The Dangers of Anti-Cheat Software | Asmongold Reacts
HTML-код
- Опубликовано: 12 сен 2024
- Asmongold Reacts to The Dangers of Anti-Cheat Software - ft Genshin Impact
Original Video by Upper Echelon Gamers • The Dangers of Anti-Ch...
Support Upper Echelon Gamers guard.io/UpperE...
► Asmongold's Twitch: / zackrawrr
► Asmongold's Twitter: / asmongold
► Asmongold's 2nd YT Channel: / zackrawrr
► Asmongold's Sub-Reddit: / asmongold
Thank you all for watching! Stay tuned and subscribe to the official Asmongold RUclips Channel to always be kept up to date about the best Asmongold Highlights, Asmongold Reacts and funniest Asmongold moments from World of Warcraft, Elden Ring, Lost Ark, Final Fantasy 14 (FFXIV) and other games played on stream!
Channel Editors: CatDany & Daily Dose of Asmongold
► 🎸 Outro song: CatDany - Get Enough
If you own the copyright of content showed in this video and would like it to be removed:
► / catdanyru
►
#Asmongold
the problem isn't that anti-cheat exists, its that they are not as secure as they should be and also that they ask for more access than they should have. it would be analogous to a website requiring you to give your phone number and credit card just to load every page so they could verify you're not a bot. the problem isn't that websites exist or that they have anti-bot systems, its that they don't need nor deserve to have that much control over your data just to do what they aim to accomplish.
there's a reason why in IT, we practice least privilege
The real problem is that these anti-cheat programs are all proprietary. If they were free software, I would have no problem installing them (first obviously skimming through the source code).
@@-_-_-_-_ exactly we need open source standards for cheat software, allow the masses to design and counter a massive problem.
@@kenkensistoso haha, why we SHOULD practice it. Usually it's not followed very well by IT...then Security hounds them over it :D
@@FrazzaJ2000 haha, should've said we practice it most of the time
The trade of system security for game integrity isn't a trade that most people make. It's a trade that most developers make on behalf of and unbeknownst to their customers, because let's be honest how many people are really going to read the details specifications of every single 3rd party license when installing a video game they paid for? I'll wager 99 % of users who receive a windows admin pop-up when installing a game simply assume it's because the executable needs admin permissions in order to write to the disc - not because they're perpetually giving the software they're installing permission to run in the background with above-admin level permissions.
That's really a big problem. It's the same with accepting EULA's and lawmakers know this so if a company puts something unexpected in it you're not contractually obligated to it. We really need the same for installed software. The business practice to just include shitware in any install process should be illegal, the same for popups and whatever else... for the most part the law doesn't really address any of it
Won't change till a mass exploit occurs and the anticheat software developers get sued. The developers probably won't even lose the lawsuit but if it gets media coverage it'll change the industry perception.
if you care this much about system security. You shouldn't download the game, if you suspect the company will steal your info with the anti cheat software, the application is already enough to do EVERYTHING.
@@user-yd5dx5hw4xlol, not like kernel level access 😅😅, its not the same thing. With kernel level access the application and anyone who gain access to it has the permition to do anything on your system, like accessing other aplicantions on memory in real time. Lol i suggest that you search about it before making this comparison
With kernel level access even encryption is useless, because the rootkit can read your keys from the memory 😅😅😅
holy fuck that kid shitting in the pool analogy had me crackin up. I almost spat the water i was drinking.
Thank God you didn't shit in the water you was drinking
@@awal7994 amen brother
POOL DOODY!
Teaches you not to drink from the pool
This is exactly why I've gone to play more single player lately. It's simply way more calming, and I don't have to worry about cheating.
Yet some single player games do in fact have this bullshit looking at you doom
@@Sharticus94 Some do, yeah. Plenty don't, though, thankfully.
This is why I skipped Fallout 76. Also cause it’s crap lol
Anything PvP related will always have cheaters. For consoles, idk if their are cheaters
@@maramba32 if you watched the video, close to the begining, Echelon is at an article telling that there are cheats on console
The dirty secret is that many games use anti cheat simply to avoid having to implement proper server authoritative design. Some games like Fps genre have valid reasons to prevent client side cheating, ie aiming and seeing others behind obstacles.
Asian games are the worst especially mmo's. Instead of proper client/server design they use anti cheat and/or rely on analytics to catch players after the fact.
100% this. I can understand people accepting the risk with something like a shooter where you don't have much choice - but even then, it likely doesn't need to be ring 0. But MMOs and other games claiming this is just straight laziness from devs. Most non-FPS games just use it as a cheap off the shelf system to avoid actually building more effective and appropriate solutions leveraging server authority because it saves money and the market has shown that gamers are willing to install ring 0 security holes anyway.
@@metallibuss so much this! They'll have an anti-cheat in their game, but make it possible to deposit a negative amount into your bank account, which just gives you free resources because... removing a negative ads to your stack.
But the goal has always been less about preventing in-game cheats rather than preventing users from having multiple accounts running at once.
The issue here is that the game companies are putting clients at risk in order to prevent a problem on their end.
The anti-cheat developers should use a different method that doesn't make user's vulnerable to begin with.
