Ask HN: What prevents Microsoft from adding a 'secure mode' to combat cheating?
Could Microsoft (using them as an example since gaming is my focus) implement something in the kernel so that applications can "opt in" at the request of the user to be isolated from other processes?
Imagine I run a game server and demand that players who play on it must put their client into secure mode where even if they have root or admin rights, they can't read or write to the memory of the secure process.
Is there any technical or other reason why MS doesn't provide a secure layer inside of windows for applications like online games?
12 comments
[ 4.4 ms ] story [ 39.7 ms ] threadYes
Any calculation or data that client could send to your server could equally be calculated or sent by a hacked copy running in an insecure environment.
See: Netflix 4K requiring Kaby Lake processors for their on-die DRM solution.
> Netflix 4K requiring Kaby Lake processors for their on-die DRM solution.
Just a matter of time before it's reverse engineered. It's not secure by any means. You can prove this by using the same technologies to allow anyone to download (but not use, due to DRM) a private key associated with a lot of cryptocurrency, and see how little time it takes before someone steals the money.
As much as a recall it’s not as much Anti Cheat but anti tamper that could be used to detect cheating and then be used to disable access to online gaming or just shutdown the game right there and then.
In its current form it much ask you for permission to monitor your game and is only available for UWP titles and I have yet to be pestered about such premission though the only recent UWP game I currently play is the latest Forza Horizon.
The current hacks are aim triggers, aim lock, aim/spray assist, and some close proximity wallhack.
The cheats calculate the recoil spread and auto lock to enemy heads. It’s obviously not as a bad as before with client side bullets, but it is still a problem.
I'm not sure how you could feasibly prevent the remaining hacks server-side as they're nigh-indistinguishable from player skill, if the hacks supply some non-determinism/jitter so you're not instantly snapping to a player's head when they're behind you.