just hates the game so he doesn't bother to do his research properly.

@lordhughmungus

Жыл бұрын

I had never heard anything about this so I just found a Vice article, and according to that you'd have to download something that would give hackers remote access to your computer in the first place. On top of that it said you didn't even need the game installed, because once they had remote access they could just directly install the anti-cheat themselves and then use it.

@sadpepe9256

Жыл бұрын

Exactly, it's not got to do with the game, it was the issue of Microsoft approving Genshin's anti cheat as safe or something and hackers simply used it for their purposes. You could get hacked simply by being on the internet.

@mrjones2928

Жыл бұрын

@@sadpepe9256 99% of these type of videos never really does their research because they just to shit on genshin just because they dont like the game

I've had 2 hackers in the same pubg game a few months ago and it was hilarious. They actually kick hackers out in the middle of a game now and we see somebody get booted and thought we could have a nice game but *NOPE* somebody else just starts popping whole squads with the SKS again lmao

I used to make simple bots for MMOs for grinding using C++ and low level WinApi calls. There were MMOs which had functions like select closest target and auto attack(not WoW), where I would put the game in window mode, capture certain areas of the screen then send key presses using the keyboard driver. The bot would basically "press" the select the next target key, "see" if a health bar appears, "press" attack(s) keys, monitor the health bar or status log (eg: You gained xxxx XP), "press" the pick up items key for x times every random 200ms to T seconds between, "press" select next target again, check if a new health bar appears and so on... These kind of cheats are very hard to detect because the cheat program doesn't touch anything related to the game (does not read memory, does not inject anything into the game process), it just captures the screen and sends input through the keyboard driver, at which point is basically impossible to detect if the human pressed the button or not. In most cases, anti-cheat hides bad programming - exposing too much data to a client that "might" need it and the servers accepting user input without validating that input, because they relay on "client-side" validation. I get it that in some cases server-side validation is too expensive and would be game breaking - it was in the past atleast (eg: for shooter games) - maybe for those cases Ring0 "anticheat" programs would still be useful? Don`t know. Anyway if I was an online game developer company, I would invest in training an AI model capable to flag suspicious behavior both in client inputs and also in server received messages. Having a catch all solution "anticheat" with basically godlike - install / kill - capabilities is not a good solution because it will not stop cheaters - there will always be a way to exploit some aspects of a game to gain unfair advantages also adding the possibility that those "anticheats" could be exploited by some malicious entity. My 2 cents.

If I remember right that ransomware case had only anticieat driver part with ransomware program so you didn't need to have kenshing on that machine. I think there was request to search if you have those driver files on local system without link to kenshing then your system was compromised and waiting for commands.

@Toberumono

Жыл бұрын

You remember correctly. There wasn’t a request - the attack required a pre-compromised account, which would include permission to download files to the user’s own directories while seeing a sudden request for a Genshin file from outside the game’s install directory (which the attacker wouldn’t normally have write access to, iirc) would be a super obvious tell for antivirus software.

Valorant has one of the sketchiest anti-cheat systems to date (Vanguard). Literal rootkit that gives kernel level access to your PC.

@Voidwatcher

Жыл бұрын

Which is precisely why I never installed it and other games with similar anti cheats.

@danyo6938

Жыл бұрын

@@doublejesusful The difference is Riot Games is 100% owned by Tencent.

@115DELDE

Жыл бұрын

@@danyo6938 Doesn't matter who has sketchy kernel access. China, the EU, or the U.S will abuse this power and abuse your personal information. Do you think Facebook, who isnt even a video game company, or have anything with anti cheat, care about you? They know everything there is about you, and thats without having acess to your computer. So just letting you know, that a company doesnt need to have kernel level acess to your device to know you.

@cz_Angel

Жыл бұрын

@@doublejesusful absolute copium 💀 who said it was unauthorized anyways? Just because you “accepted ToS” doesn’t make it not shitty lmao

@IronwolfSOF

Жыл бұрын

@@115DELDE sure but you know we have people fighting this because we have a constitution.. and rights . It’s been in court for years.

I used to be able to use vlc on top of a game to watch a movie while doing boring tasks in a game but due to anti cheat its not possible anymore

Followup to the genshin thing: The code that allowed for malicious access was extracted from an unpatched version of the game, and can now be deployed on systems of people who haven't even heard of genshin.