The developer's are the ones responsible for maintaining the games, and they can't do it at the expense of the players, protecting the game from hacker by making the players vulnerable to hackers is ridiculous.
This type of anti-tamper/cheat protection is a root-kit. A root-kit. IT IS A ROOT-KIT!!! A debate is just superfluous. YOUR choices are the important part here:
This technology is not transparent (by design ... obviously). If you have problems with that ... don't play the game.
Also by design this piece of software has more control over YOUR HARDWARE than the administrator account. If you have problems with that ... don't play the game.
The software is controlled, updated (for good or the worse) and operated remote, from someone you don't know from afar. If you have problems with that ... don't play the game. (list goes on and on and on, you get it)
BY DESIGN this type of technology shares the same problems as anti-virus snake oil: It is always a race between malware(here cheats) authors versus security engineers. The "bad guys" are ALWAYS (by design) one step ahead.
THE DESIGN of giving the potentially "bad guy" FULL ACCESS to the protection device/software, behind the "bad guy's" closed door, in his mad villain laboratory (comedic vibes intensify), to tamper with is comedic enough in itself:)
That the root-kit is produced by a third party (from the view of the game developer) is seen as a quality feature by them, while in reality they just know nothing, like the consumer, about anything. It's the industry-proven "Out of sight. Out of mind." seal of quality. Hehehehe
A big problem is of course that you 12 year olds (hey you ... 30 old cave-crawler ... you are addresses, too:P ) think that you are entitled to play that game. You are not. And no one hatches a conspiracy against you, if you cannot play a game for whatever reasons. For example it is out of any debate that I install a piece of software that gives arbitrary strangers control over my intimate, personal and private actions and data. Does it hurt that I cannot play the newest graphical, hyped, better than a slice of bread BS game? Yeah, maybe a little. But that's LIFE! There is a decision you can make: Install the root-kit, or not. One side will maybe hurt you ... with consequences for the rest of your lifetime. The other path of choice will hurt the right ones, at the only level they understand: the quarterly figures of the company.
Maybe the NEXT game then will be without snake-oil and the money for this highly problematic "protection system" will be invested into making the game better. But that is wet dream of us gamers and probably -science- management fiction.
Have a gg!
P.S.: A well proven mitigation against cheaters in-game is moderation. This will cost money (Oh, and this is an ongoing item that costs money) for the company. Well, that simply contradicts the goal of getting the most out of us players, i.e. maximizing profits. We are figures. Just figures for them. Hey and I do not talk about the honest game developer or the enthusiastic artist and writers. Somewhere up the food-chain in that company (and in no doubt from the view of investors) you are just a number in their income books. Oh, and we all voted for exactly that. We deserve how the environment for games, publishers and developers is nowadays, because we enabled it to be exactly this way. But in the exact way we can change it. Vote with your purchase ... and please ... do not think with your guts. There is too much BS in it, hehehe!
Gamers Unite! Fight against StarForce!!!
@@dieSpinnt Moderation isn't the solution for all games and is generally only applicable to games where third parties/players/clans host the servers (Minecraft, Valheim, Battlefield 2, COD before they got rid of hosting) and front the cost of moderation, and subscription games where the cost of active moderation is offset by player subscriptions. Free-to-play games like Fortnite and Apex Legends can not put all their eggs in moderation as it is too expensive and they will eventually go into the red without a predictable flow of income to pay for moderators.
I wish more games had player/clan hosted servers like back in the day so moderation is done by the players who are invested in the game and the health of their server, but this isn't possible right now given companies want to sell you their microtransactions so they need a way to secure it. So really the root cause isn't lazy developers, it is the publishers who want to continue to sell you stuff and make sure you can only use the stuff you purchased. Protecting against cheaters is just the message they want you to chew on and forget about their stake in ensuring users don't modify code to spoof in-game purchases. Why is it you think once microtransactions started happening that self-hosted servers just up and disappeared for games? Publishers are way to big and you won't be able to get enough clout across their catalogue of games to actually make them rethink their strategy. What it will take is some hacker who'll blow up everyone's systems with these kernel level anti-cheats which will get people's attention about the issue OR players can't play anymore and the publisher's quarterly reports take a nose dive because microtransactions can't be bought. Or both!
Or none of this will ever happen and we'll always have kernel level anti-cheat systems and something worse will happen, who knows!
My main issue with anti cheat is that a lot of the time I've found that it takes up extra CPU power for little to no benefit as even with games that have multiplayer modes (Dragon Ball Xenoverse 2 for example) I play predominantly in the single player mode so the anti cheat is taking up resources for no benefit. I also do not like software like that having higher access to my PC than me, in fact I'm of the opinion that once you buy a pc you the end user should have access to everything in your pc which includes kernel access.
The end user can have acces to everything. Only normies don't have full access because they don't understand how their operating system works as well as those who use a very limiting OS.
It's good as it is, people who don't know the system shouldn't have access to all its potential. Imagine guys updating their expensive motherboards with the wrong bios version. So now all those expensive motherboards have dual bios just in case dumb gets to the core.
You can self-sign a driver and run it on your system if you want to. You can also disable signature enforcement. You can abuse a vulnerable driver to run code in the kernel. The anticheat doesn't have higher privileges than you do. Also, you wouldn't have the same issue with graphics drivers or antimalware software which also run in the kernel.
