96
"We have investigated ourselves and have found we have done nothing wrong."
this post was submitted on 18 Mar 2024
96 points (100.0% liked)
Games
18825 readers
1158 users here now
Video game news oriented community. No NanoUFO is not a bot :)
Posts.
- News oriented content (general reviews, previews or retrospectives allowed).
- Broad discussion posts (preferably not only about a specific game).
- No humor/memes etc..
- No affiliate links
- No advertising.
- No clickbait, editorialized, sensational titles. State the game in question in the title. No all caps.
- No self promotion.
- No duplicate posts, newer post will be deleted unless there is more discussion in one of the posts.
- No politics.
Comments.
- No personal attacks.
- Obey instance rules.
- No low effort comments(one or two words, emoji etc..)
- Please use spoiler tags for spoilers.
My goal is just to have a community where people can go and see what new game news is out for the day and comment on it.
Other communities:
founded 2 years ago
MODERATORS
That's exactly how i read that. It's so bizzare that they get kernel access to so many computers, and don't even do the thing that they are supposed to do.
It's really disturbing how popular the notion that rootkit-based anti-cheat is a good thing is on the internet at large.
I love it when a thread like this comes up on Lemmy every single comment condemns EAC's whole anti-cheat model.
Y'all are all right.
While I am sceptical of rootkit based anti-cheat as well, I am also not a fan of how quickly everyone has jumped to assuming this is EAC's problem and not a problem with Apex Legends, is there some solid evidence for that that I'm just unaware of?
Kernel level and root kit are two different things. Please don't confuse them.
Says the company that took three years to implement a shopping cart for their shitty store.
If I was a hacker, I would be spending most of my effort attacking anticheats. Installing spyware on people's computer to prevent cheating is wrong. They should be doing what devs did before anticheat was invented - server side moderation.
I dunno about non-driver anti-cheats like EAC but Genshin Impact's kernel-level anti-cheat has been used to aid ransomware. Driver-level anti-cheat is certainly malware, that has been settled since Sony-BMG.
Sony-BMG.
Jeez that's a blast from the past. I remember the absolute shock and horror going around the internet when that story broke then it instantly being exploited by some clever dickhead for malware which I'm sure caused someone in Sony to have a cardiac arrest.
Honestly, most people who make cheats were also previously developers for anti-cheat software.
While I agree that anti-cheat software is spyware, server side moderation by humans would be incredibly costly on the company.
My vote is to just not have official servers for games anymore. Package the dedicated server files with every client and let the people playing the game host their own servers. Problem is solved twofold: server-sude moderation is now much more viable, and server hosting costs for the developers is eliminated.
While I agree that anti-cheat software is spyware, server side moderation by humans would be incredibly costly on the company.
It would also do a poor job at quickly responding to cheaters. Which is fine in some games, but in more competitive titles, the difference between a cheater getting caught in a round or two and a dozen or so is a big deal, with how many people had games effected.
My vote is to just not have official servers for games anymore
Nah, official servers are great for anything competitive, since they provide a single definitive competitive ladder and player base. Nobody gives a fuck about challenger rank 1 on Joe schmoe's home server where it's him and his buddies from school. Not to mention how difficult 8t would be to balance a game with next to no data to use.
Imagine being this balls deep in propaganda, like yeah and you're not cool unless you have an iPhone 15 and Gucci belt type vibes
What the fuck are you smoking that enjoying a consistent competetivie environment is propaganda?
gamers aren't usually a prime target, except for cryptominers...
an anticheat based cryptominer worm would be pretty terrible, now that i think about it...
gamers aren’t usually a prime target, except for cryptominers…
Don't many gamers often have a lot of money, considering those huge libraries of games as well as those very expensive PCs, I feel like it would make sense to target them, at the very least for the possibility of commandeering and selling their accounts, plus the ones who download this malware by opting to play games with Anti-cheats and bullying their friends who are unwilling or on the fence into using it, it seems like they would be easy targets.
If you were an actual hacker you'd be targeting web sites and Linux servers. Because that allows you to spread your payloads across huge populations easily.
I don't know much about anti-cheat development, but it can't possibly be that hard to at least implement something that checks whether a player even could have done something in a certain amount of time which would eliminate a lot of speed related cheats, and for the rest, why not look at data averages to try to weed out cheaters?
I know combing through the data is probably complicated, but so is installing kernel level anti cheat software that has to monitor every single process running on a person's computer.
It's cheaper to install malware.
That's all there is to it: cost.
So if it isn't a RCE vulnerability, what vulnerability is it?
Their wording is actually quite deliberate. They say there isn't one being exploited, but they do not explicitly say that there isn't a RCE vulnerability.
It kinda stinks of ass coverage.
"I did not have sexual relations with that woman"
Yeah, it stood out to me.
It's always in what they don't say.
If they say it's not a RCE vulnerability, it could still be a privilege escalation vulnerability etc. They avoided saying their software isn't being exploited or "we have seen no evidence our software has been compromised", or "there is no clear signs...".
Which gives a little wriggle room.