I´m surprised no one talks about how activision/blizzard pushed ricochet anti-cheat to NOT work with streamers cheaters like Zlaner, Mutex, Zymphony, Nadia, Natarsha, ALL Faze clan etc etc

The best anticheat is called local play/couch co op! Had the best time playing back when we played some old counterstrike at LAN parties because we knew no one cheated!

Anti cheat can't win, because anti cheat has to install itself on the PC, so people who create cheats always have access to it and can work out how to get around it. Kernal level access does not prevent certain cheats at all either, its why all of these games have cheaters usually on day 1. Kernal level access introduced vulnerabilities but does not prevent hackers anymore than less intrusive anti cheat.

@ssarkos5148

Жыл бұрын

It doesnt seem like you have much knowledge about how anti cheats or operating systems in general work. Kernel level access can prevent many cheats from working. Obviously cheat developers will try to analyze and find ways around the anti cheat, but there are many ways to make that harder like obfuscation, packing and so on. If the anti cheat isnt kernel its useless anyway since the cheat can simply shut it down since it has kernel access and the anti cheat cant do anything about that.

@cmerk100

Жыл бұрын

@@ssarkos5148 As someone who used to cheat and get around kernal level cheats. It doesn't matter by going to the relevant private forums, downloading the latest bots and newest exploits, I'm perfectly aware of how it works and have cheated the shit out of many games. Kernal or not doesn't matter. I remember one games kernal cheat detection was simply turned off and the game launched anyways so cheating was rampant. Also there's lots of cheats that do things that kernal level access just can't detect as a "cheat engine" because it uses an entirely different vector, like reading colors on screen and requires no injection or alteration of the game at all. You really just don't know anything.

@ssarkos5148

Жыл бұрын

@@cmerk100 Of course it matters whether the anti cheat is kernel or not. Why else would companies with developers that have more experience than both of us together chose to go that route? Just because you downloaded some cheats of unknowncheats doesnt mean that kernel is useless. Since you dont even know how to spell the word "kernel" I assume your just a skid that has no idea what he is talking about. And I am well aware of pixel bots and ai aimbots, I would actually consider myself an expert in that field because I have researched that topic for over 4 years and made various uc posts about it. Vanguard for example does an excellent job at detecting cheats that just read colors of pixels.

@cmerk100

Жыл бұрын

@@ssarkos5148 I literally did the cheats. My mispelling on my phone does not invalidate that it's easy to get around those protections. Get off your high horse and preach to someone who doesn't know what they're doing so you can feel superior. You can talk all the game you like, but the fact of the matter, every single one of these anti cheating measures has been defeated and botting and cheating is in every single game.

@ssarkos5148

Жыл бұрын

@@cmerk100 The point of anti cheats isnt to defeat cheating but rather to make development as hard as possible. Less developers are able to create cheats -> price of cheats increase -> less cheaters

Hitman pro portable - you run it when you want, not running in background processes, a few minutes scan and virus problem solved. Not preventing from getting viruses but good at deleting them when you notice. The most simple method is to take a picture of all your processes on a nonvirus computer and whenever you download something from suspicious websites check in your process list if something new and weird is not running in the background.

Best quote from this: "Kernel......It's like Corn." hahahahahha

I already knew about the dangers if anti-cheat systems were compromised. Although you can't deny the anti-cheat, or you'll be unable to play the game at all. I do hate kernel level anti-cheat, because cheaters still easily bypass it, and it basically makes all the extra permission given seem dumb, for offering no actual benefits. It doesn't really stop you from playing against cheaters, it only prevents amateurs from running "free" cheats, which could easily be prevent/detected without the need of kernel access. An experienced or premium money spending cheater will always get through.

@Akab

Жыл бұрын

That's what I do, I avoid practically all games that have such measures implemented without any way to bypass it. (I know that's not an option for everyone though) Not because I'm cheating (I mainly play offline games) but because of security concerns and the fact that I should be allowed to modify what I want on MY device, performance impacts and ... I just hate drm.

riot vanguard is incompatible with photoshop because the moment you run valorant photoshop would break completely and be unable to draw at all. This however has been fixed after some time but it caused me to have a 4 hour headache fixing it for a friend reinstalling everything only to find out it only broke when valorant was run.

Reminds me of the uproar with VRChat getting Easy-Anti-Cheat.