That being said, the negligence of security is a big problem for anticheat software, especially with the ones that aren't distributed with many games. For example, there was a driver shipped with the Brazilian version of Faceit (can't remember what it's called) that allowed read/write of physical memory. It wasn't really even an exploit, it was just how the driver was designed.
Anticheat should've stayed on the server side and it shoul have never even been considered installing it on the client!
Rule no. one in networks is always "don't trust the client" for a reason.
@@GENKI_INU stop talking about stuff you dont know shit about
Security is less of a cat-and-mouse game and more of a desperate chase after the hackers and attempts to find vulnerabilities before they are exploited. The hackers are usually ahead - many of the vulnerabilities are found and no one knows for how long they might have been exploited, others are found after someone exploits them and gets found out. With anti-cheat, the problem is that the people who write the kernel-level stuff for the anti-cheat are possibly (maybe even probably) not people who should write anything that runs in ring 0 ever.
true
what is ring 0
@@neotower420 When the Kernel loads. Before the drivers, OS, Apps, etc.
@@neotower420
To put it simply: Ring 0 is basically the key to the castle.
@@neotower420 The general idea is that when you have an operating system that runs user applications like web browsers, you don't want the user applications to be able to access parts of the OS. There are actually 4 rings in total, 0 - 3. Some older operating systems used more of them but now they mostly use only 0 and 3 - 0 being privileged and 3 being unprivileged. This is also supported on a hardware level in the processor. The processor checks the privilege level of the process (program) that's currently running and if it tries to access for example OS memory and does not run in ring 0, the processor does not perform the operation and throws an exception, which the OS can detect and react to. This whole mechanism provides protection to sensitive stuff on your computer. The problem is when a vulnerable piece of code runs in ring 0. Then this code can be exploited and the attacker can obtain ring 0 privileges through it. Anti-cheat software is not the only kind of software that's problematic. Device drivers can pose a similar security risk - since drivers usually interact directly with hardware such as SATA disks they have to run in ring 0 in order to be efficient (this is not a rule, drivers can run in ring 3 as well) - switching from ring 3 to ring 0 takes additional instructions that take time to complete and you want your SSD to be as fast as possible. The difference between device drivers and anti-cheat is that I'd trust a person who codes device drivers more than people who code anti-cheat software. Many drivers are open-source as well (on Linux, at least) which makes finding vulnerabilities easier as they can be peer-reviewed by anyone with enough expertise to understand them. I don't think anyone would open-source an anti-cheat software as that would defeat its purpose.
I used to make simple bots for MMOs for grinding using C++ and low level WinApi calls.
There were MMOs which had functions like select closest target and auto attack(not WoW), where I would put the game in window mode, capture certain areas of the screen then send key presses using the keyboard driver. The bot would basically "press" the select the next target key, "see" if a health bar appears, "press" attack(s) keys, monitor the health bar or status log (eg: You gained xxxx XP), "press" the pick up items key for x times every random 200ms to T seconds between, "press" select next target again, check if a new health bar appears and so on...
These kind of cheats are very hard to detect because the cheat program doesn't touch anything related to the game (does not read memory, does not inject anything into the game process), it just captures the screen and sends input through the keyboard driver, at which point is basically impossible to detect if the human pressed the button or not.
In most cases, anti-cheat hides bad programming - exposing too much data to a client that "might" need it and the servers accepting user input without validating that input, because they relay on "client-side" validation. I get it that in some cases server-side validation is too expensive and would be game breaking - it was in the past atleast (eg: for shooter games) - maybe for those cases Ring0 "anticheat" programs would still be useful? Don`t know.
Anyway if I was an online game developer company, I would invest in training an AI model capable to flag suspicious behavior both in client inputs and also in server received messages.
Having a catch all solution "anticheat" with basically godlike - install / kill - capabilities is not a good solution because it will not stop cheaters - there will always be a way to exploit some aspects of a game to gain unfair advantages also adding the possibility that those "anticheats" could be exploited by some malicious entity.
My 2 cents.
i feel like most people don't realize that the moment they connect themselves to any kind of network, they are opening themselves to risks and abuses, it's doesn't matter if you use the best products for your usage, there will always be vulnerabilities, it's just a matter of how determined the hacker is
True... It's like with door locks, it's only there to prevent easy access, but if someone really wants to get in there, he will
The only 100% way to be risk-free, is to NEVER use the internet at all. I guess...
@@rasmachris94 That's definitely an exaggeration. A home is a physical space and there are enough physical tools to break through any home materials. They can just brute force their way in. Tech doesn't work the same way. If I setup a desktop and don't connect it to the internet, try as they might, a hacker can't just will their way in. Connecting it to the internet and installing an OS can open some doors, but not all doors are created equal. A system with things like EAC installed are just hands down much more vulnerable and more likely to have holes that can be exploited than ones that do not.
It's not like once any one hole exists, the whole system is compromised - the more holes you put in, the more hacks you are prone to - not all holes/hacks are created equal.
@@metallibussI will reiterate. The only safe pc is one that is not connected to the internet and behind a locked door. Even then sneakerware could be a concern
Valorant has one of the sketchiest anti-cheat systems to date (Vanguard). Literal rootkit that gives kernel level access to your PC.
