You needn't use your real name, of course, but for HN to be a community, users need some identity for others to relate to. Otherwise we may as well have no usernames and no community, and that would be a different kind of forum. https://hn.algolia.com/?sort=byDate&dateRange=all&type=comme...
Isn’t it trivial to defeat this type of AC? Grant your program SeDebugPrivelege and open a handle to the AC process. Inject away. NOOP any memory scanning routines.
That's a good point. It will be a bit harder, but not entirely impossible. Position independent code/memory layout will complicate any attempts to modify the AC.
How does that work with having say 2 copies of the same OS (Win) on the same computer? On 2 separate drives? If I have the game on one does the kernel access affects both or just one? Obviously I'm not an expert but I actually want to give a game a try but I'd not install just on its own as is. Apart from buying an other PC or waiting an eventual console release I wonder what else can be done
If you install Windows on two separate drives, each copy of Windows has its own kernel drivers, so the Valorant installer would only install the driver onto the drive you were currently using. As far as I know, you can't install multiple copies of windows onto the same drive (barring partitions).
It’s important to know that Riot Games is 100% owned by Tencent, making it a Chinese company.
This doesn’t even mean a grand conspiracy is required. They have an office in Shanghai, so it’s trivial for the CCP to persuade a couple employees and leverage this as a kernel level backdoor into hundreds of millions of western PCs.
If you think this is unfounded speculation, remember US intelligence was accusing Karspersky with distributing malware for Russian state backed cyber operations just a number of years ago...
Or the recent BGP hijackings on US ranges that are transparently obvious by China Telecom.
> "This isn’t giving us any surveillance capability we didn’t already have," Riot noted in its blog post (using language that isn't exactly comforting on its own). "If we cared about grandma’s secret recipe for the perfect Christmas casserole, we’d find no issue in obtaining it strictly from user-mode and then selling it to The Food Network."
So not only are they injecting kernel level code and running it from boot, but they're being flippant about the level of control this gives them and downplaying the security implications here.
This gives me serious pause, because I have work on my gaming machine too, some of which is confidential client information, and confidential personal information as well. It's getting to the stage that games, a distraction, can't be trusted to be on the same machine as anything else.
I've been gaming on a Mac for years. There are many Windows-only games, but I don't really miss that operating system. Between native Mac ports and the Nintendo Switch/3DS, my gaming needs are well covered. When there's something I really badly want to try on Windows, I fire up CrossOver, Parallels, or Boot Camp, in that order.
Right now the GPU in my 2019 16" MBP (5300M) seems to be good enough for everything I want to play, and the 5500M is said to be even better. Of course the problem remains optimization for macOS which most ported games don't have.
Apple Arcade is actually a ray of hope, even for core gamers. There's some good stuff on it, give it a try.
Right now I'm going to remove anything Riot-related I find on my macOS installation.
I wonder if this also prevents running the game if you have Hyper-V or Hyper-V based technologies (Windows Defender protection, Container support, WSL2) installed. That would be a real bummer - because you can't game on your dev-computer then.
I have a problem with it, even ignoring the Chinese influence or any direct spyware/vulnerability issues.
If it's seen as a good idea then soon everyone will want to do it and our computers will suddenly be back in the hellscape of 00's browsers. I don't want to know what my computer will be doing when 10 companies' kits are actively competing with each other, the OS, anti-virus etc.
For those who don't know, Riot Games recently released a closed beta of Valorant, their new game with this anti-cheat. Valorant is a direct competitor to Valve's CS:GO, borrowing it's core loop and even some of its weapons.
It's interesting to compare the two approaches to anti-cheat that the two companies are taking here:
* Valve use VAC, an unobstrusive memory scanner in user-space with an emphasis on never having false positives.
* Valve use machine learning on game replays to detect obvious aim-bots and spin-bots
* Valve enlists the community via the "Overwatch" program to review game recordings and spot cheaters.
* Valve supports CS:GO on Linux.
* Leveraging your Steam history, Valve creates a "Trust Factor" score for every player and keeps trusted players together.
* Riot uses ring-0 scanners.
* Riot will not allow you to run Valorant in a VM.
* Riot will ban specific hardware if a cheat is detected. Beware when buying 2nd hand motherboards!