@Akab

Жыл бұрын

Rightfully so! 👍 A gam- not even a game where cheating was also never a problem as there is no competitive online gameplay should not have an anticheat(actually more used like DRM software in that case) especially when they rely on community driven content.

It's pretty interesting to talk about the dangers of anti-cheat and then being sponsored by Guardio which is a Chrome extension that analyzes cookies and your browser data and can be the vehicle of ransomwares, scripts and so on.

The last commit to the github repo he showed is like 2 years ago, pretty sure it doesn't work anymore

In no way shape or form is it "commonly" know what kernel access to a computer is. That computer term flies over the head of people and a more blunt or open conversation of what this means would honestly deter people from getting used to anti-cheat systems. If you ask anyone that when they go shopping, even for a few minutes, if they leave their door unlocked. More often then not they will tell you that they don't leave their door unlocked. Now if you tell them that they will get a 10% discount in a store as long as they leave their door unlocked in the parking lot, I know same may, cause they are idiots, but almost no one will be okay with that. Also the store may also get fined or sued for advertising such a thing. Computer terms is still not common speech and most people will not understand what this video means.

The kid shitting in the pool analogy was surprisingly good lol

11:12 reason why I don't play valorant even when I actually want to also not to mention the ransomware threat of a kernel-level anti-cheat being hacked. funny how you can't run valorant on a virtual machine to bypass the threat of your own machine possibly being snooped on or even more important removing the ransomware threat altogether cause it would just stay on the VM and you can just kill if it actually does happen somehow.

And this is not just for multiplayer, as shown in the video most single player stuff nowadays runs Denuvo, which is DRM (Anti piracy) but is as bad if not way worse than multiplayer anti-cheats. It ruins performance, it is ring 0, some games require you to be always-online even when playing singleplayer, its just stupid

If companies put half the effort into their anti-cheat as the industry does into the average microtransaction shop we would never ever have a hacker in any game ever.

security vulnerabilities will always be a thing. developers will ALWAYS be on the back pedal since they are always playing catch up.

A few little fun facts for better education. First: Easy Anti-Cheat originally developed in 06 and was bought by Epic in 2018, it was already a well known software prior, using the same invasive tactics as BattleEye. Secondly: There are different tiers of security and most games that use an anti cheat only use the most basic tier, which has 0 protection. Game developers need to make more built in passive protection and not rely on third person "specialist". ON A VERY IMPORTANT SIDE NOTE: A lot of paid hacks operate on the kernel level and copy your whole OS and mirror that to anti-cheats making them basically invisible and undetectable. While kernel level Anti-cheats can double as spy-ware, can possibly cause you to reinstall the OS if it starts deciding needed operations are not needed. That said, you're most likely always being monitored by someone somewhere. The only way to not risk being hacked is to not own any tech that has any of your sensitive info on it. Sucks don't it. lol

your car analogy reminded me that bmw was going to have a subcription service inbuilt into features the cars they will sell already have and will be killswitched unless your paying a tiered subscription. how long do you think it will take for workarounds to this system? or another thing about cars is that hackers could gain control of a cars systems through the tire pressure sensor reporting module and could disable a cars brakes. imagine your car is affected and the hackers pull up next to you and demand your money and phone to get them to turn your brakes back on. what happens if you comply and htey simply drive off and leave you to crash?

This is why i dont play online games anymore. Single player offline. Or split screen co op for me. And honestly i have never had more fun playing games. I didnt realize how much online gaming was ruining my ability to enjoy gaming until i stopped and started playing single player games. I highly recommend it.

Upperechelons hate for genshin made him drop a pretty big inaccuracy. The Genshins anti cheat issue doesnt require you to have ever used Genshin. The hackers yoinked the entire anticheat kernel and use that. You don't ever need to have heard of Genshin. It's the same with other kernel anti cheats

Most home users are protected from remote access through network address translation and network protocol standardization. You have to open up a hole for which a hacker can use. I would be more concerned about privacy issues than security issues, though there is a lot of overlap with that. The information gained by a foreign government is worth quite a bit.

@CasperHaasnoot

Жыл бұрын

NAT is not a firewall, not even close. And it definitely won't protect you from any zero-day exploits. Opening ports is far from the only way for someone to get into a system. I wouldn't dismiss the security issues as lightly, though I definitely agree about the privacy issues here as well!

