good writeup! thanks!
If League of Legends needs super admin mode, it's no longer my computer. I'm sharing it with Tencent. I can't trust them ( specifically a disgruntled employee) to not install key loggers and other really nasty things.
I treat it as though there's a random russian dude watching my every move through RDP keylogging all my inputs (and for how many one-off cracked programs have been installed on there over the years, it's not impossible).
I can't imagine keeping my password manager and primary accounts logged-in on the same computer I have rootkits like Riot Anticheat and technical disasters like Marvel Rivals installed on.
This is a terrible idea if you think this will keep you secure. Windows provides direct access to update motherboard firmware and CPU microcode/management engine.
Seems like an insanely difficult thing to do to target like .5% of users.
Firstly that a game developers main concern is getting their product functional, keeping that way, and that they can make money on it to make the whole endeavour worthwhile. There's already a lot of game releases where it comes across getting their idea working out the door is a lot higher up the list than the 'details' and attention to working great on the PC platform. Then that gamers will come in a wide range of skill/knowledge levels for their PCs, from those that treat them as glorified consoles to others that know every detail of their workstation.
Dual booting adds more admin and complexity, and in a way it's admitting that the trust level in software is so low your OS can't sandbox things out, that stuff you're running is taking liberties or just enough effort to fulfill its task, and you're going to the extent of running a console in a separate partition but running it is mutually exclusive with the serious OS. I'd guess a lot of people who felt strong enough would just have 'serious OS' be another device, most likely a phone but alternatively laptop, which would seem to marginalize what they use the windows install for.
We might have better computer security than with Windows 95, but the level of isolation we need to have a semblance of security is very rare and it's very easy for people to slip.
Arguably they could have already gotten all sensitive user data without that privilege if their program was hacked
im not sure if a gaming os would help there.
it would be helpful if OSes wouldnt allow things like malicious drivers but this is an extremely hard problem in light of people loading known vulnerable drivers and exploiting those...
you could argue that a lot of drivers could live in ring 1 or 2 rather than ring0, but that no OS implements.
working on an OS to try and think of solutions to this types of issues, but u know... if u can wait like 40 years maybe it will be done (and likely it will be vulnerable in different ways :(( )
ultimately a combination would be best, hardware tailored to be secure and allow secure software to be developed for it, but the same can be said for phones and pc's etc .
most modern cpus have quite a lot of hardware security features which are often not ideally implemented or not used. they also offer features that can allow software to enhance security, bit that is also rare. for example you _could_ use certain extended cpu registers to allow for taint tracking etc, but this likely kills game performance, and is not even done for trivial applications despite being proven to mitigate entire classes of vulnerabilities. (its quite complicated to implement too as the hardware isnt taking into account such features for such purposes)
relevant: https://xkcd.com/1200/
kernel/root/ring0 might sound super scary, but if there's any sort of code execution on linux/windows, practically speaking it's already game over.