Which is precisely why I never installed it and other games with similar anti cheats.
@@doublejesusful The difference is Riot Games is 100% owned by Tencent.
@@danyo6938 Doesn't matter who has sketchy kernel access.
China, the EU, or the U.S will abuse this power and abuse your personal information.
Do you think Facebook, who isnt even a video game company, or have anything with anti cheat, care about you? They know everything there is about you, and thats without having acess to your computer.
So just letting you know, that a company doesnt need to have kernel level acess to your device to know you.
@@doublejesusful absolute copium 💀 who said it was unauthorized anyways? Just because you “accepted ToS” doesn’t make it not shitty lmao
@@115DELDE sure but you know we have people fighting this because we have a constitution.. and rights . It’s been in court for years.
Isnt the genshin just false, it was a discovered vulnerability through a complex and convoluted workaround that would be hard to achieve. And it was found at a cyber security convention, not used
the guy in the vid did not do his research good enough lol. There is a vunerability yes, but it was found by a researcher and so far there hasnt been a big case with i yet as far as i can see
It is false, he just hates the game so he doesn't bother to do his research properly.
I had never heard anything about this so I just found a Vice article, and according to that you'd have to download something that would give hackers remote access to your computer in the first place. On top of that it said you didn't even need the game installed, because once they had remote access they could just directly install the anti-cheat themselves and then use it.
Exactly, it's not got to do with the game, it was the issue of Microsoft approving Genshin's anti cheat as safe or something and hackers simply used it for their purposes. You could get hacked simply by being on the internet.
@@sadpepe9256 99% of these type of videos never really does their research because they just to shit on genshin just because they dont like the game
It's pretty interesting to talk about the dangers of anti-cheat and then being sponsored by Guardio which is a Chrome extension that analyzes cookies and your browser data and can be the vehicle of ransomwares, scripts and so on.
I had halo 1 for the pc, i still remember it till this day i had a geforce 3 at the time and my graphics card would make the person with stealth match the color of the skybox so they so i could see them across the map as plain as day i alway found it fun sniping them. When i explained the situation and the graphics card limitation got called a cheater... I remember when gaming card manufacters werr behind cheating cause some would let you go into wireframe mode which were essentially wall hacks
My own experiences:
TNT2 + Flyff = Some wacky form of wallhack.
Asus x800 + Rising Force Online = Detect incoming enemies because the game froze a second to load some textures.
@@Ralki That happen with Dark age of Camelot for me you new the enemy was approaching cause you would get an fps dip
I really don't like this dude's videos. He makes these issues sound way worse than they actually are. The Genshin one for example was only a problem if you were already vulnerable and your system had already been compromised. He made it sound like every user is at risk, and that is not true.
Anti cheat can't win, because anti cheat has to install itself on the PC, so people who create cheats always have access to it and can work out how to get around it. Kernal level access does not prevent certain cheats at all either, its why all of these games have cheaters usually on day 1. Kernal level access introduced vulnerabilities but does not prevent hackers anymore than less intrusive anti cheat.
It doesnt seem like you have much knowledge about how anti cheats or operating systems in general work. Kernel level access can prevent many cheats from working. Obviously cheat developers will try to analyze and find ways around the anti cheat, but there are many ways to make that harder like obfuscation, packing and so on. If the anti cheat isnt kernel its useless anyway since the cheat can simply shut it down since it has kernel access and the anti cheat cant do anything about that.
@@ssarkos5148 As someone who used to cheat and get around kernal level cheats. It doesn't matter by going to the relevant private forums, downloading the latest bots and newest exploits, I'm perfectly aware of how it works and have cheated the shit out of many games. Kernal or not doesn't matter. I remember one games kernal cheat detection was simply turned off and the game launched anyways so cheating was rampant. Also there's lots of cheats that do things that kernal level access just can't detect as a "cheat engine" because it uses an entirely different vector, like reading colors on screen and requires no injection or alteration of the game at all.
You really just don't know anything.
@@cmerk100 Of course it matters whether the anti cheat is kernel or not. Why else would companies with developers that have more experience than both of us together chose to go that route? Just because you downloaded some cheats of unknowncheats doesnt mean that kernel is useless. Since you dont even know how to spell the word "kernel" I assume your just a skid that has no idea what he is talking about. And I am well aware of pixel bots and ai aimbots, I would actually consider myself an expert in that field because I have researched that topic for over 4 years and made various uc posts about it. Vanguard for example does an excellent job at detecting cheats that just read colors of pixels.
@@ssarkos5148 I literally did the cheats. My mispelling on my phone does not invalidate that it's easy to get around those protections. Get off your high horse and preach to someone who doesn't know what they're doing so you can feel superior.
You can talk all the game you like, but the fact of the matter, every single one of these anti cheating measures has been defeated and botting and cheating is in every single game.
@@cmerk100 The point of anti cheats isnt to defeat cheating but rather to make development as hard as possible. Less developers are able to create cheats -> price of cheats increase -> less cheaters
Followup to the genshin thing:
The code that allowed for malicious access was extracted from an unpatched version of the game, and can now be deployed on systems of people who haven't even heard of genshin.