@tacosyk

Жыл бұрын

It's more or less the same risk as if a developer got hacked, pushed an update which you download, and you accept the UAC prompt without thinking cause you've always done so, and bam. Obviously regarding the video, looks like he's sponsored by Guardio which is absolutely fucken trash and I would never recommend anyone to install it. Video immediately lost all credibility for me when he mentioned it.

Battle Eye fucked up Rainbow 6 Siege. The game stutters for 10 secs every 2 mins. I think this only happens to Nvidia users. I'm assuming cause I asked some friends around, some of them get the stutters, some don't. Most of the effected people were Nvidia users. I think they got something going with AMD. This has been going on for 2 months.

They lost to private cheats that sometimes don't get detected for years.

That's a great idea, require developers to have their anti cheat digitally signed just like a GPU driver. If it doesn't get signed the game can't be loaded

Very recently, a game called VRChat added anti-cheat... But the problem is: VRChat isn't a competitive game. It's a multiplayer social game where you go to hang out with people. So basically, the community went nuts about it, because it broke mods that were extremely commonly used to make VRChat better, or even more accessible to players with disabilities. It also caused VRChat to stop working on some people's PCs, and to lower performance of the game. Which is not something you want to do with a VR game. FPS actually, truly matters when low FPS can cause nausea and headaches, as is the case with VR sickness. The event pushed a fair few people to try VRChat's competitors. And I suspect a chunk of players simply don't do social VR at all anymore, because maybe they didn't find VRChat's competitors to their liking either. Both of those competitor's game servers were hit pretty hard by the influx of new users.

There is a lower level access to your pc than ring 0, its hardware level. And there were some devices that came with hardware level viruses in the past

This is why mudahar has always been right, run your pc on a virtual machine

@taylon5200

Жыл бұрын

Exactly 👌

Pretty much any multiplayer game you play has kernel level anti cheat. For some reason people believe that only some games do that but its literally almost every mainstream game. This is necessary because if cheaters operate in ring 0 and you dont, you already lost the cheating war. Apart from that an application doesnt need kernel access to destroy your system or steal your data. You probably have dozens of vulnerable drivers on your system right now that can be exploited.

There's actually such thing as -1 & -2 kernal levels nowadays.

That is why you have 2 computers, one only for gaming and the other for all other stuff.

Once I saw god mode was a thing in black ops 1. I’ve always second guessed how someone killed me. And I’d literally watch the kill cam just to be sure.

I remember dudes in halo 2 that could jump to the moon and rain headshots. Straight aimbot. However hackers in rust are so much worse. Imagine you spent the last 3 hours gathering loot. Hacker takes it from 500 meters with aimbot.

The reason people complain about anti cheating some games and not others usually had to do with performance issues

@Akab

Жыл бұрын

Performance and the fact that every human being on this planet hates DRM

remember waiting for VAC to load on cs only to log into a server and veryones got hacks on

EAC was made by swedes for cs 1.6 if im not wrong to start with, if they still run the project now theres literaly nothing to worry about.

The problem is that if a game has an anti-cheat that is NOT at kernel level, then hacker will just create an hack that run on kernel level and bypasses the anticheat, rendering it useless

3:10 right!? like how on planetside2 on emerald server, the outfits "War Pigs" and "Bushido Wae" are known for their officers/leaders producing cheats and you being required to pay for those cheats to get high ranks. ANYONE in or associated to those outfits I immediately assume is cheating if they have the slightest bit of apparent skill... they had "outfit wars" recently that were streamed and spectated so war pigs - who usually dominate large battles - went 0-3 in the first round without their cheats on, it was hillarious I digress, the stigma of 2 large known outfits of cheaters makes you doubt the legitimacy of any player, except maybe recursion, since they have legit talent scouts ha-ha.

There are two underlying problems with these gaming companies developing Ring 0 software. Regardless of whether the anti-cheat purpose is honorable or not. 1. Most people have no idea about the risks. Your average person says they want to play the game, so they just click install. 2. The qualifications of the companies writing these applications. Do you trust the game developer in the same way as you trust your operating system developer. It isn't necessarily an issue that Ring 0 code is out there. The issue really is some random software development company is asking its consumers, who don't know any better, to put the same level of trust in their work as you would for example Microsoft if your running Windows. If you're running Windows, you've conceded that you have given some level of trust in Microsoft to make their operating system secure. Do you put that same level of trust in a game developer from another country that doesn't have 30+ years of operating system development experience under their belt. That's the problem really. These game development companies are asking people to give them same level of trust and access as you do for the company that developed your operating system. And people don't really even know this is happening, they just want to play a game, so they click the install button. This isn't that people are making a "risk evaluation" in most cases because most people do not understand what the risk is. Sure they don't want cheaters in their game, but the vast majority of people have no idea what the risks actually are so they aren't making a decision that it's acceptable risk.