* Riot does not allow you to host your own Valorant servers (this makes hack-vs-hack servers, which some people enjoy, impossible)
I think that in the long run Valve's approach, particularly with Trust Factor, will be proven the better of the two.
Recently I tried to get Dirt Rally 2.0 to run on my Linux gaming machine. Apparently, according to ProtonDB [0], the solution to get it to work is installing a fully trusted root-certificate from Codemasters on your system (not only in the Wine/Proton environment) [1].
In case you don't know, this means Codemasters can now man-in-the-middle every https connection from your computer. This is insane imho.
I tried to comment on that thread but they need full system information before you can post anything on ProtonDB.
25 comments
[ 3.4 ms ] story [ 61.7 ms ] threadYou needn't use your real name, of course, but for HN to be a community, users need some identity for others to relate to. Otherwise we may as well have no usernames and no community, and that would be a different kind of forum. https://hn.algolia.com/?sort=byDate&dateRange=all&type=comme...
https://news.ycombinator.com/item?id=22230168
https://news.ycombinator.com/item?id=22870975
This doesn’t even mean a grand conspiracy is required. They have an office in Shanghai, so it’s trivial for the CCP to persuade a couple employees and leverage this as a kernel level backdoor into hundreds of millions of western PCs.
If you think this is unfounded speculation, remember US intelligence was accusing Karspersky with distributing malware for Russian state backed cyber operations just a number of years ago...
Or the recent BGP hijackings on US ranges that are transparently obvious by China Telecom.
So not only are they injecting kernel level code and running it from boot, but they're being flippant about the level of control this gives them and downplaying the security implications here.
This gives me serious pause, because I have work on my gaming machine too, some of which is confidential client information, and confidential personal information as well. It's getting to the stage that games, a distraction, can't be trusted to be on the same machine as anything else.
The iOS/macOS sandbox, for games purchased through the App Store/Apple Arcade, provides some degree of reassurance.
Which is a shame, I'd love to use it for more, but it's poorly supported.
Right now the GPU in my 2019 16" MBP (5300M) seems to be good enough for everything I want to play, and the 5500M is said to be even better. Of course the problem remains optimization for macOS which most ported games don't have.
Apple Arcade is actually a ray of hope, even for core gamers. There's some good stuff on it, give it a try.
Right now I'm going to remove anything Riot-related I find on my macOS installation.
If it's seen as a good idea then soon everyone will want to do it and our computers will suddenly be back in the hellscape of 00's browsers. I don't want to know what my computer will be doing when 10 companies' kits are actively competing with each other, the OS, anti-virus etc.
It's interesting to compare the two approaches to anti-cheat that the two companies are taking here:
* Valve use VAC, an unobstrusive memory scanner in user-space with an emphasis on never having false positives.
* Valve use machine learning on game replays to detect obvious aim-bots and spin-bots
* Valve enlists the community via the "Overwatch" program to review game recordings and spot cheaters.
* Valve supports CS:GO on Linux.
* Leveraging your Steam history, Valve creates a "Trust Factor" score for every player and keeps trusted players together.
* Riot uses ring-0 scanners.
* Riot will not allow you to run Valorant in a VM.
* Riot will ban specific hardware if a cheat is detected. Beware when buying 2nd hand motherboards!
* Riot does not allow you to host your own Valorant servers (this makes hack-vs-hack servers, which some people enjoy, impossible)
I think that in the long run Valve's approach, particularly with Trust Factor, will be proven the better of the two.
https://www.youtube.com/watch?v=ObhK8lUfIlc
Recently I tried to get Dirt Rally 2.0 to run on my Linux gaming machine. Apparently, according to ProtonDB [0], the solution to get it to work is installing a fully trusted root-certificate from Codemasters on your system (not only in the Wine/Proton environment) [1].
In case you don't know, this means Codemasters can now man-in-the-middle every https connection from your computer. This is insane imho.
I tried to comment on that thread but they need full system information before you can post anything on ProtonDB.
[0]: https://www.protondb.com/app/690790
[1]: https://gist.github.com/PeXArtZ/020931f0182cafe84c623b5584da...
There is no cloud, it's simply somebody else's computer.
Welcome to the next level where even your personal computers is somebody else's.