It looks like this driver is being actively used in malware, too: https://www.fortinet.com/blog/threat-research/interlock-rans...
I don’t know about that particular game, but it could be the case that the devs intentionally ripped off the driver from it.
It doesn't matter that user mode software is also vulnerable. We actually have mitigations against many of those user mode problems. Separate user accounts for example. Games can't exfiltrate your browser data if they can't read them.
Obviously kernel mode software can bypass all sorts of operating system controls. Bypassing those controls is the whole reason why they implement anticheat in kernel mode. If they can't bypass these controls, it means the operating system is more powerful than the anticheat, which means it can be defeated.
Yes, proprietary software is inherently untrustworthy and could be malware in disguise. Nobody disputes this, it's happened before and will happen again. It's a good idea to invest in a properly virtualized system where all those games are contained and kept completely separate from the real system. Yet another reason why we don't need idiotic anticheat software bitching about the fact it's been virtualized.
> For the life of me, I couldn’t find a way to do it without having the game installed. There was no web portal and no obvious support route.
They have am email in their privacy policy, which is generally where you should look if you want to delete your account
Meanwhile they could have used EAC for free (with weaker protection than Rust/Apex/Fortnite, mind you, but still) which would both provide better game security and not be a vulnerable driver (until proven otherwise - and I’m not seeing a lot of proof despite any anticheat driver being reverse engineer targeted to hell and back)
So could you delete the account from inside the game at the end or it requires contacting the customer support?
If Microsoft wants Windows to be more stable and secure, they should provide built-in anti-cheat support in the OS. That would reduce the need for third-party kernel drivers in the first place.
If someone wants to sell something that comes with a driver, the driver needs a modicum of care applied to it. This is of course also on Microsoft for signing these things, although that ship sailed ages ago.
Yes, I wouldn't expect every studio to need their own team - game studios can buy anti-cheat middleware, and the middleware can compete on not being total junk (which is how the industry already works, with a side helping of these more obscure awful drivers and a few big studios with their own).
> If Microsoft wants Windows to be more stable and secure, they should provide built-in anti-cheat support in the OS.
I guess they could have users approve a set of signed applications that would get some "authenticated" way to read address space and have an attestation stapled to it? It's actually kind of an interesting idea. The hardest part here would be that each anti-cheat tries to differentiate with some Weird Trick or another, so homogenizing the process probably isn't appealing to game developers really.
Anti-cheat could go the opposite direction, with basically a "fast reboot" into an attested single process VM sandbox, but this has issues with streaming/overlays and task switching which are a bit thorny. I've always thought that this might be the way to go, though - instead of trying to use all kinds of goofy heuristics and scanning to determine whether the game's address space has been tampered with or there's a certain PCIe driver indicating a malicious DMA device or whatever, just run the game in a separate hypervisor partition with a stripped down kernel+OS, IOMMU-protected memory, and no ability to load any other user code, like a game console lite.
Coop games might don't need as much security as competitive games, as some games do not have global state, or the global state is simply cosmetics. Since nowadays all the anticheat you can buy (except VAC) are kernel mode you'll have to accept the security risk just to have fun with your friends.
As much as I dislike anti-cheat in general (why incorporate it instead of just having proper moderation and/or private servers? Do you need a sketchy third-party kernel level driver to police you to make sure you're "browsing the internet properly in a way that is compliant with company XYZ's policies", or even when running other software like a photo editor, word processor, or anything else? It's _your_ software that you bought.) something similar is already happening with, e.g, Widevine bundled in browsers for DRM-ed video streaming.
I agree that having some first-party or reputable anti-cheat driver or system, is probably preferable than having different studios roll out their own anticheat drivers. (I am aware there are studio-level or common third party common anti-cheat solutions already, such as Denuvo or Vanguard. But I would prefer something better)
No one wants to become a moderator, they do it out of necessity. So it's pretty much the other way around: a lot of anticheats were, and are, originally developed by community members for private servers (because you're not deploying a 3rd party anti-cheat onto first party servers). BattleEye was originally for Battlefield games. Punkbuster for Team Fortress. EasyAntiCheat for Counter Strike. I even remember Starcraft Brood War 3rd party server ICCUP with a custom 'anti-hack' client requirement.
You still see this today with Counter Strike 2 private servers Face-IT: they have additional anti-cheat not less. Same with GTA V modded private server, FiveM have anti-cheat they call adhesive.
And then game developer saw that players are doing that, so they integrate the anti-cheat so that players do not have to go downloading/installing the anti-cheat separately. Quake 3 Arena added Punkbuster in an update for example.
Because game studios these days are all about global matchmaking. Private servers aren't really a thing any more except in more niche games. Instead you (optionally with a party) queue for matchmaking. Every game has to have a ranked ladder these days, it seems.
I miss the days of Tribes 2 or CS1.6 when games had server browsers
Only Apple really has enough platform lockdown to achieve that. Whatever Microsoft ships would have more holes than swiss cheese (not that I'm opposed to that or anything).
I heard with Denuvo reverse engineering work needs to be done for each individual target to unprotect it, but I'm not sure how this will be the case with a first party anti-cheat driver.
As for plain Windows, lets see how Crowdstrike changes will reflect on anti-cheats.
https://www.theverge.com/news/692637/microsoft-windows-kerne...
People could also behave, and then no anti-cheats would be needed anywhere, but that is utopia.
Sorry game companies, the answer is paid moderation, I know it cost money and I know you don't like to pay but there's no way around it.
If the company lacks the competency to write secure driers, they should outsource the work or have it validated externally.
These things could be solved by spending money. Stop excusing dangerous actions performed in the name of greed.
The responsibility of securing a platform should not fall on application developers anyway.