I quit playing shooters years ago because the solo campaigns were dull and the multiplayer full of cheaters.

1:40 Standby cheats in Halo 2 were a bit awful. Even worse, but entertaining, were completely unfair mods like flying + infinite auto-snipe; even a modified spawn mid-air and failling downward into a death trap for the entire game.

id rather take 0% chance and not install anything using an anticheat. ive had nothing but problems running anything using (easy anti cheat) which is one of these that he was speaking of, ive had system lockups among other things with every game i have that uses it, not even attempting another game that runs one of these.

can't take this video serious when it starts with something like "chrome ; security ; extension" lol...

19:16 thats not the case for genchin, hacks have been working for the last 4 major updates, I think as long as it doesn't affect the gacha system they don't care

I really don’t keep any files of value on my pc I just use it for gaming.

I quit Warzone in Nov. 2021 because of the hackers.

I uninstalled norton 360 because of the insane amount of non emergency popups

Wasn’t there a game that had anti-cheat cranked up to 11 a few years ago and they had to turn it down because it was banning people for just using capture programs??

Something to point out is that Genshin only runs if you are admin

wonder how long until info comes out that Guardio is actually stealin all that info its warning you about n sellin it lol. how tf else they affording advertising

As someone who has been around the video game cheat scene for several decades now, the developers have absolutely won. There's really no such thing as free multiplayer cheats any more. Anything released for free will be flagged and users will be banned within days or weeks, at most. Even paid cheats get detected all the time and putting an account at risk these days is a way bigger risk than it used to be. In CS 1.6 if you were banned, you just made a new account and lost literally nothing. In modern multiplayer games if your account gets banned you could possibly lose months or years of account progress. Not to mention cheat creators ask some ridiculous prices, we're talking $100/month for a cheat for 1 game. And they'll still usually get caught in ban waves. EasyAntiCheat is so good even most private cheat providers won't even touch a game using it. Because of all of this the multiplayer game cheating scene is pretty much dead. There will always be hackers, cheaters, and exploiters, of course, but the community that existed back in the late 90's early 00's is gone.

A lot of this is cap. Yes there is a chance this could happen to you, just like whenever you go out there's a chance you might get sick(the chance of getting ransomware is so much lower). The chances are low enough we still take the risks and for most people nowadays, we store our important data in cloud services. So if you were to get ransomware, you can just format your computer and still have all of your important files. So for the average user, a ransomware is not as harmful as it was before if you take other precautions.

I think most dont care about hackers, until a player happens to be just the right person hackers are looking for. Then they have you. that thing about china is interesting too, with how mainstream gaming is nowadays, l can see a guy in the white house getting caught by this trap just coz they decided to play genshin

@faznanbadri6854

Жыл бұрын

its just a coincidence most of the online game especially for mobile you can login with facebook, line, google account. you dont have to register to the game website now.

@slainthemaid

Жыл бұрын

huh?

close to 1million people have been banned as of march 2022 from cod roughly in a 2yr period from what i could find

faceit might not work on the kernel level... but they somehow think they own you're PC when you join faceit.

Virtual machines, lets come together and and fusion into great gundan Mutahar!

Lol in GTAV the cheaters can intercept your cheat report and then kick you out of the session.

@Akab

Жыл бұрын

Doesn't surprise me when the game doesn't even have its own servers and was built like peer to peer software (basically the one hosting the game literally IS the server and therefore can modify everything on it)

it's more practical to have a dedicated gaming rig, without any personal information and a separate laptop or something for actual computer use, it's ridiculous

Tf2 when you find cheater: Our battle will be legendary

kantoraketti watching asmongold is definitely a suprise for me 2:44

Denuvo is hated by gamers in general. It's intrusive DRM software and I don't feel the doom eternal problems came from the anti cheat but much more from the overall performance effects denuvo has on games. Nevermind the crack community absolutely hates it and I for one often try a crack version of a game to figure out if I think I'll like it or not as unfortunately my purchases of video games aren't tax deductible and I don't want to start streaming purely to make it so. Basically if I was in asmons position I'd just but all the games straight up

But did they try putting the games behind 7 proxies?