I've had 2 hackers in the same pubg game a few months ago and it was hilarious. They actually kick hackers out in the middle of a game now and we see somebody get booted and thought we could have a nice game but *NOPE* somebody else just starts popping whole squads with the SKS again lmao
Quite a bad video tbh. That guy didn't even bother to look on Genshin thing past headlines. He made it sound like there was vulnerability in its anti-cheat and everyone who was playing the game was at risk, but it wasn't the case. The hackers used code from an older version of anti-cheat to get that access. It had nothing to with if you had the game installed or not. Because of it, it felt like he simply had a narrative he wanted to push and stuck to it without actually digging into this problem.
I say, it is far more concerning that it is that easy to fool windows into giving those privileges to fake drivers, then those anti-cheat itself. Like imagine if in order to get access to someone bank account it was enough to simply have a few same features as that person.
The best anticheat is called local play/couch co op!
Had the best time playing back when we played some old counterstrike at LAN parties because we knew no one cheated!
I forgot which game it was-maybe Valorant or CSGO-but someone got caught in a pro tournament installing client-side cheat software onto their computer, so someone might have been cheating at those LAN parties, rofl.
I´m surprised no one talks about how activision/blizzard pushed ricochet anti-cheat to NOT work with streamers cheaters like Zlaner, Mutex, Zymphony, Nadia, Natarsha, ALL Faze clan etc etc
I already knew about the dangers if anti-cheat systems were compromised.
Although you can't deny the anti-cheat, or you'll be unable to play the game at all.
I do hate kernel level anti-cheat, because cheaters still easily bypass it, and it basically makes all the extra permission given seem dumb, for offering no actual benefits.
It doesn't really stop you from playing against cheaters, it only prevents amateurs from running "free" cheats, which could easily be prevent/detected without the need of kernel access.
An experienced or premium money spending cheater will always get through.
That's what I do, I avoid practically all games that have such measures implemented without any way to bypass it. (I know that's not an option for everyone though)
Not because I'm cheating (I mainly play offline games) but because of security concerns and the fact that I should be allowed to modify what I want on MY device, performance impacts and ... I just hate drm.
If I remember right that ransomware case had only anticieat driver part with ransomware program so you didn't need to have kenshing on that machine. I think there was request to search if you have those driver files on local system without link to kenshing then your system was compromised and waiting for commands.
You remember correctly. There wasn’t a request - the attack required a pre-compromised account, which would include permission to download files to the user’s own directories while seeing a sudden request for a Genshin file from outside the game’s install directory (which the attacker wouldn’t normally have write access to, iirc) would be a super obvious tell for antivirus software.
In no way shape or form is it "commonly" know what kernel access to a computer is. That computer term flies over the head of people and a more blunt or open conversation of what this means would honestly deter people from getting used to anti-cheat systems. If you ask anyone that when they go shopping, even for a few minutes, if they leave their door unlocked. More often then not they will tell you that they don't leave their door unlocked. Now if you tell them that they will get a 10% discount in a store as long as they leave their door unlocked in the parking lot, I know same may, cause they are idiots, but almost no one will be okay with that. Also the store may also get fined or sued for advertising such a thing. Computer terms is still not common speech and most people will not understand what this video means.
Upperechelons hate for genshin made him drop a pretty big inaccuracy. The Genshins anti cheat issue doesnt require you to have ever used Genshin. The hackers yoinked the entire anticheat kernel and use that. You don't ever need to have heard of Genshin.
It's the same with other kernel anti cheats
This is why i dont play online games anymore.
Single player offline. Or split screen co op for me.
And honestly i have never had more fun playing games.
I didnt realize how much online gaming was ruining my ability to enjoy gaming until i stopped and started playing single player games.
I highly recommend it.
Reminds me of the uproar with VRChat getting Easy-Anti-Cheat.
Rightfully so! 👍
A gam- not even a game where cheating was also never a problem as there is no competitive online gameplay should not have an anticheat(actually more used like DRM software in that case) especially when they rely on community driven content.
Best quote from this: "Kernel......It's like Corn." hahahahahha
A few little fun facts for better education. First: Easy Anti-Cheat originally developed in 06 and was bought by Epic in 2018, it was already a well known software prior, using the same invasive tactics as BattleEye. Secondly: There are different tiers of security and most games that use an anti cheat only use the most basic tier, which has 0 protection. Game developers need to make more built in passive protection and not rely on third person "specialist".
ON A VERY IMPORTANT SIDE NOTE: A lot of paid hacks operate on the kernel level and copy your whole OS and mirror that to anti-cheats making them basically invisible and undetectable.
While kernel level Anti-cheats can double as spy-ware, can possibly cause you to reinstall the OS if it starts deciding needed operations are not needed.
That said, you're most likely always being monitored by someone somewhere.
The only way to not risk being hacked is to not own any tech that has any of your sensitive info on it. Sucks don't it. lol
I used to be able to use vlc on top of a game to watch a movie while doing boring tasks in a game but due to anti cheat its not possible anymore
riot vanguard is incompatible with photoshop because the moment you run valorant photoshop would break completely and be unable to draw at all.