Listening to Asmongold talk about cheats in FPS games is like listening to any casual

@bloduwedd

Жыл бұрын

Cheating is not only fps exclusive

I'd say it is a bit exaggerated but it doesn't mean companies (specially big ones) could run user level drivers instead. However, the big downside for them is to run heavily on server side computation. So at the end of the day, one can expect kernel level anti cheat on most games with online options. That is not to say it is remarkable however, I personally would say most common threats are on hardware drivers. Also, if you get malware with the cloned driver with kernel access thats on your routines, not specially on a developer or game design intentions.

@spider21152

Жыл бұрын

@@AndresLionheart Yes this is correct, he hates the game with a burning passion

@unknowlegend2107

Жыл бұрын

@@spider21152 so much Infact he lied about the genshin ransomware case

@navalhabr

Жыл бұрын

Yeah, UEG hates genshin for no reason. His "Why i hate genshin" video is full of lies.

The Guy in the Video missed the fact that this vulnerability in their Kernel Application stays a Problem, even after a Patch. To Hack a Game with such Anti Cheat you have only 2 Options, you can find an vulnerability in the protected Application itself which allows you to load your program / turn off the anti cheat (most common way) or you have to go onto the Kernel by yourself, but a Hacker can not just write an Application which has Kernel Access, because Kernel Drivers have to be signed by Microsoft. so what they actually need first is a valid signed Kernel Driver with a vulnerability which allows them to load their payload onto the Kernel which can be used for cheating in Video Games or ANYTHING else on your System.

I think it’s a legit concern for games that are “dead” to an extent. No active development and whatnot. Though, I don’t know enough to even give a specific example.

Immediately lost all credibility when he mentioned Guardio. An absolute shit, extremely intrusive product (At least when I was testing it a while back) I wouldn't recommend anyone to try.

Nearly every game now is running some kind of anti-cheat, moreso kernel level. So all this does is create more fearmongering than informing.

@Akab

Жыл бұрын

"Nearly every game" is a little bit exagerated. Maybe the bigger ones, yes. If it was for nearly every game, i wouldn't have much to play because i tend to avoid such games. 👍

Dead By Daylight has “easy anti cheat” and people are literally getting DDOS’ed because of it (mostly streamers of course)

Blizzard's warden likes to stay live after you kill the game.

EAC doesn't run at kernel level on Linux, i can't play some games, why would I want to anyway?

It is cat and mouse. If someone is Uber competitive, it’s like anabolics in sports. Most these warzone pros and apex pros cheat. People will do anything with money on the line. Cheating and anticheat will always be around so long as competitive gaming and streaming is around.

I think the real reason doom eternal got soo much of an outcry was them adding denuvo after the game had already been out for some time. So it was added much later and people felt it was a bait and switch.

I dont care about anti cheats in mmorpg because current mmorg are crappy shit anyway by design, but I would prefer in single players games with multiplayer, to have the option of choose if I want to log in into a server with anticheat or without it because of the reasons covered in the video. I would also like to have the option of mount my own private server in case I want to play with friends instead of random unknown shitty cheaters.

This is a hard conversation. This is really fucking hard to have because at what point is it too far. Is it too far now? How do I engage with entertainment when there is such a risk? There's no solution. I've a light CyberSec background but these things make also being a gamer a fucking conflict of interest.

Cybersecurity is not a game of cat and mouse lmao. It’s a game of catch where the developers are always playing catch up.

I’ve been locked out of games for no reason due to anti cheat systems

Standby....ah the memories...

Has anyone told him about Actman's video on how his quiting Halo Infinite?

Anti-cheat is another word for open Phishing on your personal data by hackers looking for that.

For me, it tastes sweeter to defeat a cheater.

He's using X-Ray vision (seeing enemies/players through walls and obstacles), most first person shooters on consoles have X-ray vision as a official standard game play mechanic. 0:35 On PC X-ray vision always was a cheat/hack.

Ah yes. The halo 2 lag switch. I remember getting hit by that.