This however has been fixed after some time but it caused me to have a 4 hour headache fixing it for a friend reinstalling everything only to find out it only broke when valorant was run.
If companies put half the effort into their anti-cheat as the industry does into the average microtransaction shop we would never ever have a hacker in any game ever.
Very recently, a game called VRChat added anti-cheat... But the problem is: VRChat isn't a competitive game. It's a multiplayer social game where you go to hang out with people. So basically, the community went nuts about it, because it broke mods that were extremely commonly used to make VRChat better, or even more accessible to players with disabilities.
It also caused VRChat to stop working on some people's PCs, and to lower performance of the game. Which is not something you want to do with a VR game. FPS actually, truly matters when low FPS can cause nausea and headaches, as is the case with VR sickness.
The event pushed a fair few people to try VRChat's competitors. And I suspect a chunk of players simply don't do social VR at all anymore, because maybe they didn't find VRChat's competitors to their liking either.
Both of those competitor's game servers were hit pretty hard by the influx of new users.
This is why mudahar has always been right, run your pc on a virtual machine
Exactly 👌
security vulnerabilities will always be a thing. developers will ALWAYS be on the back pedal since they are always playing catch up.
And this is not just for multiplayer, as shown in the video most single player stuff nowadays runs Denuvo, which is DRM (Anti piracy) but is as bad if not way worse than multiplayer anti-cheats. It ruins performance, it is ring 0, some games require you to be always-online even when playing singleplayer, its just stupid
They lost to private cheats that sometimes don't get detected for years.
There are two underlying problems with these gaming companies developing Ring 0 software. Regardless of whether the anti-cheat purpose is honorable or not.
1. Most people have no idea about the risks. Your average person says they want to play the game, so they just click install.
2. The qualifications of the companies writing these applications. Do you trust the game developer in the same way as you trust your operating system developer.
It isn't necessarily an issue that Ring 0 code is out there. The issue really is some random software development company is asking its consumers, who don't know any better, to put the same level of trust in their work as you would for example Microsoft if your running Windows. If you're running Windows, you've conceded that you have given some level of trust in Microsoft to make their operating system secure. Do you put that same level of trust in a game developer from another country that doesn't have 30+ years of operating system development experience under their belt.
That's the problem really. These game development companies are asking people to give them same level of trust and access as you do for the company that developed your operating system. And people don't really even know this is happening, they just want to play a game, so they click the install button.
This isn't that people are making a "risk evaluation" in most cases because most people do not understand what the risk is. Sure they don't want cheaters in their game, but the vast majority of people have no idea what the risks actually are so they aren't making a decision that it's acceptable risk.
Battle Eye fucked up Rainbow 6 Siege. The game stutters for 10 secs every 2 mins. I think this only happens to Nvidia users. I'm assuming cause I asked some friends around, some of them get the stutters, some don't. Most of the effected people were Nvidia users. I think they got something going with AMD. This has been going on for 2 months.
The last commit to the github repo he showed is like 2 years ago, pretty sure it doesn't work anymore
The reason people complain about anti cheating some games and not others usually had to do with performance issues
Performance and the fact that every human being on this planet hates DRM
Listening to Asmongold talk about cheats in FPS games is like listening to any casual
Cheating is not only fps exclusive
Hitman pro portable - you run it when you want, not running in background processes, a few minutes scan and virus problem solved. Not preventing from getting viruses but good at deleting them when you notice. The most simple method is to take a picture of all your processes on a nonvirus computer and whenever you download something from suspicious websites check in your process list if something new and weird is not running in the background.
That is why you have 2 computers, one only for gaming and the other for all other stuff.
As someone who has been around the video game cheat scene for several decades now, the developers have absolutely won. There's really no such thing as free multiplayer cheats any more. Anything released for free will be flagged and users will be banned within days or weeks, at most. Even paid cheats get detected all the time and putting an account at risk these days is a way bigger risk than it used to be. In CS 1.6 if you were banned, you just made a new account and lost literally nothing. In modern multiplayer games if your account gets banned you could possibly lose months or years of account progress. Not to mention cheat creators ask some ridiculous prices, we're talking $100/month for a cheat for 1 game. And they'll still usually get caught in ban waves. EasyAntiCheat is so good even most private cheat providers won't even touch a game using it. Because of all of this the multiplayer game cheating scene is pretty much dead.
There will always be hackers, cheaters, and exploiters, of course, but the community that existed back in the late 90's early 00's is gone.
I think the real reason doom eternal got soo much of an outcry was them adding denuvo after the game had already been out for some time. So it was added much later and people felt it was a bait and switch.
Immediately lost all credibility when he mentioned Guardio. An absolute shit, extremely intrusive product (At least when I was testing it a while back) I wouldn't recommend anyone to try.
Most home users are protected from remote access through network address translation and network protocol standardization. You have to open up a hole for which a hacker can use.
I would be more concerned about privacy issues than security issues, though there is a lot of overlap with that. The information gained by a foreign government is worth quite a bit.
NAT is not a firewall, not even close. And it definitely won't protect you from any zero-day exploits. Opening ports is far from the only way for someone to get into a system.
I wouldn't dismiss the security issues as lightly, though I definitely agree about the privacy issues here as well!
It's more or less the same risk as if a developer got hacked, pushed an update which you download, and you accept the UAC prompt without thinking cause you've always done so, and bam. Obviously regarding the video, looks like he's sponsored by Guardio which is absolutely fucken trash and I would never recommend anyone to install it. Video immediately lost all credibility for me when he mentioned it.
That's a great idea, require developers to have their anti cheat digitally signed just like a GPU driver. If it doesn't get signed the game can't be loaded
3:10 right!? like how on planetside2 on emerald server, the outfits "War Pigs" and "Bushido Wae" are known for their officers/leaders producing cheats and you being required to pay for those cheats to get high ranks. ANYONE in or associated to those outfits I immediately assume is cheating if they have the slightest bit of apparent skill...
they had "outfit wars" recently that were streamed and spectated so war pigs - who usually dominate large battles - went 0-3 in the first round without their cheats on, it was hillarious
I digress, the stigma of 2 large known outfits of cheaters makes you doubt the legitimacy of any player, except maybe recursion, since they have legit talent scouts ha-ha.
A lot of this is cap. Yes there is a chance this could happen to you, just like whenever you go out there's a chance you might get sick(the chance of getting ransomware is so much lower). The chances are low enough we still take the risks and for most people nowadays, we store our important data in cloud services. So if you were to get ransomware, you can just format your computer and still have all of your important files. So for the average user, a ransomware is not as harmful as it was before if you take other precautions.
Dead By Daylight has “easy anti cheat” and people are literally getting DDOS’ed because of it (mostly streamers of course)
it's more practical to have a dedicated gaming rig, without any personal information
and a separate laptop or something for actual computer use, it's ridiculous
The problem is that if a game has an anti-cheat that is NOT at kernel level, then hacker will just create an hack that run on kernel level and bypasses the anticheat, rendering it useless
Pretty much any multiplayer game you play has kernel level anti cheat. For some reason people believe that only some games do that but its literally almost every mainstream game. This is necessary because if cheaters operate in ring 0 and you dont, you already lost the cheating war. Apart from that an application doesnt need kernel access to destroy your system or steal your data. You probably have dozens of vulnerable drivers on your system right now that can be exploited.
Wasn’t there a game that had anti-cheat cranked up to 11 a few years ago and they had to turn it down because it was banning people for just using capture programs??
I quit Warzone in Nov. 2021 because of the hackers.
The Guy in the Video missed the fact that this vulnerability in their Kernel Application stays a Problem, even after a Patch. To Hack a Game with such Anti Cheat you have only 2 Options, you can find an vulnerability in the protected Application itself which allows you to load your program / turn off the anti cheat (most common way) or you have to go onto the Kernel by yourself, but a Hacker can not just write an Application which has Kernel Access, because Kernel Drivers have to be signed by Microsoft. so what they actually need first is a valid signed Kernel Driver with a vulnerability which allows them to load their payload onto the Kernel which can be used for cheating in Video Games or ANYTHING else on your System.
Denuvo is hated by gamers in general. It's intrusive DRM software and I don't feel the doom eternal problems came from the anti cheat but much more from the overall performance effects denuvo has on games. Nevermind the crack community absolutely hates it and I for one often try a crack version of a game to figure out if I think I'll like it or not as unfortunately my purchases of video games aren't tax deductible and I don't want to start streaming purely to make it so. Basically if I was in asmons position I'd just but all the games straight up
id rather take 0% chance and not install anything using an anticheat. ive had nothing but problems running anything using (easy anti cheat) which is one of these that he was speaking of, ive had system lockups among other things with every game i have that uses it, not even attempting another game that runs one of these.
I quit playing shooters years ago because the solo campaigns were dull and the multiplayer full of cheaters.
can't take this video serious when it starts with something like "chrome ; security ; extension" lol...
1:40 Standby cheats in Halo 2 were a bit awful. Even worse, but entertaining, were completely unfair mods like flying + infinite auto-snipe; even a modified spawn mid-air and failling downward into a death trap for the entire game.
People aren't against Denuvo because it's at kernel level, but because it uses a significant amount of your PC's resources.
This whole video overall was pretty weird and had a weak point
I really don’t keep any files of value on my pc I just use it for gaming.
19:16 thats not the case for genchin, hacks have been working for the last 4 major updates, I think as long as it doesn't affect the gacha system they don't care
Anti-cheat measures can increase the cost of cheating in video games, which in turn reduces the population of cheaters. Kernel level cheats require software development talent to produce and I’ve seen prototypes of video capture + automated mouse movement cheats on RUclips but since they will cost hundreds to thousands of dollars of hardware only few people will use them, and I can’t reflexively blame on them when I get killed in a FPS game
wonder how long until info comes out that Guardio is actually stealin all that info its warning you about n sellin it lol. how tf else they affording advertising
The thing that fucking grinds my gears regarding these anti-cheats is that ring 0/kernel level access is 100% unnecessary for anti-cheat. It's the companies trying to dig their claws into your system.
UP, UP, DOWN, DOWN, LEFT, RIGHT, LEFT, RIGHT, B, A, START.
EAC was made by swedes for cs 1.6 if im not wrong to start with, if they still run the project now theres literaly nothing to worry about.
If you cut corners in games, you cut corners in life. You will go nowhere. It may not seem like a big deal but it will bleed into other things.
How you do anything is how you do everything.
I agree with you, but let me jump the gun and say what people may inevitably type:
"how does that make any fucking sense, one is a game the other is irl lmao"
but i've always found that counter argument .. interesting. The principle, reasoning and justification for cheating can indeed bleed unto other things due to the numbing and regularity of the act. Tangent, but it's why i dont really see a point in being mean to others online since I treat humans the same online as I do irl. I wouldn't trash talk and insult a passersby irl because "they're a rando, I'll never see them again", which seems to be the same justification for people doing it online
The kid shitting in the pool analogy was surprisingly good lol
11:12 reason why I don't play valorant even when I actually want to also not to mention the ransomware threat of a kernel-level anti-cheat being hacked. funny how you can't run valorant on a virtual machine to bypass the threat of your own machine possibly being snooped on or even more important removing the ransomware threat altogether cause it would just stay on the VM and you can just kill if it actually does happen somehow.
kantoraketti watching asmongold is definitely a suprise for me 2:44
The Point wasnt gotten here. the debate is not about Anti cheat in gerneral, just that the Kernel LvL isnt needed, cause cheater can get around this anyway. Anti cheat doesnt need to have this access to be effective. Its not a question about one or the other.
faceit might not work on the kernel level... but they somehow think they own you're PC when you join faceit.
Norton was so bad in early 2000s that you had to get special tool from internet just to remove it.
Lol in GTAV the cheaters can intercept your cheat report and then kick you out of the session.
Doesn't surprise me when the game doesn't even have its own servers and was built like peer to peer software (basically the one hosting the game literally IS the server and therefore can modify everything on it)
Believe it not EAC stop me from playing a game, so I had to get a refund for the game on steam, now I got the refund but I have no idea why it stopped me playing the game.EAC costed the gaming company a sale.
they dont give a shit bro, it works for 99.99% of people so
Wouldn't tell anyone how to cheat....but if the anti cheat never boots, you never cheated.
Something to point out is that Genshin only runs if you are admin
I remember dudes in halo 2 that could jump to the moon and rain headshots. Straight aimbot. However hackers in rust are so much worse. Imagine you spent the last 3 hours gathering loot. Hacker takes it from 500 meters with aimbot.
There's a metaphor in here somewhere about US society....
I literally work in IT and I never gave a single fuck about any sort of malware. Worst case scenario I format my PC and pretend nothing happened.
He's using X-Ray vision (seeing enemies/players through walls and obstacles), most first person shooters on consoles have X-ray vision as a official standard game play mechanic. 0:35
On PC X-ray vision always was a cheat/hack.
Cybersecurity is not a game of cat and mouse lmao. It’s a game of catch where the developers are always playing catch up.
It is cat and mouse. If someone is Uber competitive, it’s like anabolics in sports. Most these warzone pros and apex pros cheat. People will do anything with money on the line. Cheating and anticheat will always be around so long as competitive gaming and streaming is around.
I stopped playing many PVP game because of cheater, they genuinely ruin the game
any developer that uses easy anti cheat has no integrity or competence
Kernel-mode (Ring 0) and User-mode (Ring 3) should be the point of discussion. Not even Linux uses Ring 1 and 2 these days and to say there is some kind of multi-tier ring system that is actively used is disingenuous. There is a reason why engineers use Kernel/User mode terminology instead. The fact is, any Kernel-mode driver can have the potential to be exploited and these companies should be providing 3rd party audits. The summary of Kernel-mode drivers not being the solution to anti-cheat is wrong, in fact, the cheaters themselves are already installing Kernel-mode drivers with even more exploitive possibilities than they realise. You have to fight fire with fire, but the security of these programs should be verified by 3rd parties, and regularly audited.
asmon's comment at 19:30 has me absolutely laughing. Zero clue
Competitive fps didn't exist when I young enough to be Competitive. Arcade fighters were the what we did back then.
There's actually such thing as -1 & -2 kernal levels nowadays.
So the lesson learned is, if you can afford it, you get two PC's, one exclusively for gaming and the other for everything else. ;)
your car analogy reminded me that bmw was going to have a subcription service inbuilt into features the cars they will sell already have and will be killswitched unless your paying a tiered subscription. how long do you think it will take for workarounds to this system? or another thing about cars is that hackers could gain control of a cars systems through the tire pressure sensor reporting module and could disable a cars brakes. imagine your car is affected and the hackers pull up next to you and demand your money and phone to get them to turn your brakes back on. what happens if you comply and htey simply drive off and leave you to crash?
ban credit and debit card numbers that ppl who get caught cheating use theres a finite amount ppl could actually use
Black list bank account numbers lol
Reloadable visa debit cards, etc. Problem not solved.
you can always use or create a prepaid card so
I can generate new credit card numbers to use for online purchases as much as I like through the app my credit card company provides. Costs me nothing. It's easy and fast.
Always can get a new card 🤣.
Once I saw god mode was a thing in black ops 1. I’ve always second guessed how someone killed me. And I’d literally watch the kill cam just to be sure.
Dont worry guys, Bai Lan, right? Theyre not even trying to hack us!